Security daily (12-10-2020)

How to automatically archive expected IAM Access Analyzer findings

AWS Identity and Access Management (IAM) Access Analyzer continuously monitors your Amazon Web Services (AWS) resource-based policies for changes in order to identify resources that grant public or cross-account access from outside your AWS account or organization. Access Analyzer findings include detailed information that you can use to make an informed decision about whether access […] (AWS Security Blog)

How middlemen are giving ransomware gangs more attack options

The last six months have seen damaging ransomware attacks on two multibillion-dollar IT firms, Conduent and Cognizant, with clients all over the world. The incidents locked computers across the companies, cut into revenue and required days, if not weeks, of clean up. A report published Monday by consulting giant Accenture warns that the kind of criminal groups behind those attacks have more options than ever for accessing corporate networks thanks to a thriving market for outsourced hacking. Accenture researchers are tracking more the 25 regular “network access sellers,” or people who specialize in breaching an organization’s networks and handing off that access to the highest bidder. The access sellers have frequented the same underground forums as the people involved with prolific strains of ransomware like NetWalker and Maze, the latter which was used against Cognizant. “Network access selling has progressed from a niche underground offering throughout 2017 to a central pillar of criminal underground […] The post How middlemen are giving ransomware gangs more attack options appeared first on CyberScoop. (CyberScoop)

Cyber Command, Microsoft take action against TrickBot botnet before Election Day

TrickBot’s margin for success just got a lot smaller. The Pentagon’s offensive hacking arm, Cyber Command, has carried out an operation to hinder the ability of TrickBot, one of the world’s largest botnets, from attacking American targets, according to one U.S. government official who spoke to CyberScoop on the condition of anonymity because they were not authorized to discuss the matter. Microsoft also has sought to disrupt the TrickBot botnet, according to Tom Burt, the company’s corporate vice president of customer security and trust. The two operations represented distinct efforts to interrupt a pernicious threat that U.S. government officials say could be used to launch ransomware attacks against IT systems that support the voting process ahead of Election Day. Such an attack against voter registration systems, for instance, could result in confusion, delays or other uncertainties when Americans cast their ballots. As a result of the Microsoft operation, the people behind the TrickBot botnet — […] The post Cyber Command, Microsoft take action against TrickBot botnet before Election Day appeared first on CyberScoop. (CyberScoop)

Microsoft on the counter­attack! Trickbot malware network takes a hit

The crooks haven't yet been caught and arrested, but their malware distribution network has been hit hard. (Naked Security)

Naked Security Live – Cybersecurity tips for your own network

Here's the latest Naked Security Live video - enjoy (and please share with your friends)! (Naked Security)

Microsoft Takes Down Hacking Network With Potential To Disrupt Election

(News ≈ Packet Storm)

Here's How Many Americans Still Secretly Use Their Ex's Password

(News ≈ Packet Storm)

Bitcoin Wallet Update Trick Has Netted Criminals More Than $22 Million

(News ≈ Packet Storm)

Facebook Finally Bans Holocaust Denial Content

(News ≈ Packet Storm)

A Self-Service Password Reset Project Can Be A Quick Win For IT

Since the beginning of this year, organizations' IT staff have faced numerous challenges and an increased workload as a result of the global pandemic and shift to a mainly remote workforce. Supporting end-users that are now working from home has introduced new challenges in troubleshooting since it isn’t as simple as visiting an end user’s desk to resolve issues as they arise. One support issue (The Hacker News)

Watch Out — Microsoft Warns Android Users About A New Ransomware

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected devices as well as (The Hacker News)

Ransomware Attackers Buy Network Access in Cyberattack Shortcut

Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be buying in. (Threatpost)


/security-daily/ 13-10-2020 23:48:18