Security daily (08-07-2020)

Deploy a dashboard for AWS WAF with minimal effort

In this post, I’ll show you how to deploy a solution in your Amazon Web Services (AWS) account that will provide a fully automated dashboard for AWS Web Application Firewall (WAF) service. The solution uses logs generated and collected by AWS WAF, and displays them in a user-friendly dashboard shown in Figure 1. Figure 1: […] (AWS Security Blog)

Facebook boots Roger Stone for relying on fake accounts to amplify WikiLeaks

Facebook says it’s removing the personal account and the Instagram page belonging to Roger Stone, the longtime associate of  President Donald Trump recently convicted of seven felonies, amid ongoing scrutiny over the company’s failure to enforce its own rules. In an announcement Wednesday, Facebook said it will remove the accounts as part of a larger action against the Proud Boys, a far right organization that the Southern Poverty Law Center has designated as a hate group. The network was most active between 2015 and 2017, Facebook said, and promoted WikiLeaks’ disclosure of the emails hacked from the Democratic National Committee in 2016. In one case in June 2016, one of the accounts advertised a link to an Infowars article about the release of the Democratic National Committee’s plan to combat Donald Trump’s candidacy. The effort consisted of 54 Facebook accounts, 50 pages and four Instagram accounts, including a number of […] The post Facebook boots Roger Stone for relying on fake accounts to amplify WikiLeaks appeared first on CyberScoop. (CyberScoop)

Researchers to Supreme Court: Terms of service violations shouldn't be CFAA crime

As the Supreme Court prepares to consider a controversial federal anti-hacking law, a group of prominent cybersecurity researchers and legal advocates is pleading with the court not to criminalize digital research in the public interest. In a brief filed with the court Wednesday led by digital rights group Electronic Frontier Foundation, the researchers warned that if violations of a company’s “terms of service” are deemed to be illegal, it risks chilling important research into voting systems, medical devices and other key equipment. “Despite widespread agreement about the importance of this work—including by the government itself— researchers face legal threat for engaging in socially beneficial security testing,” wrote the EFF, the nonprofit Center for Democracy & Technology, and cybersecurity companies Bugcrowd, Rapid7, SCYTHE and Tenable. Famous security researchers like Peiter “Mudge” Zatko and Chris Wysopal, who warned Congress of the internet’s insecurities in the 1990s as members of the L0pht hacking collective, […] The post Researchers to Supreme Court: Terms of service violations shouldn't be CFAA crime appeared first on CyberScoop. (CyberScoop)

In Brazil, scammers see the coronavirus as a serious money-making opportunity

Brazilian President Jair Bolsonaro’s critics say he hasn’t taken the impact of the coronavirus seriously. The same can’t be said for Brazil’s cybercriminals. As deaths from the virus have surged past 66,000 in Brazil, scammers have set up new infrastructure to dupe people who are desperate for relief, and have set up bank accounts in their names. At a time when even more people in South America’s biggest country are glued to their phones or computers, Brazil’s already-flourishing cybercriminal economy has been busy. “Scam operations have been highly effective in Brazil, from the first announcement of the government assistance program,” Jefferson Macedo, managing consultant on IBM’s X-Force security team, told CyberScoop. IBM has uncovered nearly 700 malicious websites related to COVID-19, the disease caused by the virus, in recent months. The crooks are impersonating government apps used to sign up for financial relief and sending people a flurry of text […] The post In Brazil, scammers see the coronavirus as a serious money-making opportunity appeared first on CyberScoop. (CyberScoop)

Judge in trial of alleged LinkedIn hacker admits doubt in evidence

Just when U.S. attorneys may have thought they were free of obstacles in their case against an alleged Russian hacker, a new one has emerged: the judge presiding over the trial. Judge William Alsup openly criticized U.S. Attorney Michelle Kane on Tuesday, as the trial of Yevgeniy Nikulin resumed amid the coronavirus pandemic. Nikulin is charged with an array of hacking-related crimes in connection with 2012 breaches at LinkedIn, Formspring and Dropbox, in which he allegedly stole 117 million usernames and passwords, then tried to sell them to others. Through the trial, Alsup has questioned the government’s evidence against Nikulin. In March, after prosecutors questioned a witness about how Nikulin allegedly accessed stolen usernames and passwords to infiltrate the Formspring site, Alsup told prosecutors they risked boring the jury with “excruciating detail that seems irrelevant.” He went on to wonder whether the Department of Justice “had some magic witness” who […] The post Judge in trial of alleged LinkedIn hacker admits doubt in evidence appeared first on CyberScoop. (CyberScoop)

