25-02-202127-02-2021

Security daily (26-02-2021)

How to protect sensitive data for its entire lifecycle in AWS

Many Amazon Web Services (AWS) customer workflows require ingesting sensitive and regulated data such as Payments Card Industry (PCI) data, personally identifiable information (PII), and protected health information (PHI). In this post, I’ll show you a method designed to protect sensitive data for its entire lifecycle in AWS. This method can help enhance your data […] (AWS Security Blog)

Go Malware Is Now Common, Having Been Adopted By Both APT And E-Crime Groups

(News ≈ Packet Storm)

Old Foe Or New Enemy? Here's How Researchers Handle APT Attribution

(News ≈ Packet Storm)

Oxford Lab With COVID-19 Research Links Targeted By Hackers

(News ≈ Packet Storm)

Round Two Coming In Congressional Grilling Over SolarWinds

(News ≈ Packet Storm)

Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process

Researchers found a number of privacy and security issues in Amazon's Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks. (Threatpost)

Stalkerware Volumes Remain Concerningly High, Despite Bans

COVID-19 impacted volumes for the year, but the U.S. moved into third place on the list of countries most infected by stalkerware. (Threatpost)

Lazarus Targets Defense Companies with ThreatNeedle Malware

A spear-phishing campaigned linked to a North Korean APT uses “NukeSped” malware in cyberespionage attacks against defense companies. (Threatpost)

Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release  

Sneaker bots ready to scoop up the new Yeezy Boost 700 “Sun” shoes to resell at a huge markup.   (Threatpost)

Malware Gangs Partner Up in Double-Punch Security Threat

From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses. (Threatpost)

Podcast: Ransomware Attacks Exploded in Q4 2020

Researchers said they saw a seven-times increase in ransomware activity in the fourth quarter of 2020, across various families – from Ryuk to Egregor. (Threatpost)

Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World

Retailers that lacked significant digital presence pre-COVID are now reaching new audiences through e-commerce sites that are accessible anytime, from anywhere, on any device. (Threatpost)

25-02-202127-02-2021

/security-daily/ 27-02-2021 23:44:24