Security daily (26-08-2021)

Use IAM Access Analyzer to generate IAM policies based on access activity found in your organization trail

In April 2021, AWS Identity and Access Management (IAM) Access Analyzer added policy generation to help you create fine-grained policies based on AWS CloudTrail activity stored within your account. Now, we’re extending policy generation to enable you to generate policies based on access activity stored in a designated account. For example, you can use AWS […] (AWS Security Blog)

Apply the principle of separation of duties to shell access to your EC2 instances

In this blog post, we will show you how you can use AWS Systems Manager Change Manager to control access to Amazon Elastic Compute Cloud (Amazon EC2) instance interactive shell sessions, to enforce separation of duties. Separation of duties is a design principle where more than one person’s approval is required to conclude a critical […] (AWS Security Blog)

Scammers impersonate Europol chief in an effort to defraud Belgians

Scammers are impersonating the head of Europol, the European Union’s law enforcement agency, in an attempt to spook victims into handing over their financial information. The Belgian police have received hundreds of reports of emails purporting to come from Catherine De Bolle, Europol’s executive director, according to the Brussels Times. The email accuses the recipient of child pornography and sex trafficking, and then attempts to steal the PayPal account credentials. The email threatens to initiate criminal prosecution against the recipient unless they reply within 72 hours. Europol, which had warned about this type of scam in April, again urged internet users on Thursday not to fall for the gimmick. “Our executive director would never contact members of the public threatening individuals with opening a criminal investigation,” tweeted Europol, which does investigate lots of actual cybercrime. Cybercrooks often impersonate the law enforcement agencies that hunt them in an effort to intimidate […] The post Scammers impersonate Europol chief in an effort to defraud Belgians appeared first on CyberScoop. (CyberScoop)

White House cyber summit with private sector nets impressive gains, but points to considerable work needed ahead

The White House summit Wednesday demonstrated positive momentum for both the Biden administration and private sector in terms of their approach to cybersecurity, but also laid bare what remains inadequate, cyber experts said. The high-profile meeting brought together CEOs from the education, energy, finance, insurance and tech sectors, featuring companies like Amazon, Bank of America and ConocoPhillips. Some pledged billions more in cyber investments, while others committed to providing training and smaller services in response to the administration’s “call to action.” While impressive, observers noted, those commitments will require considerable follow-up, from expansion to other sectors to policy changes that could emerge from closer-knit relationships between industry and government. Even as the nonprofit Global Cyber Alliance’s Megan Stifel commended the White House for holding the meeting and the broad commitments that the companies made, she said it illustrated the lengths to which the U.S. can improve national cybersecurity. “A couple […] The post White House cyber summit with private sector nets impressive gains, but points to considerable work needed ahead appeared first on CyberScoop. (CyberScoop)

Poly Network fully recovers assets stolen in unusual $600M cryptocurrency hack

Poly Network has completely recovered all $610 million worth of user assets stolen by a hacker earlier this month, the company announced Thursday. In an unusual twist, the hacker returned roughly half of the assets within the first 24 hours and the rest later. The hacker had exploited a vulnerability in the company’s system that allows different chains of cryptocurrency to communicate. The hacker has claimed that he hacked the company “for fun” and had never intended to keep the money. “That’s always the plan! I am not very interested in money!” he wrote in a message alongside the online transactions. “I know it hurts when people are attacked, but shouldn’t they learn something from those hacks?” The company offered the hacker a $500,000 bug bounty for finding the vulnerability as well as a role as its chief security officer, both of which he declined. The company said that it […] The post Poly Network fully recovers assets stolen in unusual $600M cryptocurrency hack appeared first on CyberScoop. (CyberScoop)

S3 Ep47: Daylight robbery, spaghetti trouble, and mousetastic superpowers [Podcast]

Latest episode - listen now! (Naked Security)

How Data Brokers Sell Access To The Backbone Of The Internet

(News ≈ Packet Storm)

Google, Amazon, Microsoft Unveil Massive Cybersecurity Initiatives After White House Meeting

(News ≈ Packet Storm)

Realtek Flaw Exposes Dozens Of Brands To Supply Chain Attacks

(News ≈ Packet Storm)

Warzone Bans 100,000 Cheaters In Largest Ban Wave Yet

(News ≈ Packet Storm)

The Real Victims Of Mass-Crypto Hacks That Keep Happening

(News ≈ Packet Storm)

Microsoft Breaks Silence On Barrage Of ProxyShell Attacks

(News ≈ Packet Storm)

How Passwords Get Hacked

Can you think of an online service that doesn’t require a password? Everything on the internet requires a password. However, constantly creating and remembering new and ever more complex passwords is no small task. In fact, 66% of people polled admitted to using the same password more than once because of how hard it is to remember passwords that are considered strong. Taking steps to make passwords easier to remember can also make them easier for hackers to guess. Continue reading How Passwords Get Hacked at Sucuri Blog. (Sucuri Blog)

The Increased Liability of Local In-home Propagation

Today I discuss an attack vector conducive to cross-organizational spread, in-home local propagation. Though often overlooked, this vector is especially relevant today, as many corporate employees remain working from home. In this post, I contrast in-home local propagation with traditional vectors through which a threat (ransomware in particular) spreads throughout an organization. I discuss the (The Hacker News)

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access

Forget watercooler conspiracies or boardroom battles. There's a new war in the office. As companies nudge their staff to return to communal workspaces, many workers don't actually want to – more than 50 percent of employees would rather quit, according to research by EY.  While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft – (The Hacker News)

VMware Issues Patches to Fix New Flaws Affecting Multiple Products

VMware on Wednesday shipped security updates to address vulnerabilities in multiple products that could be potentially exploited by an attacker to take control of an affected system. The six security weaknesses (from CVE-2021-22022 through CVE-2021-22027, CVSS scores: 4.4 - 8.6) affect VMware vRealize Operations (prior to version 8.5.0), VMware Cloud Foundation (versions 3.x and 4.x), and (The Hacker News)

Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin

Now adults, the then-teens apparently used clipboard hijacking malware to steal Bitcoin. (Threatpost)

F5 Bug Could Lead to Complete System Takeover

The worst of 13 bugs fixed by the August updates could lead to complete system compromise for users in sensitive sectors running products in Appliance mode. (Threatpost)


/security-daily/ 27-08-2021 23:44:22