Security daily (07-01-2021)

Use AWS Secrets Manager to simplify the management of private certificates

AWS Certificate Manager (ACM) lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with Amazon Web Services (AWS) services and your internal connected resources. For private certificates, AWS Certificate Manager Private Certificate Authority (ACM PCA) can be used to create private CA hierarchies, including root […] (AWS Security Blog)

Sen. Warner accuses White House of weakening statement attributing SolarWinds hack to Russia

An influential Senate Democrat who will soon chair the intelligence committee on Thursday accused the White House of “water[ing] down” the U.S. government’s public statement linking a hacking campaign to Russia, and suggested more high-profile corporations had been breached. “We know who it was,” Sen. Mark Warner, D-Va., said in reference to the espionage campaign in which attackers leveraged the software built by federal contractor SolarWinds to compromise multiple federal agencies. “And this White House again has watered-down the attribution statements that should have been made in one more outrageous effort to constantly underestimate and underreport on Russian activity.” He spoke at an event held by the Aspen Institute. U.S. intelligence and national security agencies on Tuesday said the hacking campaign was “likely Russian in origin,” calling it “a serious compromise that will require a sustained and dedicated effort to remediate.” A person familiar with internal U.S. government deliberations on […] The post Sen. Warner accuses White House of weakening statement attributing SolarWinds hack to Russia appeared first on CyberScoop. (CyberScoop)

Federal courts are latest apparent victim of SolarWinds hack

The federal judiciary’s electronic case management and filing system suffered “an apparent compromise” as part of the SolarWinds breach, according to the Administrative Office of the U.S. Courts. The office is still assessing the impact, but a representative says the organization has stepped up security precautions in the meantime. “The federal Judiciary’s foremost concern must be the integrity of and public trust in the operation and administration of its courts,” James Duff, secretary of the judiciary’s national policy-making body — the Judicial Conference of the United States — said in a Wednesday communication to the courts. Federal courts are a potential goldmine for hackers, as they harbor sensitive data on millions of people. Government investigators have said Russia is likely behind a cyber-espionage campaign that hit federal agencies and major companies via updates to the SolarWinds Orion software. The Administrative Office of the U.S. Courts said it was working on […] The post Federal courts are latest apparent victim of SolarWinds hack appeared first on CyberScoop. (CyberScoop)

Capitol Hill riot exposes Congress' operational and cybersecurity frailties

The violent pro-Trump mob that stormed the Capitol on Wednesday exposed not only glaring weaknesses in the legislative body’s physical security but also its digital and operational security, according to experts. The intruders were able to roam the halls of Congress and at certain points had unfettered access to some lawmakers’ offices and computers. One rioter left a note in front of a computer in House Speaker Nancy Pelosi’s office saying, “We will not back down.” Sen. Jeff Merkley, D-Ore., said a laptop was stolen from his office. There is no public evidence that devices were tampered with. But some experts are hoping that, in addition to a likely investigation into the failures of physical security measures, lawmakers take the opportunity to review their own digital security practices, which have long been a concern. The insurrectionists who breached the Capitol were unsophisticated opportunists who were more interested in taking selfies […] The post Capitol Hill riot exposes Congress' operational and cybersecurity frailties appeared first on CyberScoop. (CyberScoop)

Facebook bans Trump indefinitely; risks 'simply too great,' Zuckerberg says

Facebook’s lockdown of President Donald Trump’s account will now last at least two weeks and possibly longer, CEO Mark Zuckerberg said Thursday morning. “We believe the risks of allowing the President to continue to use our service during this period are simply too great,” Zuckerberg said in a post announcing that a 24-hour ban instituted Wednesday evening would be extended “indefinitely.” The lockdown also applies to Trump’s Instagram account. Zuckerberg’s decision comes as social media platforms continue to reckon with Trump’s incitement of a mob that entered the U.S. Capitol on Wednesday with the intent of disrupting the count of Electoral College ballots that would certify Joe Biden as the winner of the 2020 election. Trump’s repetition Wednesday of baseless claims about election fraud capped weeks of buildup among supporters who planned to descend on Congress. Many of the conversations encouraging Americans to descend on the Capitol occurred on social […] The post Facebook bans Trump indefinitely; risks 'simply too great,' Zuckerberg says appeared first on CyberScoop. (CyberScoop)

