Daily Archives: October 30, 2020

Weekly Update 215

Weekly Update 215

It was a bit of a slow start this week. "Plan A" was to use the new GoPro with the Media Mod (including light and lapel mic) and do an outdoor session. This should really be much easier than it was with multiple issues ranging from connectivity drops to audio sync to simply not having a GoPro to tripod adaptor. I'll need to get on top of that before my big Xmas holiday trip and none of these are insurmountable problems, but this stuff should be easy! Can't feel too sorry for myself, had a great day on the water before that (exclusive wake park footage right there), but ended up in the office as usual. Enjoy 🙂

Weekly Update 215
Weekly Update 215
Weekly Update 215
Weekly Update 215

References

  1. It's a slow start getting my Ubiquiti doorbell going (it's not Ubiquiti's fault, I haven't even been able to plug it in yet!)
  2. Humans are bad at URLs (yes, that includes me, so let's stop moaning about "victim blaming" and talk about how to solve the damn problem!)
  3. The Finish psychotherapy breach and subsequent blackmail of patients and disclosure of data is unfathomably evil (hard to imagine the types of people that can justify this behaviour)
  4. In happier news, Reincubate have done a sensational job of their breach disclosure notice (this should be a case study for all those who are yet to write their own notices)
  5. I'm getting serious with 1Password and have joined their board of advisers (this is exciting given how much I've loved the product for so long 😊)
  6. Sponsored by: Make pwned passwords a thing of the past with safepass.me and pwncheck

Cyber News Rundown: Flash Banned from Windows

Reading Time: ~ 2 min.

Adobe Flash Being Uninstalled on Windows Systems

Following its September announcement, Microsoft has released an update that removes Adobe Flash from Windows 10 systems and prevents reinstallation. It should be noted that this update only removes the version of Adobe Flash that comes bundled with Windows 10. Internet browser extensions and stand-alone installs of the software will remain unaffected by this update. Should the user want to re-install Adobe Flash on an updated system, they must either revert to a point prior to the update or perform a fresh install of Windows 10.

Gunnebo Suffers Critical Data Breach

Officials for Gunnebo, a Swedish security firm, have revealed that they were victims of a data breach in August. Researchers also discovered an 18GB file confirmed to contain customer information stolen from Gunnebo. The compromised data was uploaded to a public server after Gunnebo refused to pay a ransom, exposing roughly 38,000 sensitive files.

Finnish Health Center Hacked

It was recently revealed that the Finnish psychotherapy center Vastaamo suffered a ransomware attack that compromised highly sensitive patient data belonging to thousands of individuals. After refusing to pay a 40 Bitcoin ransom, the attackers began publishing the stolen data on the dark web. While officials have yet to determine when the breach occurred, they have been contacting victims about the stolen data since October 21.

Customer Accounts at UK Restaurant Chain Breached

Recent technology changes at restaurants and other public establishments like touchless methods of interaction have left UK restaurants open major security flaws. One such flaw has been exploited at UK restaurant chain Nando’s, with several customer accounts affected. By accessing previous account logins and using credentials that were stolen in prior cyberattacks, hackers have been able to create fraudulent orders. The company has since confirmed that, though they themselves weren’t the target of the breach, they will compensate any customers who are fraudulently charged.

Ryuk Suspected in Major Steelcase Attack

International furniture maker Steelcase was forced to take its systems offline following a ransomware attack that began late last week. It is believed that the attack used the highly active ransomware variant, Ryuk, though this has yet to be confirmed by Steelcase. By shutting down the remaining unaffected systems, Steelcase hopes it was able to stop the spread of encryption before irreparable damage was caused.

The post Cyber News Rundown: Flash Banned from Windows appeared first on Webroot Blog.

McAfee Named a Leader in the 2020 Gartner Magic Quadrant for CASB

McAfee MVISION Cloud was the first to market with a CASB solution to address the need to secure corporate data in the cloud. Since then, Gartner has published several reports dedicated to the CASB market, which is a testament to the critical role CASBs play in enabling enterprise cloud adoption. Today, Gartner named McAfee a Leader in the 2020 annual Gartner Magic Quadrant for Cloud Access Security Brokers (CASB) for the fourth time evaluating CASB vendors.

Cloud access security brokers have become an essential element of any cloud security strategy, helping organizations govern the use of cloud and protect sensitive data in the cloud. Security and risk management leaders concerned about their organizations’ cloud use should investigate CASBs.

In its fourth Magic Quadrant for Cloud Access Security Brokers, Gartner evaluated eight vendors that met its inclusion criteria. MVISION Cloud, as part of the MVISION family of products at McAfee, is recognized as a Leader in the report; and for the fourth year in a row. To learn more about how Gartner assessed the market and MVISION Cloud, download your copy of the report here.

This year, Gartner commissioned a highly rigorous process to compile its Gartner Magic Quadrant for Cloud Access Security Brokers (CASB) report and they relied on numerous inputs to compile the report, including these materials from vendors to understand their product offerings:

  • Questionnaire – A 300+ point questionnaire resulting in hundreds of pages of responses
  • Financials – Detailed company financial data covering CASB revenue
  • Documentation – Access to all product documentation
  • Customer Peer Reviews – Gartner encourages customers to submit anonymized reviews via their Peer Insights program. You can read them here.
  • Demo – Covering over 50 Gartner-defined use cases to validate product capabilities

In 2020, McAfee made several updates and additions to its solutions, strengthening its position as an industry experts  including:

 

McAfee also received recognition as the only vendor to be named the January 2020 Gartner Peer Insights Customers’ Choice for Cloud Access Security Brokers based on customer feedback and ratings for McAfee MVISION Cloud.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved

Gartner Peer Insights ‘Voice of the Customer’: Cloud Access Security Brokers, Peer Contributors, 13 March 2020. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

The post McAfee Named a Leader in the 2020 Gartner Magic Quadrant for CASB appeared first on McAfee Blogs.

