Sat.Aug 13, 2022 - Fri.Aug 19, 2022

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge.

Cyber Resiliency Isn't Just About Technology, It's About People

Dark Reading

To lessen burnout and prioritize staff resiliency, put people in a position to succeed with staffwide cybersecurity training to help ease the burden on IT and security personnel

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Piggybacking: Social Engineering for Physical Access

KnowBe4

Tailgating or piggybacking is an old but effective social engineering technique to gain physical access to restricted areas, according to Rahul Awati at TechTarget. Tailgating is when a bad actor simply follows an employee through a door that requires authentication. Social Engineering

Google blocked the largest Layer 7 DDoS reported to date

Security Affairs

Google announced to have blocked the largest ever HTTPs DDoS attack, which reached 46 million requests per second (RPS). Google announced to have blocked the largest ever HTTPs DDoS attack that hit one of its Cloud Armor customers.

Cloud 113

Modernizing Workloads with the Cloud: How to Improve Performance & Reduce Costs

In this eBook, you’ll learn how to migrate workloads to Azure and optimize performance for your serverless and containerized applications in Azure.

Black Hat insights: Getting bombarded by multiple ransomware attacks has become commonplace

The Last Watchdog

The top ransomware gangs have become so relentless that it’s not unusual for two or more of them to attack the same company within a few days – or even a few hours. Related: How ‘IABs’ foster ransomware. And if an enterprise is under an active ransomware attack, or a series of attacks, that’s a pretty good indication several other gangs of hacking specialists came through earlier and paved the way. In short, overlapping cyber attacks have become the norm.

More Trending

When Efforts to Contain a Data Breach Backfire

Krebs on Security

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm.

How to Use Signal Encrypted Messaging

WIRED Threat Level

The best end-to-end encrypted messaging app has a host of security features. Here are the ones you should care about. Security Security / Security Advice

Black Hat Fireside Chat: MSSPs are well-positioned to help companies achieve cyber resiliency

The Last Watchdog

Network security is in dire straits. Security teams must defend an expanding attack surface, skilled IT professionals are scarce and threat actors are having a field day. Related: The role of attack surface management. That said, Managed Security Services Providers – MSSPs — are in a position to gallop to the rescue. MSSPs arrived on the scene 15 years ago to supply device security as a contracted service: antivirus, firewalls, email security and the like.

Thoma Bravo Eyes Darktrace Acquisition in Take-Private Spree

Data Breach Today

Darktrace Talks Follow Recent Thoma Bravo Moves to Buy SailPoint and Ping Identity Thoma Bravo is eyeing its third take-private security deal of 2022, initiating talks with Darktrace months after agreeing to buy SailPoint and Ping Identity.

Prioritizing Customer Experience Using SLIs & SLOs: A Case Study from The Telegraph

Service Level Indicators (SLIs) and Service Level Objectives (SLOs) are a key pillar of Site Reliability Engineering (SRE) and are the principal tool for eliminating needless alerts and focusing on what really matters to the business.

PoC exploit code for critical Realtek RCE flaw released online

Security Affairs

Exploit code for a critical vulnerability affecting networking devices using Realtek RTL819x system on a chip released online.

IoT 114

Google Chrome Zero-Day Found Exploited in the Wild

Dark Reading

The high-severity security vulnerability (CVE-2022-2856) is due to improper user-input validation

Black Hat Fireside Chat: Replacing VPNs with ZTNA that leverages WWII battlefield tactics

The Last Watchdog

The sunsetting of Virtual Private Networks is underway. Related: VPNs as a DIY tool for consumers, small businesses. VPNs are on a fast track to becoming obsolete, at least when it comes to defending enterprise networks. VPNs are being replaced by zero trust network access, or ZTNA. VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe. VPNs verify once and that’s it.

Cloud 144

CrowdStrike's Michael Sentonas on Identity, Cloud and XDR

Data Breach Today

Identity, observability, log management and cloud security have been CrowdStrike's biggest areas of investment during 2022, says CTO Michael Sentonas. The company protects against the abuse of identities through a stand-alone capability embedded on the Falcon sensor

Cloud 228

The 5 Stages of Account-Based Marketing — and How to Win Them All

Successfully complete the five stages of ABM: define, identify, engage, convert, and connect. We’ll show you how to create a unified system with your sales team to help them land more qualified opportunities and connect with prospects like never before.

