13-12-202015-12-2020

Security daily (14-12-2020)

Use a single AWS Managed Microsoft AD for Amazon RDS for SQL Server instances in multiple Regions

Many Amazon Web Services (AWS) customers use Active Directory to centralize user authentication and authorization for a variety of applications and services. For these customers, Active Directory is a critical piece of their IT infrastructure. AWS offers AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, to provide a highly […] (AWS Security Blog)

How to bulk import users and groups from CSV into AWS SSO

When you connect an external identity provider (IdP) to AWS Single Sign-On (SSO) using Security Assertion Markup Language (SAML) 2.0 standard, you must create all users and groups into AWS SSO before you can make any assignments to AWS accounts or applications. If your IdP supports user and group provisioning by way of the System […] (AWS Security Blog)

SolarWinds hack exposes underbelly of supply-chain attacks

Hackers of lore are often depicted breaking into prominent targets by typing frantically on keyboards in dark rooms and yelling “I’m in!” when they’ve purportedly breached their victim’s systems. But the sweeping SolarWinds breach, which has reportedly impacted the U.S. Treasury and Commerce departments, shows the reality is much less flashy and can be far more devastating. Details are still emerging about the SolarWinds breach, in which hackers inserted malicious code into software updates for the SolarWinds network management product Orion in order to conduct cyber-espionage against the U.S. federal government and multiple other targets. But the fallout from the attack, which is suspected to be linked with Russian hackers, is still being investigated, and early indications suggest the ramifications — and victims — could be extensive. In many respects, SolarWinds is just another, typical IT provider with government contracts. The company’s website has touted business with numerous U.S. military and civilian […] The post SolarWinds hack exposes underbelly of supply-chain attacks appeared first on CyberScoop. (CyberScoop)

HackerOne, Verizon Media weigh pros and cons of making live hacking contests virtual

Among all the ways COVID-19 has affected the cybersecurity world, perhaps nothing is more impossible than live hacking events, which were once a staple of the industry. The coronavirus forced bug bounty company HackerOne and Verizon Media into hosting two online hacking events together since the outbreak, and they recently completed what they billed as the world’s largest live hacking contest. Live hacking events, whether virtual or in-person, give companies a chance to lure ethical hackers to find their security flaws before the attackers do, and can serve as recruiting opportunities for corporate positions, too. What made the most recent competition stand out was its massive size, and what the experiment could mean for the rest of the bug bounty community. The HackerOne/Verizon Media duo wasn’t the first to move live hacking events online. Pwn2Own made a similar transition in March. With more than 3,000 people from 59 countries registering […] The post HackerOne, Verizon Media weigh pros and cons of making live hacking contests virtual appeared first on CyberScoop. (CyberScoop)

Special minisode: “20 years of cyberthreats that shaped infosec” [Podcast]

Bonus Naked Security Podcast minisode - listen now! (Naked Security)

Zodiac Killer Cipher Is Cracked After Eluding Sleuths For 51 Years

(News ≈ Packet Storm)

PgMiner Botnet Attacks Weakly Secured PostgreSQL Databases

(News ≈ Packet Storm)

Microsoft, FireEye Confirm SolarWinds Supply Chain Attck

(News ≈ Packet Storm)

Suspected Russian Hackers Spied On U.S. Treasury Emails

(News ≈ Packet Storm)

Spotify Changes Passwords After Another Data Breach

This is the third breach in the past few weeks for the world’s most popular streaming service. (Threatpost)

Ex-Cisco Employee Convicted for Deleting 16K Webex Accounts

The insider threat will go to jail for two years after compromising Cisco's cloud infrastructure. (Threatpost)

13-12-202015-12-2020

/security-daily/ 15-12-2020 23:44:24