Sat.Dec 11, 2021 - Fri.Dec 17, 2021

article thumbnail

Microsoft Patch Tuesday, December 2021 Edition

Krebs on Security

Microsoft , Adobe , and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that is already being actively exploited. But this month’s Patch Tuesday is overshadowed by the “ Log4Shell ” 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw.

Libraries 297
article thumbnail

The Log4J Vulnerability Will Haunt the Internet for Years

WIRED Threat Level

Hundreds of millions of devices are likely affected.

Security 110
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

In 2021, law enforcement continued making a tremendous effort to track down, capture and arrest ransomware operators, to take down ransomware infrastructure, and to claw back ransomware payments. Related: The targeting of supply chains. While some of these efforts have been successful, and may prevent more damage from being done, it is important to realize that headline news is a lightning rod for more attacks.

article thumbnail

Hackers exploit Log4Shell to drop Khonsari Ransomware on Windows systems

Security Affairs

Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines. Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell vulnerability ( CVE-2021-44228 ) to deliver the new Khonsari ransomware on Windows machines. Experts warn that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines.

article thumbnail

Customer Experience Management: Optimizing Your Strategy for Financial Success

Speaker: Diane Magers, Founder and Chief Experience Officer at Experience Catalysts

In the world of business, connecting the dots from experience to financial impact is an essential skill. Transforming customer engagement, Voice of Customer (VoC) insights, and Journey Maps into tangible financial outcomes poses a significant challenge for most organizations. To gain buy-in from the C-Suite and key stakeholders, it’s crucial to illustrate how Experience Management translates into clear, measurable business results.

article thumbnail

NY Man Pleads Guilty in $20 Million SIM Swap Theft

Krebs on Security

A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities.

Passwords 341

More Trending

article thumbnail

ROUNDTABLE: Cybersecurity experts reflect on 2021, foresee intensifying challenges in 2022

The Last Watchdog

Privacy and cybersecurity challenges and controversies reverberated through all aspect of business, government and culture in the year coming to a close. Related: Thumbs up for Biden’s cybersecurity exec order. Last Watchdog sought commentary from technology thought leaders about lessons learned in 2021– and guidance heading into 2022. More than two dozen experts participated.

article thumbnail

A phishing campaign targets clients of German banks using QR codes

Security Affairs

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. Threat actors continue to use multiple techniques to avoid detection and trick recipients into opening phishing messages, including the use of QR codes. The messages used in a campaign recently discovered by cybersecurity firm Cofense use QR codes to deceive users of two Geman financial institutions, Sparkasse and Volksbanken Raiffeisenbanken, and steal digital banking inform

Phishing 136
article thumbnail

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware. It also found affected hospitals had tens of thousands of outdated Windows 7 systems, and that the health system’s IT administrators failed to respond to multiple warning signs

article thumbnail

Cybersecurity ‘Vaccines’ Emerge as Ransomware, Vulnerability Defense

eSecurity Planet

Cybersecurity vaccines are emerging as a new tool to defend against threats like ransomware and zero-day vulnerabilities. Cybersecurity firms have released “vaccines” in recent days to protect against the widely used STOP ransomware strain and the new Apache Log4Shell vulnerability. Germany-based G Data CyberDefense released software designed to trick the STOP ransomware variant into believing that a targeted system has already been compromised and keeping it from encrypting files af

article thumbnail

How to Stay Competitive in the Evolving State of Martech

Marketing technology is essential for B2B marketers to stay competitive in a rapidly changing digital landscape — and with 53% of marketers experiencing legacy technology issues and limitations, they’re researching innovations to expand and refine their technology stacks. To help practitioners keep up with the rapidly evolving martech landscape, this special report will discuss: How practitioners are integrating technologies and systems to encourage information-sharing between departments and pr

article thumbnail

SHARED INTEL: LogJ4 vulnerability presents a gaping attack vector companies must heed in 2022

The Last Watchdog

As we close out 2021, a gargantuan open-source vulnerability has reared its ugly head. Related: The case for ‘SBOM’ This flaw in the Apache Log4J logging library is already being aggressively probed and exploited by threat actors — and it is sure to become a major headache for security teams in 2022. “This vulnerability is so dangerous because of its massive scale.

