Security daily (04-10-2021)

How to set up a two-way integration between AWS Security Hub and Jira Service Management

If you use both AWS Security Hub and Jira Service Management, you can use the new AWS Service Management Connector for Jira Service Management to create an automated, bidirectional integration between these two products that keeps your Security Hub findings and Jira issues in sync. In this blog post, I’ll show you how to set up this integration. […] (AWS Security Blog)

Police raid in Ukraine results in arrests of 2 alleged ransomware hackers

Europol coordinated with the FBI, French national police and Ukrainian National Police to arrest two members of an active ransomware group, the police agency Europol said Monday. The statement did not name the group the suspects allegedly worked for, said the scammers pulled off attacks against “very large industrial groups in Europe and North America from April 2020 onwards.” The group uses a double-extortion technique in which it locks up the victim’s servers and then threatens to leak sensitive data if the victim does not pay, according to authorities. The raid comes amid growing interest in strengthening global cooperation against the threat of ransomware. The White House will host a summit of 30 countries in October to discuss the growing threat of ransomware, as reported by CNN. The council of the European Union will meet Wednesday to discuss a potential Joint Cyber Unit Initiative and U.S. ransomware initiatives. Authorities from […] The post Police raid in Ukraine results in arrests of 2 alleged ransomware hackers appeared first on CyberScoop. (CyberScoop)

Cybersecurity Awareness Month: #BeCyberSmart

BeCyberSmart - during CyberSecurity Awareness Month and beyond (Naked Security)

Facebook, Instagram, WhatsApp Go Down

(News ≈ Packet Storm)

Fraudster Jailed For Stealing Military Records, Benefits

(News ≈ Packet Storm)

Ukrainian Cops Cuff Two Over $150m Ransomware Gang Allegations, Seize $1.3m In Cryptocurrency

(News ≈ Packet Storm)

Researcher Refuses Telegram's Bounty Award, Discloses Bug

(News ≈ Packet Storm)

MFA Glitch Leads To 6K+ Coinbase Customers Getting Robbed

(News ≈ Packet Storm)

Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems

A newly discovered data exfiltration mechanism employs Ethernet cables as a "transmitting antenna" to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research. "It's interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack," Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center (The Hacker News)

Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services

Cybersecurity researchers on Monday discovered misconfigurations across older versions of Apache Airflow instances belonging to a number of high-profile companies across various sectors, resulting in the exposure of sensitive credentials for popular platforms and services such as Amazon Web Services (AWS), Binance, Google Cloud Platform (GCP), PayPal, Slack, and Stripe. "These unsecured (The Hacker News)

A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. Cybersecurity company Positive Technologies dubbed the advanced persistent threat (APT) group ChamelGang — referring to their (The Hacker News)

The Shortfalls of Mean Time Metrics in Cybersecurity

Security teams at mid-sized organizations are constantly faced with the question of "what does success look like?". At ActZero, their continued data-driven approach to cybersecurity invites them to grapple daily with measuring, evaluating, and validating the work they do on behalf of their customers.  Like most, they initially turned toward the standard metrics used in cybersecurity, built (The Hacker News)

Chinese Hackers Used a New Rootkit to Spy on Targeted Windows 10 Users

A formerly unknown Chinese-speaking threat actor has been linked to a long-standing evasive operation aimed at South East Asian targets as far back as July 2020 to deploy a kernel-mode rootkit on compromised Windows systems. Attacks mounted by the hacking group, dubbed GhostEmperor by Kaspersky, are also said to have used a "sophisticated multi-stage malware framework" that allows for providing (The Hacker News)

Beware of Fake Amnesty International Antivirus for Pegasus that Hacks PCs with Malware

In yet another indicator of how hacking groups are quick to capitalize on world events and improvise their attack campaigns for maximum impact, threat actors have been discovered impersonating Amnesty International to distribute malware that purports to be security software designed to safeguard against NSO Group's Pegasus surveillanceware.  "Adversaries have set up a phony website that looks (The Hacker News)

Update Google Chrome ASAP to Patch 2 New Actively Exploited Zero-Day Flaws

Google on Thursday pushed urgent security fixes for its Chrome browser, including a pair of new security weaknesses that the company said are being exploited in the wild, making them the fourth and fifth actively zero-days plugged this month alone. The issues, designated as CVE-2021-37975 and CVE-2021-37976, are part of a total of four patches, and concern a use-after-free flaw in V8 JavaScript (The Hacker News)

New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught

Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks. "This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the targeted organization's (The Hacker News)

Facebook Outage Drags Down Instagram, WhatsApp, Messenger, Oculus VR

They were all flat on their faces for hours on Monday, throwing off DNS error messages or other server-related errors. (Threatpost)

Encrypted & Fileless Malware Sees Big Growth

An analysis of second-quarter malware trends shows that threats are becoming stealthier. (Threatpost)

Transnational Fraud Ring Bilks U.S. Military Service Members Out of Millions

A former medical records tech stole PII that was then used to fraudulently claim DoD and VA benefits, particularly targeting disabled veterans. (Threatpost)


/security-daily/ 05-10-2021 23:44:22