Security daily (01-09-2021)

How to improve visibility into AWS WAF with anomaly detection

When your APIs are exposed on the internet, they naturally face unpredictable traffic. AWS WAF helps protect your application’s API against common web exploits, such as SQL injection and cross-site scripting. In this blog post, you’ll learn how to automatically detect anomalies in the AWS WAF metrics to improve your visibility into AWS WAF activity, […] (AWS Security Blog)

Ransomware mitigation: Top 5 protections and recovery preparation actions

In this post, I’ll cover the top five things that Amazon Web Services (AWS) customers can do to help protect and recover their resources from ransomware. This blog post focuses specifically on preemptive actions that you can take. #1 – Set up the ability to recover your apps and data In order for a traditional […] (AWS Security Blog)

Breach notification window, accountability are focus of coming fight on cyber legislation in Congress

Battle lines are drawn in Congress over legislation that would require companies to report some cyber incidents to the federal government, with industry groups lining up to support a House of Representatives bill poised to create fewer challenges for business leaders than a similar proposal in the Senate. The debate involves questions about how quickly companies would have to report attacks, what kinds of specific intrusions would trigger notification and whether failure to comply with the rules would lead to financial penalties. The idea of breach notification legislation gained momentum following last year’s discovery of the SolarWinds hack that compromised nine federal agencies and some 100 companies, as well as the Colonial Pipeline ransomware attack in May. At issue are such questions as whether companies have 24 or 72 hours to report an incident, along with who would be on the hook outside of critical infrastructure owners and operators, if […] The post Breach notification window, accountability are focus of coming fight on cyber legislation in Congress appeared first on CyberScoop. (CyberScoop)

FTC proposes first stalkerware ban, promises to toughen stance on abusive apps

The Federal Trade Commission is seeking its first ban of a “stalkerware” company, signaling an intent to crack down on surveillance technologies that expose individuals’ real-time activities to snoops, hackers and dangerous people. A complaint released by the agency Wednesday alleges that SpyFone, an app that markets itself as a tool to monitor loved ones’ internet activity, and its CEO Scott Zuckerman sold real-time access to illegally harvested phone data including location and email, enabling surveillance by stalkers and domestic abusers. The FTC also accused SpyFone of failing to enact basic security measures to safeguard the data it collects, leading to a 2018 data breach that exposed the personal data of roughly 2,200 customers. The FTC alleges that the company failed to follow through on promises to customers that it would upgrade its security after the incident. In addition to a ban on any future sales or marketing of surveillance […] The post FTC proposes first stalkerware ban, promises to toughen stance on abusive apps appeared first on CyberScoop. (CyberScoop)

Cryptocurrency payments to scams outpace ransomware jackpots in Eastern Europe, Chainalysis finds

Eastern Europe remains a hotbed for illicit cryptocurrency activity, new research shows. Between June 2020 and July 2021, Eastern Europe-based cryptocurrency addresses sent $815 million to investment ponzi scams that lure users with false promises of high returns, according to Chainalysis data published Wednesday. Ukraine, in particular, drove a significant amount of the region’s traffic to the fraud websites, trouncing second-place United States by roughly 20 million visits. Half the money sent in the region went to just one apparent fraud effort. Between December 2019 and August 2021, users sent over $1.5 billion worth of bitcoin to Finiko, a Russia-based ponzi-scheme whose founders are under arrest or have fled Russia. The company marketed itself as a referral network that would reward investors with high returns, only to come under scrutiny from authorities in Moscow for allegedly defrauding users. The report highlights that while Eastern Europe is largely seen as the recipient […] The post Cryptocurrency payments to scams outpace ransomware jackpots in Eastern Europe, Chainalysis finds appeared first on CyberScoop. (CyberScoop)

This Is Why The Mozi Botnet Will Linger On

(News ≈ Packet Storm)

Fake Banksy NFT Sold Through Artist's Website For £244k

(News ≈ Packet Storm)

Cream Finance Platform Pilfered For Over $34 Million In Cryptocurrency

(News ≈ Packet Storm)

Feds Warn Of Ransomware Attacks Ahead Of Labor Day

(News ≈ Packet Storm)

Analysis of a Phishing Kit (that targets Chase Bank)

Most of us are already familiar with phishing: A common type of internet scam where unsuspecting victims are conned into entering their real login credentials on fake pages controlled by attackers. Once entered, the attackers syphon off those login details and use them for their own purposes. Sometimes this can just be a nuisance: for example  someone entering their Netflix account login information into a bogus page. Things become much more serious when banking information is involved. Continue reading Analysis of a Phishing Kit (that targets Chase Bank) at Sucuri Blog. (Sucuri Blog)

FTC Bans Stalkerware App SpyFone; Orders Company to Erase Secretly Stolen Data

The U.S. Federal Trade Commission on Wednesday banned a stalkerware app company called SpyFone from the surveillance business over concerns that it stealthily harvested and shared data on people's physical movements, phone use, and online activities that were then used by stalkers and domestic abusers to monitor potential targets. "SpyFone is a brazen brand name for a surveillance business that (The Hacker News)

[LIVE WEBINAR] How Lean Security Teams Can Improve Their Time to Response

Cybersecurity could be described as a marathon for security teams that spend most of their time building sustained defenses that prevent threats day after day. However, they must be ready to hit a sprint whenever an attack succeeds since attack duration, and the resulting damages are directly correlated.  Reacting to a successful attack is a major challenge for lean security teams today since (The Hacker News)

Gutenberg Template Library & Redux Framework Bugs Plague WordPress Sites

Two vulnerabilities in the site-building plugin could be useful tools in the hands of a skilled attacker, researchers warned. (Threatpost)


/security-daily/ 02-09-2021 23:44:23