11-04-202113-04-2021

Security daily (12-04-2021)

Optimizing cloud governance on AWS: Integrating the NIST Cybersecurity Framework, AWS Cloud Adoption Framework, and AWS Well-Architected

Your approach to security governance, risk management, and compliance can be an enabler to digital transformation and business agility. As more organizations progress in their digital transformation journey—empowered by cloud computing—security organizations and processes cannot simply participate, they must lead in that transformation. Today, many customers establish a security foundation using technology-agnostic risk management frameworks—such […] (AWS Security Blog)

Ex-DHS chief confirms suspected Russian hackers targeted his email account

Former acting Homeland Security Secretary Chad Wolf on Monday confirmed news reports that the suspected Russian spies behind a multi-prong breach of federal networks had targeted his email account while in office. “The fact that they got my email and knew that I was running late to meetings or I had a schedule change [was] not that big of a deal at the end of the day, but the overall access was,” Wolf said during a webinar hosted by the Heritage Foundation. “If they have the ability to do that, what else did they have the ability to do? Or what else did we not have insight into?” added Wolf, who served as President Donald Trump’s last Homeland Security secretary before stepping down in January. Wolf’s comments come after the Associated Press reported on March 29 that the suspected Russian hackers had accessed his email account and those of some […] The post Ex-DHS chief confirms suspected Russian hackers targeted his email account appeared first on CyberScoop. (CyberScoop)

White House to nominate NSA vets Chris Inglis, Jen Easterly as national cyber director, CISA chief

President Joe Biden has picked two veterans of the National Security Agency, Chris Inglis and Jen Easterly, for senior cybersecurity positions at the White House and Department of Homeland Security, the White House said Monday. Biden intends to nominate Inglis as the national cyber director and Easterly as the director of DHS’s Cybersecurity and Infrastructure Security Agency, the White House said in a statement. Both positions are subject to Senate confirmation. The nominations come as the Biden administration continues to grapple with two high-profile hacking operations linked to Russia and China that have exposed vulnerabilities in federal, state and local government networks. The national cyber director is a new, congressionally mandated role designed to make the government better at responding to those types of major hacks. If confirmed, Inglis, who spent nearly three decades at the NSA, will be charged with coordinating offensive and defensive operations across the vast federal […] The post White House to nominate NSA vets Chris Inglis, Jen Easterly as national cyber director, CISA chief appeared first on CyberScoop. (CyberScoop)

Fed chair deems cyber threat top risk to financial sector

Federal Reserve Chairman Jerome Powell said he is on alert for cyberattacks against U.S. financial systems and companies, above and beyond any other risks to the economy. “The world evolves. And the risks change as well,” Powell said during an interview aired Sunday on CBS’s “60 Minutes,” noting he is far more concerned about a cyber incident than he is about encountering a collapse akin to the global financial crisis of 2008. “And I would say that the risk that we keep our eyes on the most now is cyber risk.” Other government agencies and major companies — in particular financial companies — are also on alert, Powell said. Particularly of concern to Powell are scenarios in which cyberattacks cripple financial institutions to the point that they can’t track payments or to the point that payment systems don’t function. “There are scenarios in which a large payment utility, for example, breaks […] The post Fed chair deems cyber threat top risk to financial sector appeared first on CyberScoop. (CyberScoop)

Apple and Google block official UK COVID-19 app update

UK coronavirus app update apparently included "feature creep" that's explicitly prohibited by Apple's and Google's programming rules. (Naked Security)

Naked Security Live – How to spot “government” scammers

Latest episode - watch now, and please share with your friends and family! (Naked Security)

There's Another Facebook Phone Number Database Online

(News ≈ Packet Storm)

Texas Man Wanted To Blow Up Amazon To Kill 70% Of The Internet

(News ≈ Packet Storm)

Stuxnet Sibling Theory Surges After Iran Says Nuke Facility Shut Down By Electrical Fault

(News ≈ Packet Storm)

Criminals Spread Malware Using Contact Forms With Google URLs

(News ≈ Packet Storm)

RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers

An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave. Released by Rajvardhan Agarwal, the working exploit concerns a remote code execution vulnerability in the V8 JavaScript rendering engine that powers the web browsers. It is believed (The Hacker News)

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users' Data

Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web. The leaked information includes names, email addresses, dates of birth, bank account information, and about 56 million know your customer (KYC) documents pulled (The Hacker News)

What Does It Take To Be a Cybersecurity Researcher?

Behind the strategies and solutions needed to counter today's cyber threats are—dedicated cybersecurity researchers. They spend their lives dissecting code and analyzing incident reports to discover how to stop the bad guys.  But what drives these specialists? To understand the motivations for why these cybersecurity pros do what they do, we decided to talk with cybersecurity analysts from (The Hacker News)

Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

The 2021 spring edition of Pwn2Own hacking contest concluded last week on April 8 with a three-way tie between Team Devcore, OV, and Computest researchers Daan Keuper and Thijs Alkemade. A total of $1.2 million was awarded for 16 high-profile exploits over the course of the three-day virtual event organized by the Zero Day Initiative (ZDI). Targets with successful attempts included Zoom, Apple (The Hacker News)

Hackers Tampered With APKPure Store to Distribute Malware Apps

APKPure, one of the largest alternative app stores outside of the Google Play Store, was infected with malware this week, allowing threat actors to distribute Trojans to Android devices. In a supply-chain attack similar to that of German telecommunications equipment manufacturer Gigaset, the APKPure client version 3.17.18 is said to have been tampered with in an attempt to trick unsuspecting (The Hacker News)

Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets

Unpatched Fortinet VPN devices are being targeted in a series of attacks against industrial enterprises in Europe to deploy a new strain of ransomware called "Cring" inside corporate networks. At least one of the hacking incidents led to the temporary shutdown of a production site, said cybersecurity firm Kaspersky in a report published on Wednesday, without publicly naming the victim. The (The Hacker News)

1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free

Clubhouse denies it was ‘breached’ and says the data is out there for anyone to grab. (Threatpost)

Man Arrested for AWS Bomb Plot

A man caught in an FBI sting allegedly said he wanted to destroy "70 percent of the internet" by going after the tech giant's data centers. (Threatpost)

Zero Trust: The Mobile Dimension

Hank Schless, senior security solutions manager at Lookout, discusses how to secure remote working via mobile devices. (Threatpost)

IcedID Circulates Via Web Forms, Google URLs

Attackers are filling out and submitting web-based "contact us" forms, thus evading email spam filters. (Threatpost)

11-04-202113-04-2021

/security-daily/ 13-04-2021 23:44:23