14-10-202016-10-2020

Security daily (15-10-2020)

Automate AWS Firewall Manager onboarding using AWS Centralized WAF and VPC Security Group Management solution

Many customers—especially large enterprises—run workloads across multiple AWS accounts and in multiple AWS regions. AWS Firewall Manager service, launched in April 2018, enables customers to centrally configure and manage AWS WAF rules, audit Amazon VPC security group rules across accounts and applications in AWS Organizations, and protect resources against distributed DDoS attacks. In this blog […] (AWS Security Blog)

Joker's Stash claims 3 million cards stolen from Dickey's Barbecue

Joker’s Stash, one of the most notorious web forums for stolen credit card data, has claimed a new scalp. Sellers on the site this week claimed to be offering 3 million payment card numbers used at Dickey’s Barbecue Pit, a U.S. restaurant chain, researchers at intelligence firm Gemini Advisory said Thursday. More than 100 of the barbecue joint’s locations were affected by the breach, and the data is being sold for a median price of $17 per card, according to the research. The data from Dickey’s Barbecue Pit customers appears to have been compromised between July 2019 and August 2020, according to Gemini Advisory. Numerous restaurant and hospitality chains have been hit by scammers in recent years because of the personal financial data they collect. “Given the widespread nature of the breach, the exposure may be linked to a breach of the single central processor, which was leveraged by over a quarter of all Dickey’s […] The post Joker's Stash claims 3 million cards stolen from Dickey's Barbecue appeared first on CyberScoop. (CyberScoop)

NSA aims to boost Black students' access to security education, paid internships

The National Security Agency and the Department of Defense announced an initiative on Thursday meant to increase access to cybersecurity education, mentoring and paid internships for students at historically Black colleges and universities. The workforce development program will connect students at eligible educational institutions with internships and mentorship through the Pentagon’s Office of Small Business Programs, officials said Thursday during a call with reporters. Students may also participate in exercises at the Maryland Innovation & Security Institute’s virtual cyber range, to gain hands-on technical training that will help them to later provide technical assistance to small businesses. Students may receive paid stipends during their internships, according to a Defense Department and NSA release. A military spokesperson said $300,000 will be available for internships through the DOD’s Mentor Protégé Program. The spokesperson declined to say the number of internships the program will back. Shannon Jackson, associate director of the Department of Defense’s Office of Small Business Program, […] The post NSA aims to boost Black students' access to security education, paid internships appeared first on CyberScoop. (CyberScoop)

US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group

U.S. and European law enforcement have embarked on a coordinated crackdown on an Eastern European cybercriminal group accused of trying to launder tens of millions of dollars stolen from victims. Fourteen people have been charged for allegedly laundering money for QQAAZZ, as the group is known, the U.S. Justice Department announced Thursday. Meanwhile, houses were raided across Europe, a number of arrests were made in Latvia and a cryptocurrency mining operation was seized in Bulgaria. It’s the most significant law enforcement offensive to date against QQAAZZ, whose members are allegedly from Bulgaria, Latvia, Georgia, Romania and elsewhere. The network has allegedly operated hundreds of bank accounts throughout the world to launder money stolen by criminal hackers, sometimes converting it to cryptocurrency. They stand accused of hawking their “bank drops service” on Russia-speaking cybercriminals forums. “The criminal gangs behind some of the world’s most harmful malware families are among those cybercriminal groups […] The post US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group appeared first on CyberScoop. (CyberScoop)

Barnes & Noble cyber incident could expose customer shipping addresses, order history

Barnes & Noble told customers it was the victim of a cyberattack that led to “unauthorized and unlawful access” of its corporate systems. Barnes & Noble didn’t detail the entire nature of the “cybersecurity attack” in its email Wednesday, but confirmed that customers’ shipping addresses, billing addresses, email addresses and phone numbers could have been exposed. Payment card information wasn’t compromised as a part of this incident, but customers’ order history may also be exposed, according to Barnes & Noble. “We currently have no evidence of the exposure of any of this data, but we cannot at this stage rule out the possibility,” the bookseller said in its alert to customers. Customers’ access to Nook e-readers has also been interrupted, Barnes & Noble said on Twitter. It was unclear how many customers the incident impacted. Barnes & Noble did not disclose how it discovered the incident, only noting that it was “made aware” of it on Oct. 10. “We […] The post Barnes & Noble cyber incident could expose customer shipping addresses, order history appeared first on CyberScoop. (CyberScoop)

New York regulator faults Twitter for lax security measures prior to big account breach

