Security daily (09-02-2021)

Top 10 blog posts of 2020

The AWS Security Blog endeavors to provide our readers with a reliable place to find the most up-to-date information on using AWS services to secure systems and tools, as well as thought leadership, and effective ways to solve security issues. In turn, our readers have shown us what’s most important for securing their businesses. To […] (AWS Security Blog)

42% of Gmail scams targeted American users, Google finds

Who you are, where you are and how you experience online life are all major factors in whether you’re targeted for phishing and malware campaigns on Gmail, a joint Stanford University-Google study concluded. The examination of 1.2 billion email-based phishing and malware attacks against Gmail users found that the risk of getting hit correlated at least in some significant measure to age, country, frequency of Gmail usage and past breach exposure. Users in the U.S. were most frequently targeted, attracting 42% of the attacks that researchers tracked. U.K. users were the subject of 10% of attacks, while people in Japan came in third, with 5%. Higher age groups also encountered higher odds of being targeted. For instance, the 55 to 64 age group was 1.64 times more likely to experience an attack compared to 18- to 24-year-olds. Google publicized the study Tuesday, saying it teamed with Stanford researchers on in […] The post 42% of Gmail scams targeted American users, Google finds appeared first on CyberScoop. (CyberScoop)

Estonia's diplomacy training aims to shape state behavior in cyberspace

Diplomats from around the world are convening this week to share ideas about what type of behavior should be allowed in cyberspace, and debate what happens when those rules are broken. The virtual confab, organized by the Estonian Ministry of Foreign Affairs and designed for seasoned and green diplomats alike, began Tuesday morning to discuss how international law applies in cyberspace and different attack methods diplomats may encounter when confronting cyber incidents, Estonia’s Ambassador at Large for Cyber Diplomacy Heli Tiirmaa-Klaar told CyberScoop in an interview. While the gathering will touch on historical cyber incidents that have rocked the international norms conversation over the years, including the sweeping WannaCry and NotPetya attacks, the focus of the so-called cyber diplomacy school is not on instruction about the technical details of cyber incidents. It’s about how to negotiate and shape behavior of other governments. “This is not technical training,” Tiirma-Klaar said. “What is […] The post Estonia's diplomacy training aims to shape state behavior in cyberspace appeared first on CyberScoop. (CyberScoop)

New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing

In one of his regular sweeps for new malicious software targeting Android phones, security researcher Vitor Ventura came across what looked like a run-of-the mill hacking tool. Like so many pieces of code before it, the malware was capable of stealing information from a mobile device and sending it back to a command and control server. But when Ventura dug deeper, he found that the remote access trojan (or RAT, as the tool is commonly known) was capable of surreptitiously recording conversations and taking screenshots. Spying, rather than immediately making money off of the illicit access, was the apparent goal. On Tuesday, Ventura and his colleagues at Talos, Cisco’s threat intelligence unit, publicly connected the new Android tool to the malware developers behind a multi-year effort to spy on people from South America to Bangladesh. Much about the people behind the hacking campaign is a mystery. Ventura and his colleagues […] The post New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing appeared first on CyberScoop. (CyberScoop)

'Cyberpunk 2077' game studio says hackers exposed data

Video game company CD Projekt says a cyberattack exposed some of its data, and the intruders left a ransom note claiming they accessed the source code for “Cyberpunk 2077” and other games. The Poland-based studio said in a tweet Tuesday that “an unidentified actor gained unauthorized access to our internal network” and “collected certain data belonging to CD PROJEKT capital group.” The attackers encrypted some devices, but backups remained intact, CD Projekt said. The alleged ransom note — published in CD Projekt’s tweet about the incident — indirectly refers to recent troubles for the company, which was criticized for the bug-filled rollout of the much-ballyhooed “Cyberpunk 2077” in December. Sony removed it from its PlayStation Store about a week after the release. Some investors sued the company over the rollout. “Your public image will go down the shitter even more,” if the attackers’ demands aren’t met, the note says. It […] The post 'Cyberpunk 2077' game studio says hackers exposed data appeared first on CyberScoop. (CyberScoop)

Beware of technical “experts” bombarding you with bug reports

Beware pseudo-geeks bearing 'gifts'. (Naked Security)

Safer Internet Day – Why not up your game?

Four tips for Safer Internet Day (Naked Security)

How to Write Your Own Bash Scripts to Automate Tasks on Linux

Bash scripting is a convenient way to automate things on any Linux system, and we're going to use it here to automate certain tasks we use all the time.

Bash is a simple language for stringing together several different Linux utilities. Its simplicity makes it easy for beginners to create lots of scripts that would otherwise be pretty complicated or require some pretty hefty programming skills.

If you know the right Bash commands, you can do all sorts of things. In this guide, we'll use Bash to automate a few commonly used tasks. We'll also cover aliasing briefly, which will make things even... more (Null Byte « WonderHowTo)

Cyberpunk 2077 Makers CD Projekt Hit By Ransomware Hack

(News ≈ Packet Storm)

Billions Of Passwords Offered For $2 In The Underground

(News ≈ Packet Storm)

Hacker Tried To Poison Florida City's Water Supply

(News ≈ Packet Storm)

Facebook Sued For Losing Control Of Users' Data

(News ≈ Packet Storm)

Optimizing Performance and Behavior with WordPress and the Sucuri WAF

Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and regional PoPs — often performing even better than dedicated CDNs based on recent tests. CDNs can significantly help speed up your website by storing and delivering content as close to the browser as possible, using servers dedicated to that task. What’s more, properly configured caching settings are the best defense against DDoS attacks. Continue reading Optimizing Performance and Behavior with WordPress and the Sucuri WAF at Sucuri Blog. (Sucuri Blog)

Actively Exploited Windows Kernel EoP Bug Allows Takeover

Microsoft addressed 56 security vulnerabilities for February Patch Tuesday -- including 11 critical and six publicly known. And, it continued to address the Zerologon bug. (Threatpost)

Google Play Boots Barcode Scanner App After Ad Explosion

A barcode scanner with 10 million downloads is removed from Google Play marketplace after ad blitz hits phones. (Threatpost)

Attackers Exploit Critical Adobe Flaw to Target Windows Users

A critical vulnerability in Adobe Reader has been exploited in "limited attacks." (Threatpost)

Android Devices Hunted by LodaRAT Windows Malware

The LodaRAT - known for targeting Windows devices - has been discovered also targeting Android devices in a new espionage campaign. (Threatpost)


/security-daily/ 10-02-2021 23:44:23