Security daily (02-03-2021)

How AWS SSO Active Directory sync enhances AWS application experiences

Identity management is easiest when you can manage identities in a centralized location and use these identities across various accounts and applications. You also want to be able to use these identities for other purposes within applications, like searching through groups, finding members of a certain group, and sharing projects with other users or groups. […] (AWS Security Blog)

Essential security for everyone: Building a secure AWS foundation

In this post, I will show you how teams of all sizes can gain access to world-class security in the cloud without a dedicated security person in your organization. I look at how small teams can build securely on Amazon Web Services (AWS) in a way that’s cost effective and time efficient. I show you […] (AWS Security Blog)

Search crimes – how the Gootkit gang poisons Google searches

When a search result looks too good to be true - it IS too good to be true! (Naked Security)

Malaysia Airlines Security Incident Spanned 9 Years

(News ≈ Packet Storm)

Trump's Is One Of 15,000 Gab Accounts That Just Got Hacked

(News ≈ Packet Storm)

Flaws Fixed Incorrectly, As Secure Coding Education Lags

(News ≈ Packet Storm)

Oxfam Australia Supporters Embroiled In New Data Breach

(News ≈ Packet Storm)

Post-Cyberattack, Universal Health Services Faces $67M in Losses

The Fortune-500 hospital network owner is facing steep costs in damages after a cyberattack impacted patient care and billing in September and October. (Threatpost)

Jailbreak Tool Works on iPhones Up to iOS 14.3

The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices. (Threatpost)

Compromised Website Images Camouflage ObliqueRAT Malware

Emails spreading the ObliqueRAT malware now make use of steganography, disguising their payloads on compromised websites. (Threatpost)


/security-daily/ 03-03-2021 23:44:24