Security daily (09-09-2020)

How to configure an LDAPS endpoint for Simple AD

In this blog post, we show you how to configure an LDAPS (LDAP over SSL or TLS) encrypted endpoint for Simple AD so that you can extend Simple AD over untrusted networks. Our solution uses Network Load Balancer (NLB) as SSL/TLS termination. The data is then decrypted and sent to Simple AD. Network Load Balancer […] (AWS Security Blog)

DHS intel official alleges he was ordered to halt Russia reporting because it made Trump 'look bad'

In a whistleblower complaint made public Wednesday, a senior Department of Homeland Security official accused the department’s acting secretary of directing him to refrain from distributing an intelligence report on Russian election interference because it would make President Donald Trump “look bad.” The allegation from Brian Murphy, who until August was principal deputy undersecretary in DHS’s intelligence office, will add to criticism from Democratic lawmakers that intelligence has been politicized under acting DHS secretary Chad Wolf. According to the complaint, Wolf instructed Murphy in July to hold off on distributing an intelligence memo on Russian disinformation because it was unflattering for Trump. That followed a directive in May from Wolf to Murphy, the complaint alleges, to stop providing intelligence assessments on Russian interference threats and to begin reporting on threats from China and Iran. “Mr. Wolf stated that these instructions specifically originated from White House National Security Advisor Robert O’Brien,” […] The post DHS intel official alleges he was ordered to halt Russia reporting because it made Trump 'look bad' appeared first on CyberScoop. (CyberScoop)

Chinese diplomat demands investigation after his Twitter account liked embarrassing posts

A Twitter account belonging to China’s ambassador to the United Kingdom was allegedly breached by a hacker who used the account to engage with anti-Chinese content in what the government described as a “despicable” act. The Twitter account for Ambassador Liu Xiaoming was compromised by “some anti-China” elements to “viciously” attack the ambassador and “deceive the public,” the Chinese Embassy in the U.K. said in a statement Wednesday. The announcement came after social media users noticed that Liu’s account had “liked” a pornographic video, and a number of tweets criticizing Beijing’s treatment of the Uighur Muslim population. One tweet said Chinese officials “paid lip service to non-interference” in China’s internal affairs so the government “could murder their own people.” Liu’s account was created in October, though Twitter remains blocked in mainland China. Twitter likes do not always indicate endorsements, as many journalists and other users press the “like” button to […] The post Chinese diplomat demands investigation after his Twitter account liked embarrassing posts appeared first on CyberScoop. (CyberScoop)

Fake web alerts – how to spot and stop them

How do you spot and deal with fake system alerts on both computers and mobile devices? (Naked Security)

How to Configure Port Forwarding to Create Internet-Connected Services

Ports allow network and internet-connected devices to interact using specified channels. While servers with dedicated IP addresses can connect directly to the internet and make ports publicly available, a system behind a router on a local network may not be open to the rest of the web. To overcome the issue, port forwarding can be used to make these devices publicly accessible.

Networked services and apps running on various devices make use of ports at specific numbers as a means to initiate connections and establish communications. Different ports can be used simultaneously to separate and... more (Null Byte « WonderHowTo)

Palantir Courts Wall Street Ahead Of Public Listing

(News ≈ Packet Storm)

Critical Intel Active Management Technology Flaw Allows Privilege Escalation

(News ≈ Packet Storm)

Amazon Claims Pentagon's Review Of $10B Contract Was A Sham

(News ≈ Packet Storm)

Yubico Jangles New NFC And USB-C Touting Security Key

(News ≈ Packet Storm)

Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine

We have all heard of the "cybersecurity skills gap" — firms' inability to hire and retain high-level cybersecurity talent.

I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary skills to (The Hacker News)

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research.

"To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure," Israeli cybersecurity firm Intezer said (The Hacker News)

Zeppelin Ransomware Returns with New Trojan on Board

The malware has popped up in a targeted campaign and a new infection routine. (Threatpost)

Google Squashes Critical Android Media Framework Bug

The September Android security bulletin addressed critical- and high-severity flaws tied to 53 CVEs overall. (Threatpost)

TeamTNT Gains Full Remote Takeover of Cloud Instances

Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters. (Threatpost)


/security-daily/ 10-09-2020 23:44:21