17-11-202019-11-2020

Security daily (18-11-2020)

AWS and the New Zealand notifiable privacy breach scheme

The updated New Zealand Privacy Act 2020 (Privacy Act) will come into force on December 1, 2020. Importantly, it establishes a new notifiable privacy breach scheme (NZ scheme). The NZ scheme gives affected individuals the opportunity to take steps to protect their personal information following a privacy breach that has caused, or is likely to […] (AWS Security Blog)

Announcement: Availability of AWS Recommendations for the management of AWS root account credentials

When AWS customers open their first account, they assume the responsibility for securely managing access to their root account credentials, under the Shared Responsibility Model. Initially protected by a password, it is the responsibility of each AWS customer to make decisions based on their operational and security requirements as to how they configure and manage […] (AWS Security Blog)

Would social media collaboration kneecap abusive content? One startup thinks so.

Social media companies need to band together more to limit the spread of abusive and harmful content online, according to John Redgrave, the co-founder and CEO of abuse detection software company Sentropy. Social media companies can work all they want to root out harmful content, but if they’re working in silos and not sharing lessons learned, some harmful content will continue to spread unabated, Redgrave said during FedTalks, a virtual event produced by FedScoop. “Facebook, after the Christchurch shooting did, what I would view as a technologist, an admirable job of yanking down the video on their platform. But I can still find the video online,” Redgrave said, referring to the shooting in New Zealand which was live-streamed on social media last year. “This is not a Facebook problem, this is not a Twitter problem — this is an internet problem,” Redgrave said. “What we need to see is increased collaboration.” […] The post Would social media collaboration kneecap abusive content? One startup thinks so. appeared first on CyberScoop. (CyberScoop)

DHS’s cyber agency is led by career official Brandon Wales. For now.

Less than 24 hours after President Donald Trump fired Chris Krebs, the dust is still settling at the Department of Homeland Security cybersecurity agency that Krebs led. Officials at the Cybersecurity and Infrastructure Security Agency (CISA) who have spent months refuting conspiracy theories and battling disinformation surrounding the election say they will continue to do so, despite a White House purge of the agency’s leadership. CISA is now led on an acting basis by Brandon Wales, a 15-year veteran of DHS who is deeply familiar with CISA’s operations after serving as the agency’s top career civil servant. A former senior cybersecurity adviser to then-Homeland Security Secretary Kirstjen Nielsen, Wales is well-liked at CISA and known for his technical acumen. In an email to the CISA workforce Wednesday afternoon, Wales urged his colleagues to continue to provide cybersecurity support to health care organizations threatened by ransomware attacks during the pandemic, and to prioritize election security efforts as […] The post DHS’s cyber agency is led by career official Brandon Wales. For now. appeared first on CyberScoop. (CyberScoop)

Ghost in the machine: Researchers find Webex vulnerabilities allow hidden visitors

Halloween may have been last month, but IBM researchers revealed Wednesday that they discovered a way ghosts could haunt Cisco Webex meetings. The vulnerabilities in the video conferencing platform — since the subject of a Cisco patch — would permit uninvited guests to join a meeting without showing up on the participant list, stay in a meeting even after the host expels them and gather information about other attendees without joining. Unwelcome guests are often more commonly associated with a Webex competitor, Zoom, which led to the coining of the term “Zoombombing” and Zoom wrestling with the problem. But the IBM research shows that with so many meetings happening online during the pandemic, Zoom isn’t alone. Webex registered a record 324 million users in March, and saw usage grow 451% from mid-February to mid-June. IBM Research found that invaders could exploit the “handshake” process whereby Webex connects meeting participants. “A malicious actor […] The post Ghost in the machine: Researchers find Webex vulnerabilities allow hidden visitors appeared first on CyberScoop. (CyberScoop)

Financial system not keeping up with cyberthreats, new report says

Four years after the biggest bank hack ever, the global financial system remains vulnerable to cyberattacks that could cause severe disruptions, according to a report Wednesday that draws advice from government officials, the financial industry and other experts. The assessment from the Carnegie Endowment for International Peace and the Word Economic Forum is the culmination of years of work, with touchstones ranging from the 2016 Bangladesh Bank heist where hackers made off with $81 million to a recent Chilean bank ransomware attack that shut down all of its branches. “Our big concern is that if you look at what’s happened during the pandemic, but even before with the escalating threat that’s targeting the financial system from the Bangladesh incident to the Chile outage back in September, we’re clearly not keeping up with the threat and how quickly it’s evolving,” said Tim Maurer, director of Carnegie’s Cyber Policy Initiative. “The government and industry need […] The post Financial system not keeping up with cyberthreats, new report says appeared first on CyberScoop. (CyberScoop)

Trump fires CISA chief Chris Krebs, who guarded the 2020 election from interference and domestic misinformation

President Donald Trump on Tuesday said he had fired Chris Krebs, a widely respected Department of Homeland Security official who helped protect the 2020 election from hacking and disinformation, the latest in a series of purges of officials deemed insufficiently loyal to the president. As head of DHS’s Cybersecurity and Infrastructure Security Agency, Krebs has repeatedly debunked baseless claims from Trump and his allies of widespread electoral fraud while generally avoiding mentioning the president by name. CISA’s “rumor control” public website, which refuted conspiracy theories about stolen votes or dead people voting, reportedly angered the White House. Trump tweeted Tuesday evening that he fired Krebs because his agency issued a “highly inaccurate” statement that the 2020 election was secure. That statement, which was signed by election officials across the country, and backed up by independent security experts, said the election was the most secure in U.S. history. Minutes after Trump’s tweet firing him, […] The post Trump fires CISA chief Chris Krebs, who guarded the 2020 election from interference and domestic misinformation appeared first on CyberScoop. (CyberScoop)

Sophos 2021 Threat Report: Navigating cybersecurity in an uncertain world

Here's the latest Sophos Threat Report - learn what cybercriminals are up to on Windows, Linux, Android and more (Naked Security)

The Worst Passwords Of 2020 Are Here And They Are Horrifying

(News ≈ Packet Storm)

NSO Channels Hollywood Spy Thrillers In Legal Defense With WhatsApp

(News ≈ Packet Storm)

Trump Axes Cyber Chief Who Debunked Claims Of Election Fraud

(News ≈ Packet Storm)

ZeroLogon Exploited In Automotive, Industrial Attack Wave

(News ≈ Packet Storm)

PrestaShop SuperAdmin Injector and Login Stealer

According to W3Tech’s data, PrestaShop is among the most popular CMS choices for existing ecommerce websites, so it should come as no surprise that malware has been created to specifically target these environments. We recently came across an infected PrestaShop website with malware which was automatically injecting a super admin PrestaShop user whenever the website owner logged into the backend. The malware was found injected into the following existing PrestaShop core files: ./controllers/admin/AdminLoginController.php ./classes/Employee.php The injected PHP code works by checking the $email variable contents — which, by default, stores the email address used when trying to log into PrestaShop. Continue reading PrestaShop SuperAdmin Injector and Login Stealer at Sucuri Blog. (Sucuri Blog)

Widespread Scans Underway for RCE Bugs in WordPress Websites

WordPress websites using buggy Epsilon Framework themes are being hunted by hackers. (Threatpost)

17-11-202019-11-2020

/security-daily/ 19-11-2020 23:44:22