The scammers who hijacked celebrity Twitter accounts to promote cryptocurrency in July did so by posing as a customer support team in a breach that caught Twitter’s security team flat-footed, a New York regulator said in a report Wednesday. The investigation from New York’s Department of Financial Services faulted Twitter for not heightening security measures for telework during the coronavirus pandemic, and called for regulation of social media companies to force better cybersecurity practices. “Social-media platforms have quickly become the leading source of news and information, yet no regulator has adequate oversight of their cybersecurity,” Linda Lacewell, the department’s superintendent of financial services, said in a statement. “The fact that Twitter was vulnerable to an unsophisticated attack shows that self-regulation is not the answer.” According to the report, attackers posed as Twitter’s IT department and phoned Twitter employees to discuss an apparent problem with their virtual private networking (VPN) connection, a security […] The post New York regulator faults Twitter for lax security measures prior to big account breach appeared first on CyberScoop. (CyberScoop)

TikTok unveils bug bounty program, scraps with US government in court over looming ban

TikTok announced a global bug bounty program Thursday amid an ongoing court battle to continue operating in the U.S. The program, a partnership with HackerOne, is an expansion of a more limited vulnerability disclosure program for the popular video-sharing app. “This partnership will help us to gain insight from the world’s top security researchers, academic scholars and independent experts to better uncover potential threats and make our security defenses even stronger,” TikTok wrote in a blog post. Researchers who uncover vulnerabilities can make between $50 and $14,800, depending on the severity of the flaw. TikTok has previously worked with security research companies to fix flaws they found. A range of high profile companies have relied on bug bounty programs to solicit reports about vulnerabilities for which internal security personnel failed to account. Often, success depends on the firms’ ability to fix those flaws, and reward outside researchers in a way that doesn’t […] The post TikTok unveils bug bounty program, scraps with US government in court over looming ban appeared first on CyberScoop. (CyberScoop)

Protect Yourself Online While Upping Your Internet Productivity with This VPN

We've all relied on the internet more than ever during this pandemic. But while you're staying safe at home, are you being safe and productive while surfing the web? That's where a trusty VPN comes in handy!

With dozens of VPNs on the market, it can be hard to discern which one is right for you. Speedify 10 Bonding VPN is the only connectivity tool and VPN that lets you use all of your Internet connections simultaneously. And a three-year subscription is available now for 44% off at just $59.99.

Speedify's channel bonding technology allows you to distribute your online traffic across all of... more (Null Byte « WonderHowTo)

Cybercrime Increasingly Converging Towards Ransomware, Cartel Models

(News ≈ Packet Storm)

Ubisoft, Crytek Data Posted On Ransomware Gang's Site

(News ≈ Packet Storm)

US Charges QQAAZZ Group For Laundering Money For Malware Gangs

(News ≈ Packet Storm)

Carnival Corp. Ransomware Attack Affects Three Cruise Lines

(News ≈ Packet Storm)

Sucuri Sit-Down Episode 4: XSS & WP Plugin Vulnerabilities with Antony Garand

October is National Cyber Security Awareness Month, and we’re back with analyst Antony Garand to take a deeper look into cross site scripting (XSS) attacks and WordPress plugin vulnerabilities. Plus, host Justin Channell will catch you up on the latest website security news from the Sucuri blog. For further reading about any of these topics, check out these blogs we reference in the episode:

WordPress Malware Disables Security Plugins to Avoid Detection Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites Reflected XSS in WordPress Plugin Admin Pages Backdoor Shell Dropper Deploys CMS-Specific Malware Magento Multiversion (1.x/2.x) Backdoor

Justin Channell: Hello and welcome to the Sucuri Sit-Down. Continue reading Sucuri Sit-Down Episode 4: XSS & WP Plugin Vulnerabilities with Antony Garand at Sucuri Blog. (Sucuri Blog)

Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs

Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked Important, and one is classified Moderate in severity, affect Windows, Office and Office Services and (The Hacker News)

Critical Magento Holes Open Online Shops to Code Execution

Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database. (Threatpost)

FIFA 21 Blockbuster Release Gives Fraudsters an Open Field for Theft

In-game features of the just-released FIFA 21 title give scammers easy access its vast audience. (Threatpost)

Zoom Rolls Out End-to-End Encryption After Setbacks

After backlash over false marketing around its encryption policies, Zoom will finally roll out end-to-end encryption next week. (Threatpost)

14-10-202016-10-2020

/security-daily/ 16-10-2020 23:44:23