Libraries 181
article thumbnail

Flaws in Lenovo laptops allow escalating to admin privileges

Security Affairs

The ImControllerService service of Lenovo laptops is affected by a privilege elevation bug that can allow to execute commands with admin privileges. Lenovo laptops, including ThinkPad and Yoga families, are affected by a privilege elevation issues that resides in the ImControllerService service allowing attackers to execute commands with admin privileges.

Security 133
article thumbnail

What Are the Cyber Security Trends Around the World?

Thales Cloud Protection & Licensing

What Are the Cyber Security Trends Around the World? madhav. Thu, 12/16/2021 - 10:36. Technological and societal developments and a pandemic have utterly changed the business landscape as we knew it. Enterprises have massively adopted multiple cloud platforms, moving data, applications and services outside the traditional corporate perimeter. At the same time, the COVID-19 crisis illustrated how criminals actively take advantage of a vulnerable society.

Security 126
article thumbnail

Kronos Ransomware Outage Drives Widespread Payroll Chaos

Threatpost

Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses and vacation tracking.

article thumbnail

The Essential Guide to Analytic Applications

Embedding dashboards, reports and analytics in your application presents unique opportunities and poses unique challenges. We interviewed 16 experts across business intelligence, UI/UX, security and more to find out what it takes to build an application with analytics at its core. No matter where you are in your analytics journey, you will learn about emerging trends and gather best practices from product experts.

article thumbnail

What are the benefits of cyber security as a service?

IT Governance

With organisations’ cyber security requirements becoming more complex and the threat of cyber attacks growing each year, many decision-makers are turning towards cyber security as a service. This approach, also known as managed cyber security, works by outsourcing cyber security to a third party. Organisations such as IT Governance that offer cyber security as a service assign dedicated experts to oversee the organisation’s data protection and data privacy needs.

Security 127
article thumbnail

Two Linux botnets already exploit Log4Shell flaw in Log4j

Security Affairs

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. The attempts were carried out by Muhstik and Mirai botnets in attacks aimed at Linux devices.

Honeypots 133
article thumbnail

How to Create a Winning Sales Channel

Thales Cloud Protection & Licensing

How to Create a Winning Sales Channel. jstewart. Wed, 12/15/2021 - 17:43. 75% of world trade flows indirectly through channel sales. What are you doing to optimize your channel partnerships and get the most value from channel selling? What are channel partners? A channel partner is an organization that you partner with to market and sell your hardware, software or SaaS solution.

Sales 126
article thumbnail

When is a Scrape a Breach?

Troy Hunt

A decade and a bit ago during my tenure at Pfizer, a colleague's laptop containing information about customers, healthcare providers and other vendors was stolen from their car. The machine had full disk encryption and it's not known whether the thief was ever actually able to access the data. It's not clear if the car was locked or not.

article thumbnail

1st, 2nd, and 3rd Party Intent Data: Which Is Right for You?

How do 1st, 2nd, and 3rd party intent data compare? 1st, 2nd, and 3rd party data each have specific advantages and disadvantages. It comes down to four factors: accuracy, cost, control and quantity. This infographic explains the pros and cons of each and helps you understand which one is best for meeting your business objectives. Intent data can be a great way to fill your pipeline and close more deals.

article thumbnail

Log4Shell Exploitation Grows as Cybersecurity Firms Scramble to Contain Threat

eSecurity Planet

Cybercriminals are quickly ramping up efforts to exploit the critical flaw found in the widely used Log4j open-source logging tool, targeting everything from cryptomining to data theft to botnets that target Linux systems. The cybersecurity community is responding with tools for detecting exploitation of the vulnerability, a remote code execution (RCE) flaw dubbed Log4Shell and tracked as CVE-2021-44228.

