Mon.May 03, 2021

Buer Dropper Malware Updated Using Rust

Data Breach Today

Proofpoint: New Code Makes 'RustyBuer' Version Harder to Detect Attackers are using a freshly updated variant of the Buer first-stage malware loader rewritten in the Rust programming language to help evade detection, Proofpoint reports

216
216

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

The Last Watchdog

Encryption agility is going to be essential as we move forward with digital transformation. Refer: The vital role of basic research. All of the technical innovation cybersecurity vendors are churning out to deal with ever-expanding cyber risks, at the end of the day, come down to protecting encrypted data. But cryptography historically has been anything but agile; major advances require years, if not decades, of inspired theoretical research.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Chinese Group Apparently Targeted Russian Defense Contractor

Data Breach Today

Cybereason: Attack Used Previously Undocumented PortDoor Malware An attack group, likely based in China, recently conducted a spear-phishing attack against a defense contractor that develops nuclear submarine technology for the Russian Navy, according to the security firm Cybereason

Researchers Explore Active Directory Attack Vectors

Dark Reading

Incident responders who investigate attacks targeting Active Directory discuss methods used to gain entry, elevate privileges, and control target systems

104
104

The Unexpected Cost of Data Copies

This paper will discuss why organizations frequently end up with multiple data copies and how a secure "no-copy" data strategy enabled by the Dremio data lake service can help reduce complexity, boost efficiency, and dramatically reduce costs.

Vulnerability Management: Essential Components

Data Breach Today

Steve Yurich, CISO of Penn National Insurance, on the Need for Frequent Scanning Effective vulnerability management requires more frequent scanning of infrastructure, says Steve Yurich, CISO at Penn National Insurance, who explains his organization's approach

More Trending

Pulse Secure VPN Zero-Day Flaw Patched

Data Breach Today

Permanent Fix Replaces Earlier Workaround Ivanti, parent company of Pulse Secure, published a permanent fix Monday for a zero-day vulnerability in Pulse Connect Secure VPN products that has been exploited to target U.S.

Most Common Causes of Data Breach and How to Prevent It

Security Affairs

Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it? Data breaches are highly damaging and equally embarrassing for businesses and consumers.

Security Incident Leads Scripps Health to Postpone Care

Data Breach Today

News Reports: Apparent Ransomware Attack Also Results in Diverting Emergency Patients San Diego-based Scripps Health, which operates four area hospitals, has been forced to postpone some patient care - and reportedly divert some patients seeking emergency treatment - as a result of what local news outlets say is a ransomware attack.

Expert released PoC exploit for Microsoft Exchange flaw

Security Affairs

Security researcher released technical details and a PoC code for a high-severity vulnerability in Microsoft Exchange Server reported by the NSA.

Insights on Choosing an Identity Verification Solution Provider

Sort through today’s crowded identity verification solutions landscape with our guide, designed to help you choose the right provider based on your unique needs.

Attackers' Dwell Time Plummets as Ransomware Hits Continue

Data Breach Today

Faster Detection Is Good News, But More Speed Still Needed, Mandiant Reports The average amount of time that online attackers camp out in a victim's network - so-called "dwell time" - has been declining, FireEye's Mandiant incident response group reports.

Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Security Affairs

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild.

NSA Offers OT Security Guidance in Wake of SolarWinds Attack

Data Breach Today

Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack.

Don’t Buy Into Facebook’s Ad-Tracking Pressure on iOS 14.5

WIRED Threat Level

The company tells Apple users that tracking helps keep those platforms “free of charge,” but opting out now doesn't mean paying up later. Security Security / Privacy

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

Researchers Find Bugs Using Single-Codebase Inconsistencies

Dark Reading

A Northeastern University research team finds code defects -- and some vulnerabilities -- by detecting when programmers used different code snippets to perform the same functions

85

Identifying the Person Behind Bitcoin Fog

Schneier on Security

The person behind the Bitcoin Fog was identified and arrested. Bitcoin Fog was an anonymization service: for a fee, it mixed a bunch of people’s bitcoins up so that it was hard to figure out where any individual coins came from. It ran for ten years.

Stopping the Next SolarWinds Requires Doing Something Different

Dark Reading

Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale

83

New Buer Malware Downloader Rewritten in E-Z Rust Language

Threatpost

It's coming in emails disguised as DHL Support shipping notices and is apparently getting prepped for leasing on the underground. Malware

IT 102

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

Name That Edge Toon: Magical May

Dark Reading

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card

76

Experian API exposed credit scores of tens of millions of Americans

Security Affairs

Experian API exposed credit scores of tens of millions of Americans due to a weakness with a partner website. Anyone was able to look up the credit score of tens of millions of Americans just by providing their name and mailing address.

Imperva to Buy API Security Firm CloudVector

Dark Reading

The deal is intended to expand Imperva's API security portfolio, officials say

Apple addresses three zero-day flaws in its WebKit browser engine

Security Affairs

Apple has released security updates to patch three zero-days in the WebKit, the Apple’s browser engine, and fixed a zero-day exploited in the wild.

IT 69

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

The Edge Pro Tip: Protect IoT Devices

Dark Reading

As Internet-connected devices become more prevalent in organizations, security issues increase as well

IoT 73

Scripps Health Cyberattack Causes Widespread Hospital Outages

Threatpost

The San Diego-based hospital system diverted ambulances to other medical centers after a suspected ransomware attack. Critical Infrastructure Hacks Malware

Buer Malware Variant Rewritten in Rust Programming Language

Dark Reading

Researchers suggest a few reasons why operators rewrote Buer in an entirely new language

69

New Attacks Slaughter All Spectre Defenses 

Threatpost

The 3+ years computer scientists spent concocting ways to defend against these supply-chain attacks against chip architecture? It's bound for the dustbin. Vulnerabilities

IT 93

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

Dark Reading Celebrates 15th Anniversary

Dark Reading

Cybersecurity news site begins 16th year with plans to improve site, deliver more content on cyber threats and best practices

Deepfake Attacks Are About to Surge, Experts Warn

Threatpost

New deepfake products and services are cropping up across the Dark Web. Web Security

ICRM Announces Members of Mentor Committee and Calls for Mentors

IG Guru

Greetings from the ICRM Mentoring Committee, Since the ICRM began offering a mentoring program for all exam parts in 2020, we have seen a tremendous growth in the number of individuals requesting mentors for their certification process.