This Week in Security News: Trend Micro Researcher Uncover Two Espionage Backdoors Associated with Operation Earth Kitsune and Trickbot and Ransomware Attackers Plan Big Hit on U.S. Hospitals

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how Trend Micro researchers uncovered two new espionage backdoors associated with the ‘Operation Earth Kitsune’ campaign. Also, read about how U.S. healthcare providers have been put on high alert over Trickbot malware and ransomware targeting the sector.

Read on:

Operation Earth Kitsune: A Dance of Two New Backdoors

Trend Micro recently published a research paper on Operation Earth Kitsune, a watering hole campaign aiming to steal information by compromising websites. Besides its heavy use of SLUB malware, Trend Micro researchers also uncovered two new espionage backdoors associated with the campaign: agfSpy and dneSpy, dubbed as such following the attackers’ three-letter naming scheme.

FBI Warning: Trickbot and Ransomware Attackers Plan Big Hit on U.S. Hospitals

U.S. healthcare providers, already under pressure from the COVID-19 pandemic, are on high alert over Trickbot malware and ransomware targeting the sector. Trickbot is one of the largest botnets in the world, against which Microsoft took U.S. legal action earlier this month in effort to gain control of its servers. Within a day of the seizure, Trickbot C&C servers and domains were replaced with new infrastructure.

Trend Micro HouseCall for Home Networks

While a home network provides numerous benefits, it can also expose its users to safety and privacy risks. Checking for those risks doesn’t need to be costly: Trend Micro’s Housecall for Home Networks (HCHN) solution scans the connected devices in home networks and detects those that pose security risks and is available for free.

Bug-Bounty Awards Spike 26% in 2020

According to a list of top 10 vulnerabilities by HackerOne, cross-site scripting (XSS) remained the most impactful vulnerability and reaped the highest rewards for ethical hackers in 2020 for the second year in a row, earning hackers $4.2 million in total bug-bounty awards in the last year, a 26-percent increase from what was paid out in 2019 for finding XSS flaws. Following XSS on the list: Improper access control, information disclosure, server-side request forgery (SSRF) and more.

Supply Chain Attacks in the Age of Cloud Computing: Risks, Mitigations, and the Importance of Securing Back Ends

Security is an aspect that every enterprise needs to consider as they use and migrate to cloud-based technologies. On top of the list of resources that enterprises need to secure are networks, endpoints, and applications. However, another critical asset that enterprises should give careful security consideration to is their back-end infrastructure which, if compromised, could lead to supply chain attacks.

U.S. Shares Information on North Korean Threat Actor ‘Kimsuky’

An alert released this week by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Cyber Command Cyber National Mission Force (CNMF) provides information on Kimsuky, a threat actor focused on gathering intelligence on “foreign policy and national security issues related to the Korean peninsula, nuclear policy, and sanctions” on behalf of the North Korean government. The advisory says the adversary has been active since 2012, engaging in social engineering, spear-phishing, and watering hole attacks.

76% of Applications Have at Least One Security Flaw

Most applications contain at least one security flaw and fixing those flaws typically takes months, a new Veracode report reveals. This year’s analysis of 130,000 applications found that it takes about six months for teams to close half the security flaws they find. The report also uncovered some best practices to significantly improve these fix rates.

Apps Infected with Adware Found on Google Play Store

Some 21 malicious Android apps containing intrusive adware were discovered on the Google Play Store, but most have now been removed, according to a report from Avast. These fraudulent mobile applications, disguised as Android gaming apps, had been downloaded more than 8 million times since they were made available in the store.

Patients in Finland Blackmailed After Therapy Records Were Stolen by Hackers

The confidential records of thousands of psychotherapy patients in Finland have been hacked and some are now facing the threat of blackmail. Attackers were able to steal records related to therapy sessions, as well as patients’ personal information including social security numbers and addresses, according to Vastaamo, the country’s largest private psychotherapy center.

Surprised by the Vastaamo hack and subsequent blackmail of patients?  Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Trend Micro Researcher Uncover Two Espionage Backdoors Associated with Operation Earth Kitsune and Trickbot and Ransomware Attackers Plan Big Hit on U.S. Hospitals appeared first on .

Marriott data breach fine slashed to £18.4 million by UK regulator

Marriott International has been fined £18.4 million (US $23.8 million) for its failure to adequately protect the personal records 339 million guests. The fine, imposed by UK data regulator, the Information Commissioner’s Office (ICO), is a massive 81% less than the £99.2 million fine originally imposed upon the hotel group last year. Read more in my article on the Hot for Security blog.

Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers

Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the campaign involves the use of SLUB (for SLack and githUB) malware and two new backdoors — dneSpy and

Advantages of a secure Wi-Fi router to protect all your connected devices at home

Here’s a hypothetical scenario. You consider yourself a model user in all matters of cybersecurity. You have an...

The post Advantages of a secure Wi-Fi router to protect all your connected devices at home appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.