New Linux Exploit ‘Dirty Cred’ Revealed at Black Hat

eSecurity Planet

A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference. Zhenpeng Lin, a PhD student, and a team of researchers worked on an alternative approach to the infamous Dirty Pipe vulnerability that affected Linux kernel versions 8 and later.

Access 109

China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload

Dark Reading

The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access

Access 109

GUEST ESSAY: The key to a successful cloud migration – embrace a security-first strategy

The Last Watchdog

Migrating to and utilizing cloud environments – public, hybrid, or multi – is a source of real investment and positive change for businesses. Cloud is the powerhouse that drives digital organizations. Related: Cloud security frameworks take hold. Gartner predicts that spending on public cloud alone is set to top $500 billion in 2022 – a 20% growth over last year. But often overlooked in the migration process is the significance of a company’s embedded security measures.

Cloud 136

Infoblox's Jesper Andersen on How to Identify Threats Sooner

Data Breach Today

Infoblox has invested in shifting left in the cybersecurity kill chain with on-premises, cloud and hybrid versions of its BloxOne Threat Defense tools, which help security practitioners find and identify threats earlier and mitigate risks, says President and CEO Jesper Andersen

Understanding Cadence Workflow for Developers and Architects

Explore the basics of Cadence and understand the benefits it can provide to your organization. This whitepaper will dive into a brief history of Cadence, how workflows can be put into practice, and how you can apply Cadence to your data infrastructure.

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

eSecurity Planet

Cyber attackers continue to up their game. One new tactic hackers have been using is to steal cookies from current or recent web sessions to bypass multi-factor authentication (MFA). The new attack method, reported by Sophos researchers yesterday, is already growing in use.

Safari 15.6.1 addresses a zero-day flaw actively exploited in the wild

Security Affairs

Apple released Safari 15.6.1 for macOS Big Sur and Catalina to address a zero-day vulnerability actively exploited in the wild. Safari 15.6.1 for macOS Big Sur and Catalina addressed an actively exploited zero-day vulnerability tracked as CVE-2022-32893.

Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip

Dark Reading

Lazarus continues to expand an aggressive, ongoing spy campaign, using fake Coinbase job openings to lure in victims

107
107

Comedy of Errors: Ransomware Group Extorts Wrong Victim

Data Breach Today

Not the First Time Ineptitude - or Blatant Lying - Invalidates Criminals' Claims The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider.

Detect and Respond to Threats Across Your Applications, Networks, and Infrastructure

Understand how to solve cloud complexity challenges with threat detection tools, analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework with Datadog Security Monitoring.

USB “Rubber Ducky” Attack Tool

Schneier on Security

The USB Rubber Ducky is getting better and better. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user’s login credentials or causing Chrome to send all saved passwords to an attacker’s webserver.

Bumblebee attacks, from initial access to the compromise of Active Directory Services

Security Affairs

Threat actors are using the Bumblebee loader to compromise Active Directory services as part of post-exploitation activities.

Access 105

How to Upskill Tech Staff to Meet Cybersecurity Needs

Dark Reading

Cybersecurity is the largest current tech skills gap; closing it requires a concerted effort to upskill existing staff

Feds Urge Healthcare Entities to Address Cloud Security

Data Breach Today

Advisory Comes in Midst of Recent Cyber Incidents Involving Cloud Providers With healthcare sector entities increasingly transitioning to cloud-based applications, storage and various other third-party hosted services, they must be proactive in addressing a list of associated security risks, U.S.

Cloud 213

The Ultimate Guide to Executive Recruiting

Sourcing the right executive candidates and filling key managerial roles in an organization can be difficult, even in the best of times. Download this eBook to level up your discovery process, talent sourcing, and strategies for reaching your best-fit candidates.

The Family That Mined the Pentagon's Data for Profit

WIRED Threat Level

The Freedom of Information Act helps Americans learn what the government is up to. The Poseys exploited it—and became unlikely defenders of transparency. Backchannel Security / National Security Security / Privacy

Mining 103

Cisco fixes High-Severity bug in Secure Web Appliance

Security Affairs

Cisco addressed a high-severity escalation of privilege vulnerability ( CVE-2022-20871 ) in AsyncOS for Cisco Secure Web Appliance. Cisco Secure Web Appliance (formerly Secure Web Appliance (WSA)) offers protection from malware and web-based attacks and provides application visibility and control.

DEF CON: A Woman's First Experience

Dark Reading

Omdia Senior Analyst Hollie Hennessy goes over her first experience of DEF CON as a woman in cybersecurity