Facebook, Twitter act on Trump's false messaging after violence at Capitol

Facebook and Twitter temporarily froze accounts belonging to President Donald Trump on Wednesday, hours after he continued to amplify false narratives that helped incite a violent mob at the Capitol Building. At 7:02 p.m. Eastern time on Wednesday, Twitter announced it was locking Trump out of his account for 12 hours after “repeated and severe violations of our Civic Integrity policy.” About 90 minutes later, Facebook announced that Trump’s account would be locked for 24 hours because of “two policy violations.” The bans came hours after Trump tweeted criticisms against Vice President Mike Pence for signaling that he would allow certification of the Electoral College count cementing Joe Biden’s election. The ballots had been legally cast, but some Trump loyalists in Congress questioned the results in a handful of states. Facebook and Twitter responded only after the White House posted a video in which Trump told the intruders in the […] The post Facebook, Twitter act on Trump's false messaging after violence at Capitol appeared first on CyberScoop. (CyberScoop)

S3 Ep14: Money scams, HTTPS by default, and hardcoded passwords [Podcast]

Listen now! (Naked Security)

This HD Infographic Design Software Is on Sale for $45

Anyone who's worked in web development or graphic design long enough knows that one of the most difficult job elements is finding high-quality stock images that aren't tangled in red tape. Whether you're trying to build a website, ad campaign, or email newsletter, you need to have reliable graphics that are easy to find and use across multiple platforms.

This Edraw Infographic Software package offers an award-winning trove of high-quality design elements that you'll be able to use to create a virtually limitless number of images and infographics from scratch, and right now, a perpetual... more (Null Byte « WonderHowTo)

How to Perform Keystroke Injection Attacks Over Wi-Fi with Your Smartphone

With just two microcontrollers soldered together, you can inject keystrokes into a computer from a smartphone. After building and programming the device, you plug it into a desktop or laptop, access it over a smartphone, and inject keystrokes as you would with a USB Rubber Ducky.

However, with a Rubber Ducky, you need to first know the type of computer and its operating system, followed by the payload you want to use, so you can program the hacking device to do your bidding. There is no real-time interaction from you — it just does whatever you preloaded on it.

With our homemade device, you... more (Null Byte « WonderHowTo)

Disgruntled Former VP Hacks Company, Disrupts PPE Supply, Gets Jail

(News ≈ Packet Storm)

DoJ Says SolarWinds Hackers Accessed Their Email

(News ≈ Packet Storm)

Hack The Army Bug Bounty Challenge Invites Hackers

(News ≈ Packet Storm)

Trump Locked Out Of All Social Media Accounts As He Threatens The Security Of U.S. Democracy

(News ≈ Packet Storm)

Evaluating Cookies to Hide Backdoors

Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often developed using a variety of techniques that can make it challenging to detect. For example, an attacker can inject a single line of code containing less than 130 characters into a website file. While this may not seem like a lot of code, this short string can be used to load PHP web shells on your website at the attacker’s whim —  while also preventing website visitors and administrators from detecting the malicious behavior. Continue reading Evaluating Cookies to Hide Backdoors at Sucuri Blog. (Sucuri Blog)

Biden to Appoint Cybersecurity Advisor to NSC – Report

Anne Neuberger will join the National Security Council, according to sources. (Threatpost)

Nvidia Warns Windows Gamers of High-Severity Graphics Driver Flaws

In all, Nvidia patched flaws tied to 16 CVEs across its graphics drivers and vGPU software, in its first security update of 2021. (Threatpost)

Fired Healthcare Exec Stalls Critical PPE Shipment for Months

A fired Stradis Healthcare employee sought revenge by tampering with shipping data for desperately needed healthcare PPE. (Threatpost)

Threatpost Poll: Weigh in on Ransomware Security

Provide your views on ransomware and how to deal with it in our anonymous Threatpost poll. (Threatpost)


/security-daily/ 08-01-2021 23:44:23