Mozilla turns off “Firefox Send” following malware abuse reports

Sadly, the easier and safer you make your file sharing service, the more attractive it becomes to the crooks. (Naked Security)

Kinda sorta weakened version of EARN IT Act creeps closer

Critics say the amended bill that's headed for a full Senate hearing still threatens encryption, albeit less blatantly. (Naked Security)

Take a Deep Dive into AI with This 4-Course Bundle

No longer strictly relegated to the realm of science fiction shows and novels, artificial intelligence can be found behind important technologies that are driving innovation throughout the world. From space exploration and self-driving cars to data science and marketing algorithms, AI is the driving force behind many technologies that are moving humanity forward.

Even if you're not planning on working in the AI departments of Google or NASA, you're going to want to have at least a baseline understanding of how these increasingly powerful and complex technologies work if you're going to be... more (Null Byte « WonderHowTo)

How to Crack SSH Private Key Passwords with John the Ripper

Secure Shell is one of the most common network protocols, typically used to manage remote machines through an encrypted connection. However, SSH is prone to password brute-forcing. Key-based authentication is much more secure, and private keys can even be encrypted for additional security. But even that isn't bulletproof since SSH private key passwords can be cracked using John the Ripper.

SSH Key-Based Authentication

The standard way of connecting to a machine via SSH uses password-based authentication. This has the advantage of being easier to set up but suffers security-wise due to being... more (Null Byte « WonderHowTo)

Python 2 vs. Python 3 — Important Differences Every Hacker Should Know

Python is commonly touted as one of the best programming languages for beginners to learn, and its straightforward syntax and functionality makes that hard to argue with. But a lot of tutorials still use Python 2, which is outdated now. Python 3 introduces many new features, and it's important to be aware of them going forward, as well as the key differences between Python 3 and its predecessor.

Python 2 was first released in 2000. It improved upon earlier versions of the language and introduced features common to other programming languages such as garbage collection, list comprehension, and... more (Null Byte « WonderHowTo)

Hacker Indicted Over Selling Backdoor Access To Companies

(News ≈ Packet Storm)

Citrix Tells Everyone Not To Worry Too Much Over Its Latest Security Patches. NSA's Former Top Hacker Disagrees

(News ≈ Packet Storm)

15 Billion Credentials Currently Up For Grabs On Hacker Forums

(News ≈ Packet Storm)

Police Are Buying Access To Hacked Website Data

(News ≈ Packet Storm)

Cops Seize Server That Hosted BlueLeaks, DDoSecrets Says

(News ≈ Packet Storm)

Pirated WordPress Plugins Bundled with Backdoors

One widespread belief among webmasters is that attackers typically only compromise websites in a couple of ways: by exploiting vulnerabilities or stealing login credentials. Although these are certainly two of the more common attack vectors, another method is often overlooked — but the result is just as hazardous. Whenever an attacker can successfully trick a website owner into installing a backdoor on their website, they are able to accomplish the exact same goal: unauthorized access. Continue reading Pirated WordPress Plugins Bundled with Backdoors at Sucuri Blog. (Sucuri Blog)

The Incident Response Challenge 2020 — Results and Solutions Announced

In April 2020, Cynet launched the world's first Incident Response Challenge to test and reward the skills of Incident Response professionals.

The Challenge consisted of 25 incidents, in increasing difficulty, all inspired by real-life scenarios that required participants to go beyond the textbook solution and think outside of the box. Over 2,500 IR professionals competed to be recognized as (The Hacker News)

Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products

Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WAN Optimization edition (WANOP) networking products.

Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against the (The Hacker News)

Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking

A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely.

The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected sessions.

According to a (The Hacker News)

Advertising Plugin for WordPress Threatens Full Site Takeovers

Thousands of vulnerable websites need to apply the patch to avoid RCE. (Threatpost)

Notorious Hacker ‘Fxmsp’ Outed After Widespread Access-Dealing

The Kazakh native made headlines last year for hacking McAfee, Symantec and Trend Micro; but the Feds say he's also behind a widespread backdoor operation spanning six continents. (Threatpost)

Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks

The phishing campaign targeted Office 365 accounts in 62 countries, using business-related reports and the coronavirus pandemic as lures. (Threatpost)

15 Billion Credentials Currently Up for Grabs on Hacker Forums

Unprecedented amounts of data for accessing bank accounts and streaming services are being flogged on the dark web. (Threatpost)


/security-daily/ 09-07-2020 23:44:22