05-10-202007-10-2020

Security daily (06-10-2020)

AWS Firewall Manager helps automate security group management: 3 scenarios

In this post, we walk you through scenarios that use AWS Firewall Manager to centrally manage security groups across your AWS Organizations implementation. Firewall Manager is a security management tool that helps you centralize, configure, and maintain AWS WAF rules, AWS Shield Advanced protections, and Amazon Virtual Private Cloud (Amazon VPC) security groups across AWS […] (AWS Security Blog)

New IAMCTL tool compares multiple IAM roles and policies

If you have multiple Amazon Web Services (AWS) accounts, and you have AWS Identity and Access Management (IAM) roles among those multiple accounts that are supposed to be similar, those roles can deviate over time from your intended baseline due to manual actions performed directly out-of-band called drift. As part of regular compliance checks, you […] (AWS Security Blog)

Naked Security Podcast – we’re back for Series 3!

Join us weekly for the Naked Security Podcast - back for Series 3 and available wherever good podcasts are found! (Naked Security)

Gone phishing: workplace email security in five steps

David Mitchell, Senior Director of Email Product Management at Sophos, shares his top tips to optimize workplace email security. (Naked Security)

Apple's Famed T2 Security Chips' Unfixable Vulnerability Allows Hackers Easy Access To Macs

(News ≈ Packet Storm)

Microsoft Says Iranian Hackers Are Exploiting The ZeroLogon Vulnerability

(News ≈ Packet Storm)

Tenda Router Zero-Days Emerge In Spyware Botnet Campaign

(News ≈ Packet Storm)

McAfee Jailed In Spain Awaiting Extradition For Tax Evasion

(News ≈ Packet Storm)

H&M Fined For Breaking GDPR Over Employee Surveillance

(News ≈ Packet Storm)

Backdoor Shell Dropper Deploys CMS-Specific Malware

A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want. Another common scenario includes malware which is directly injected into a website’s files and used to redirect traffic, steal credit cards and other sensitive information, hijack resources to mine for cryptocurrencies, or even serve unwanted ads. In this case, the attacker uploaded what we suspect to be a malicious Turkish dropper — the code comments include the Turkish language which, when translated, indicates intent to inject additional pieces of malware on the site. Continue reading Backdoor Shell Dropper Deploys CMS-Specific Malware at Sucuri Blog. (Sucuri Blog)

New 'MosaicRegressor' UEFI Bootkit Malware Found Active in the Wild

Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI (or Unified Extensible Firmware Interface) containing a malicious implant, making it the second known public case where a UEFI rootkit has been used in the wild. According to Kaspersky, the (The Hacker News)

New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk researcher Eran Shimony today and shared with The Hacker News, the high privileges often associated with (The Hacker News)

Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

At SAS@Home, Luta Security CEO Katie Moussouris stressed that bug bounty programs aren't a 'silver bullet' for security teams. (Threatpost)

Male Chastity Device Comes with Massive Security Flaws

Smart sex toy vulnerable to hacks, researchers say -- which could expose users’ most sensitive bits (of data) to cybercriminals. (Threatpost)

Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack

The Magecart spinoff group targeted the wireless service provider in an odd choice of victim. (Threatpost)

05-10-202007-10-2020

/security-daily/ 07-10-2020 23:44:25