article thumbnail

While attackers begin exploiting a second Log4j flaw, a third one emerges

Security Affairs

Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library. The CVE-2021-45046 received a CVSS score of 3.7 and affects Log4j versions from 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 (which was released to fix CV

article thumbnail

Prioritizing IT automation: A four-step approach

DXC Technology

As fast as the world and technology evolve, IT departments are evolving with it. To stay ahead of all this change, IT leaders need to free up time for the most important tasks. Automation is an obvious answer to do this. If you can automate the high-volume, low-complexity tasks that drain resources, you can boost […]. The post Prioritizing IT automation: A four-step approach appeared first on DXC Blogs.

IT 123
article thumbnail

NSO Group’s Pegasus Spyware Used Against US State Department Officials

Schneier on Security

NSO Group’s descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees. We don’t know which NSO Group customer trained the spyware on the US. But the company does: NSO Group said in a statement on Thursday that it did not have any indication their tools were used but canceled access for the relevant customers and would investigate based on the Reuters inquiry. “If our investigation shall show these actions indeed happe

article thumbnail

How to Create Unique Customer Journeys to Optimize Business Outcomes

Speaker: Shawn Phillips, CCXP, Head of Growth and Innovation

A one-size-fits-all approach is a great approach – if it’s 2010. With the growth of AI, customers expect – and often demand – a customer journey based on their unique needs and history with your brand. Advanced platforms enable you to move beyond simple personalization or mass customization to create truly unique customer journeys that optimize outcomes for both your customers and your brand.

article thumbnail

10 Best CASB Security Vendors of 2022

eSecurity Planet

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. . With the adoption of cloud-based applications and services growing exponentially, especially as a result of the dramatic growth in remote work in response to the COVID-19 pandemic, more than ever organizations need to protect their data and IT systems from cloud-based threats.

Security 119
article thumbnail

Conti ransomware gang exploits Log4Shell bug in its operations

Security Affairs

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. The ransomware group used the exploit to target internal devices that are not protected.

article thumbnail

Why Log4j Mitigation Is Fraught With Challenges

Dark Reading

The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization's own networks and systems.

134
134
article thumbnail

Weekly Update 274

Troy Hunt

As I start out by saying this week's video, it's very summer here and not a day goes by without multiple pool visits. Next week's video is going to be from somewhere epically amazing out of this world that I've wanted to go to for a long time now so stay tuned for that one as I go mobile again. Somehow, today's video stretched out beyond an hour with what felt like a list of pretty minor discussion points, but plenty of good questions and commentary along the way.

Security 116
article thumbnail

ABM Evolution: How Top Marketers Are Using Account-Based Strategies

In times of economic uncertainty, account-based strategies are essential. According to several business analysts and practitioners, ABM is a necessity for creating more predictable revenue. Research shows that nearly three-quarters of marketers (74%) already have the resources needed to build successful ABM programs.

article thumbnail

Nation-State Attackers, Ransomware Groups Take Aim at Apache Log4j Flaw

eSecurity Planet

Nation-state cyber threat groups and ransomware attackers are moving in to exploit a critical flaw found in the seemingly ubiquitous Apache Log4j open-source logging tool, as attacks spread just days after the vulnerability that could affect hundreds of millions of devices was made public late last week. Microsoft researchers reported that the remote code execution (RCE) vulnerability is being exploited by nation-state groups associated with China, North Korea, Iran and Turkey, with the activity

article thumbnail

Log4Shell was in the wild at least nine days before public disclosure

Security Affairs

Threat actors are already abusing Log4Shell vulnerability in the Log4j library for malicious purposes such as deploying malware. A few hours ago, researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. The attempts were carried out by Muhstik and Mirai botnets in attacks aimed at Linux devices.

Honeypots 116
article thumbnail

XDR: What It Is, What It Isn't

Dark Reading

The three must-haves in eXtended Detection and Response are: making data accessible, facilitating real-time threat detection, and providing remediation strategies.

IT 119