16-07-202018-07-2020

Security daily (17-07-2020)

How to use AWS Certificate Manager with AWS CloudFormation

Last month, Amazon Web Services (AWS) introduced the ability to automate issuing and validating public and private certificates using AWS CloudFormation. To make this easier, AWS has introduced three new features that let you: Automate the steps to validate your domain with DNS validation and issue your public certificate. Use AWS CloudFormation templates to issue […] (AWS Security Blog)

How to use Amazon AppStream 2.0 to reduce your bastion host attack surface

July 16, 2020: This post was originally published May 2, 2018, and has been updated to clarify some AppStream 2.0 details. Update: To help protect their assets, many security-conscious enterprises require their system administrators to go through a “bastion” (or “jump”) host to gain administrative access to backend systems in protected or sensitive network segments. […] (AWS Security Blog)

Around 130 Twitter accounts targeted in bitcoin scam hack, company says

Hackers who breached Twitter accounts belonging to Democratic presidential nominee Joe Biden, rapper Kanye West and other high profile users had targeted roughly 130 accounts, only taking over a small number, the company said. Attackers gained access to “a small subset” of the 130 accounts on which they initially focused, gaining control and sending tweets in their name, Twitter said in an update Thursday. By impersonating influential users like former president Barack Obama, Microsoft co-founder Bill Gates and Amazon CEO Jeff Bezos, the hackers urged millions of followers to send bitcoin to the same address as part of a scam that netted more than $110,000. While Twitter has since removed all of the tweets, the incident marked a major breach for the social media site, resulting in questions about its ability to safeguard accounts belonging to influential newsmakers. It’s also led to suggestions that the attackers would have had access to […] The post Around 130 Twitter accounts targeted in bitcoin scam hack, company says appeared first on CyberScoop. (CyberScoop)

WhatsApp lawsuit against NSO Group spying can proceed, judge rules

A federal judge in California ruled Thursday evening that Facebook’s lawsuit alleging that NSO Group technology was used to spy on thousands of WhatsApp users can move forward. Facebook, which filed the suit last year, alleged NSO Group had exploited a vulnerability in WhatsApp to deploy its malware against human rights activists, journalists, and political dissidents. The decision marks a blow for the Israeli software surveillance company, which has vigorously denied the allegations and fought to get the suit thrown out of court. In allowing the case to move forward, the judge threw cold water on several of NSO Group’s arguments, leaving open the possibility the firm would have to reveal information about its clients and their spying targets. A WhatsApp spokesperson applauded the decision. “We are pleased with the Court’s decision permitting us to move ahead with our claims that NSO engaged in unlawful conduct. The decision also confirms that WhatsApp […] The post WhatsApp lawsuit against NSO Group spying can proceed, judge rules appeared first on CyberScoop. (CyberScoop)

Insecure IoT devices could be banned and destroyed if they fail to meet UK security standards

IoT devices could be banned from sale and destroyed if they fail to meet basic security standards, according to proposals put forward by the UK Government. Read more in my article on the Bitdefender BOX blog. (Graham Cluley)

Apple’s latest updates are out for iPhones and Macs – get them now!

None of Apple's bugs have nicknames like Microsoft's recent "SIGRed" - but there are nevertheless kernel-level code holes to be patched... (Naked Security)

How to Track ADS-B Equipped Aircraft on Your Smartphone

Flight disruptions can cost billions of dollars, but most modern commercial flights rely on air traffic control systems that harbor serious vulnerabilities. The Federal Aviation Administration uses an infrastructure called NextGen, which relies on Automatic Dependent Surveillance – Broadcast, or ADS-B for short.

Since the beginning of 2020, all aircraft that fly within the U.S. must be equipped with ADS-B Out. This aspect of ADS-B broadcasts an airplane's vital information, in plain text, for everyone in broadcast range to receive. Below, we'll learn more about ADS-B and how it allows anyone... more (Null Byte « WonderHowTo)

EU Court Kills Privacy Shield, Wreaks Havoc On Digital Economy

(News ≈ Packet Storm)

Emotet Botnet Returns After A Four Month Absence

(News ≈ Packet Storm)

Iran State Hackers Caught Targeting Presidential Campaigns

(News ≈ Packet Storm)

Twitter Hack: 130 Accounts Targeted In Attack

(News ≈ Packet Storm)

Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online

An OPSEC error by an Iranian threat actor has laid bare the inner workings of the hacking group by providing a rare insight into the "behind-the-scenes look into their methods."

IBM's X-Force Incident Response Intelligence Services (IRIS) got hold of nearly five hours worth of video recordings of the state-sponsored group it calls ITG18 (also called Charming Kitten, Phosphorous, or APT35) that (The Hacker News)

Why Application Security Should Be Considered An Enabler For Business

If you ask Alex, he won't admit being old-fashioned. He has been working in the IT industry for a while now and accepts that security is important for the business's health. But reluctant to take security as the business enabler.

In today's environment, moving to digitization is a critical step required to drive innovation and business growth. When the application development takes the driver (The Hacker News)

New Android Malware Now Steals Passwords For Non-Banking Apps Too

Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps—a total of 337 non-financial Android applications on its target list.

Dubbed "BlackRock" by ThreatFabric researchers, which discovered the trojan in May, its source code is derived from a leaked (The Hacker News)

Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time

Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history.

A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple, were breached simultaneously in what's a far-reaching hacking campaign carried out to promote a (The Hacker News)

4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide

Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe.

Collectively called the "Tetrade" by Kaspersky researchers, the malware families — comprising Guildma, Javali, Melcoz, and Grandoreiro — have evolved their capabilities to function as a backdoor and adopt a (The Hacker News)

Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover

Less than 500 machines have been patched since U.S. Cyber Command issued an alert to patch a critical bug that's under active exploit. (Threatpost)

Twitter Hack Update: What We Know (and What We Don’t)

With limited confirmed information, a raft of theories and circumstantial evidence has come to light as to who was behind the attack and how they carried it out. (Threatpost)

CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug

An emergency directive orders some federal agencies to apply Microsoft’s patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. (ET). (Threatpost)

16-07-202018-07-2020

/security-daily/ 18-07-2020 23:44:22