Security daily (27-04-2021)

Hands-on walkthrough of the AWS Network Firewall flexible rules engine

AWS Network Firewall is a managed service that makes it easy to provide fine-grained network protections for all of your Amazon Virtual Private Clouds (Amazon VPCs) to ensure that your traffic is inspected, monitored, and logged. The firewall scales automatically with your network traffic, and offers built-in redundancies designed to provide high availability. AWS Network […] (AWS Security Blog)

European police hope Google ads will steer teenagers away from a life of hacking

European authorities are stepping up their efforts to intervene with teen hackers before they might break the law.  In a series of programs launching this year, law enforcement officials are aiming to identify young people deemed at risk of committing crimes, and provide a metaphorical tap on the shoulder, Floor Jansen, a Dutch police officer involved in the creation of the programs, told CyberScoop. The program, called the Cyber Offender Prevention Squad (COPS), will target teenagers who exhibit behaviors that they may be flirting with the idea of criminal hacking with online warnings, said Jansen, the COPS team lead. To do so, COPS has since January been using Google AdWords to target teens with warnings that will pop up if they search for information on how to run a distributed denial-of-service attack, for instance, or how to conduct cybercrime, with the goal of informing kids that what they’re likely thinking […] The post European police hope Google ads will steer teenagers away from a life of hacking appeared first on CyberScoop. (CyberScoop)

Do credit monitoring and ID protection services do much for breach victims?

It has become a staple for companies that are hit by big data breaches: extending free crediting monitoring and identity protection services to customers whose sensitive personal information is at risk. There’s nothing wrong with companies doing that, say consumer advocates — but those advocacy groups also say breached companies can do much, much better. The latest company to get hit by hackers and then offer credit monitoring or identity protection services, Geico, last week outlined a package that’s a little improved above the usual versions, one advocate said. These existing services seem to offer help, yet in some cases that benefit is limited and in others it’s difficult to measure their effectiveness. But overall, there’s little incentive for companies to offer improved redress, consumer advocacy groups contend. “Most breached entities go with credit monitoring because it’s a relatively inexpensive thing for someone to contract with to provide,” said Susan […] The post Do credit monitoring and ID protection services do much for breach victims? appeared first on CyberScoop. (CyberScoop)

Ransomware demands up by 43% so far in 2021, Coveware says

Ransomware hacking groups are getting greedier. The average demand for a digital extortion payment shot up in the first quarter of this year to $220,298, up 43% from the previous quarter, according to a quarterly report from Coveware, a ransomware response firm. The median payment, too, jumped up 58% from from $49,450 to $78,398. The majority of ransomware attacks in the first quarter also involved theft of corporate data, a continuation of a trend of ransomware actors increasingly relying on exfiltration and extortion demands. Seventy-seven percent of ransomware attacks included the threat to publish stolen data in the first quarter of this year, which is up 10% compared to the last quarter of 2020, Coveware found. The report comes as the U.S. government is working to improve law enforcement actions targeting the infrastructure that supports ransomware gangs. In recognition that extortion demands are an increasingly popular approach, the U.S. Department of […] The post Ransomware demands up by 43% so far in 2021, Coveware says appeared first on CyberScoop. (CyberScoop)

Ransomware: don’t expect a full recovery, however much you pay

Turns out the ransomware crooks aren't that good at keeping their promises... (Naked Security)

Actively Exploited Mac 0-Day Neutered Core OS Defenses

(News ≈ Packet Storm)

Washington DC Police Force Confirms Data Breach From Ransomware

(News ≈ Packet Storm)

Pentagon Explains Odd Transfer Of 175 Million IP Addresses To Obscure Company

(News ≈ Packet Storm)

Apple's Privacy Battle With Facebook Just Became All-Out War

(News ≈ Packet Storm)

Hackers Threaten to Leak D.C. Police Informants' Info If Ransom Is Not Paid

The Metropolitan Police Department (MPD) of the District of Columbia has become the latest high-profile government agency to fall victim to a ransomware attack. The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police's networks and stolen 250 GB of unencrypted files. Screenshots shared by the group, and seen by The Hacker News, include various folders (The Hacker News)

Cybersecurity Webinar: Understanding the 2020 MITRE ATT&CK Results

The release of MITRE Engenuity's Carbanak+Fin7 ATT&CK evaluations every year is a benchmark for the cybersecurity industry. The organization's tests measure how well security vendors can detect and respond to threats and offers an independent metric for customers and security leaders to understand how well vendors perform on a variety of tasks. However, for the uninitiated, the results can be (The Hacker News)

Hackers Exploit 0-Day Gatekeeper Flaw to Attack macOS Computers

Security is only as strong as the weakest link. As further proof of this, Apple released an update to macOS operating systems to address an actively exploited zero-day vulnerability that could circumvent all security protections, thus permitting unapproved software to run on Macs. The macOS flaw, identified as CVE-2021-30657, was discovered and reported to Apple by security engineer Cedric Owens (The Hacker News)

FBI, CISA Uncover Tactics Employed by Russian Intelligence Hackers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI) on Monday published a new joint advisory as part of their latest attempts to expose the tactics, techniques, and procedures (TTPs) adopted by the Russian Foreign Intelligence Service (SVR) in its attacks targeting the U.S and foreign entities. By (The Hacker News)

Minnesota University Apologizes for Contributing Malicious Code to the Linux Project

Researchers from the University of Minnesota apologized to the maintainers of Linux Kernel Project on Saturday for intentionally including vulnerabilities in the project's code, which led to the school being banned from contributing to the open-source project in the future. "While our goal was to improve the security of Linux, we now understand that it was hurtful to the community to make it a (The Hacker News)

Nintendo Sues Video-Game Pirates

Nintendo is questing after its third successful lawsuit against circumvention-device sellers, this time against Team Xecuter. (Threatpost)

Linux Kernel Bug Opens Door to Wider Cyberattacks

The information-disclosure flaw allows KASLR bypass and the discovery of additional, unpatched vulnerabilities in ARM devices. (Threatpost)

Smishing: Why Text-Based Phishing Should Be on Every CISO’s Radar

Phil Richards, Chief Security Officer at Ivanti, discusses dramatic growth in smishing and what to do about it. (Threatpost)

Babuk Ransomware Gang Targets Washington D.C. Police

The RaaS developers thumbed their noses at police, saying “We find 0 day before you.” (Threatpost)

Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses

A variant of Mac No. 1 threat Shlayer since January already has been exploiting the vulnerability, which allows payloads to go unchecked through key OS security features. (Threatpost)


/security-daily/ 28-04-2021 23:44:22