Security daily (27-07-2021)

New 2021 H1 IRAP report is now available on AWS Artifact for Australian customers

We are excited to announce that an additional 15 AWS services are now assessed to be in scope for Information Security Registered Assessors Program (IRAP) after a successful incremental audit completed in June 2021 by independent ASD (Australian Signals Directorate) certified IRAP assessor. This brings the total to 112 services assessed at IRAP PROTECTED level. […] (AWS Security Blog)

Justice Department officials urge Congress to pass ransomware notification law

U.S. Justice Department officials came out in strong support of legislation requiring companies to report ransomware attacks and other severe data breaches to federal authorities. “Without prompt reporting, investigative opportunities are lost, our ability to assist other victims facing the same attacks is degraded and the government and Congress does not have a full picture of the threat facing American companies,” said Richard Downing, deputy assistant attorney general for the criminal division of the U.S. Department of Justice, at a Senate Judiciary hearing on ransomware Tuesday. The sentiment was shared by Bryan Vorndran, assistant director of the cyber division at the FBI. “We need a federal cyber incident reporting standard for breaches that pose significant risks because inconsistent volunteer reporting is simply not enough,” said Vorndran. Current versions of reporting legislation circulating on Capitol Hill put the Department of Homeland Security’s cybersecurity agency at the center of reporting. Eric Goldstein, […] The post Justice Department officials urge Congress to pass ransomware notification law appeared first on CyberScoop. (CyberScoop)

Cyber job listings excluded Colorado workers after salary transparency law went into effect

Dozens of technology companies, including several cybersecurity firms, have excluded remote workers in Colorado from searches for job candidates since a state law requiring pay transparency in job listings went into effect. CyberScoop identified at least five cybersecurity firms or tech companies with active security-related job listings excluding Colorado workers from remote work. The companies represent a small subset of hundreds of employers navigating 2019’s Equal Pay For Equal Work Act, which went into effect on January 1 and requires employers to include compensation in job postings and keep job descriptions and wage records for two years after an employee leaves the company. Advocates for equal pay say that salary transparency is a powerful tool in closing the wage gap between men and women. Companies that implement pay transparency tend to have a lower wage gap at all job levels, the salary data site PayScale found in a 2020 study. A […] The post Cyber job listings excluded Colorado workers after salary transparency law went into effect appeared first on CyberScoop. (CyberScoop)

Apple patches zero-day flaw that hackers may have exploited

Apple has released updates for its mobile, iPad and computer operating systems, fixing a zero-day flaw that appears to be the subject of active exploitation. The patch comes mere days after another update that tackled 40 vulnerabilities. The latest software update comes in the wake of reports that the Israeli spyware firm NSO Group had developed a hacking tool that helps its customers remotely compromise iOS systems. Whether the patch address those technical issues was not immediately clear. Apple did not immediately respond to a request for comment. The prior Apple update did not address the NSO Group exploits. The iOS 14.7.1, iPadOS 14.7.1 and Big Sur 11.5.1 patch notes are likewise mum, other than to say that an anonymous researcher brought the vulnerability to Apple’s attention. The issue involved improper access to kernel mode, which a hacker could have abused to access the underlying hardware on a device, and […] The post Apple patches zero-day flaw that hackers may have exploited appeared first on CyberScoop. (CyberScoop)

Apple emergency zero-day fix for iPhones and Macs – get it now!

You're probably expecting us to say, "Patch early, patch often." And that is EXACTLY what we're saying! (Naked Security)

Babuk Ransomware Gang Ransomed

(News ≈ Packet Storm)

Microsoft Rushes Fix For PetitPotam Attack PoC

(News ≈ Packet Storm)

VPN Servers Seized By Ukrainian Authorities Weren't Encrypted

(News ≈ Packet Storm)

Olympics Broadcaster Announces His Password On Live TV

(News ≈ Packet Storm)

New Bug Could Let Attackers Hijack Zimbra Server by Sending Malicious Email

Cybersecurity researchers have discovered multiple security vulnerabilities in Zimbra email collaboration software that could be potentially exploited to compromise email accounts by sending a malicious message and even achieve a full takeover of the mail server when hosted on a cloud infrastructure. The flaws — tracked as CVE-2021-35208 and CVE-2021-35208 — were discovered and reported in (The Hacker News)

Several Bugs Found in 3 Open-Source Software Used by Several Businesses

Cybersecurity researchers on Tuesday disclosed nine security vulnerabilities affecting three open-source projects — EspoCRM, Pimcore, and Akaunting — that are widely used by several small to medium businesses and, if successfully exploited, could provide a pathway to more sophisticated attacks. All the security flaws in question, which impact EspoCRM v6.1.6, Pimcore Customer Data Framework (The Hacker News)

Apple Releases Urgent 0-Day Bug Patch for Mac, iPhone and iPad Devices

Apple on Monday rolled out an urgent security update for iOS, iPadOS, and macOS to address a zero-day flaw that it said may have been actively exploited, making it the thirteenth such vulnerability Apple has patched since the start of this year. The updates, which arrive less than a week after the company released iOS 14.7, iPadOS 14.7, and macOS Big Sur 11.5 to the public, fixes a memory (The Hacker News)

BIMI: A Visual Take on Email Authentication and Security

There is a saying that goes something like, "Do not judge a book by its cover." Yet, we all know we can not help but do just that - especially when it comes to online security. Logos play a significant role in whether or not we open an email and how we assess the importance of each message. Brand Indicators for Message Identification, or BIMI, aims to make it easier for us to quickly identify (The Hacker News)

No More Ransom Saves Victims Nearly €1 billion Over 5 Years

No More Ransom is collecting decryptors so ransomware victims don’t have to pay to get their data back and attackers don’t get rich.

Zimbra Server Bugs Could Lead to Email Plundering

Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious email. (Threatpost)

Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers

The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP. (Threatpost)

Apple Patches Actively Exploited Zero-Day in iOS, MacOS

Company urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption flaw that can allow for attackers to take over a system. (Threatpost)


/security-daily/ 28-07-2021 23:44:22