Security daily (28-06-2021)

Join us in person for AWS re:Inforce 2021

I’d like to personally invite you to attend our security conference, AWS re:Inforce 2021 in Houston, TX on August 24–25. This event will offer interactive educational content to address your security, compliance, privacy, and identity management needs. As the Chief Information Security Officer of Amazon Web Services (AWS), my primary job is to help our […] (AWS Security Blog)

Russian hackers breached Microsoft customer support to try phishing targets in 36 countries

State-sponsored Russian hackers compromised a Microsoft customer support representative’s account, leveraging that access to try to hack other customers, the company said. The cyber-espionage group that Microsoft calls Nobelium — also known as APT 29 and Cozy Bear — obtained “basic account information” about a limited number of customers as part of the effort. The same group is the primary suspect in the data breach at federal contractor SolarWinds, a hack in which spies also breached nine U.S. federal agencies and scores of technology companies. “This recent activity was mostly unsuccessful, and the majority of targets were not successfully compromised — we are aware of three compromised entities to date,” said the Microsoft blog post. “All customers that were compromised or targeted are being contacted through our state-notification process.” The apparent Russian hackers used information-stealing malware to infect a customer support machine, then used data found on that device to […] The post Russian hackers breached Microsoft customer support to try phishing targets in 36 countries appeared first on CyberScoop. (CyberScoop)

Using The Android USB Driver To Extract Data As USB Mass Storage Device

(News ≈ Packet Storm)

GitHub Bug Bounty Payouts Surge Past $1.5 Million

(News ≈ Packet Storm)

NFC Flaws Allow ATM Hacking With A Wave Of A Phone

(News ≈ Packet Storm)

SolarWinds Hackers Breach New Victims

(News ≈ Packet Storm)

EA Ignored Domain Vulnerabilities For Months Despite Warnings And Breaches

(News ≈ Packet Storm)

Microsoft Edge Bug Could've Let Hackers Steal Your Secrets for Any Site

Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject and execute arbitrary code in the context of any website. Tracked as CVE-2021-34506 (CVSS score: 5.4), the weakness stems from a universal cross-site scripting (UXSS) issue that's triggered when automatically (The Hacker News)

DMARC: The First Line of Defense Against Ransomware

There has been a lot of buzz in the industry about ransomware lately. Almost every other day, it's making headlines. With businesses across the globe holding their breath, scared they might fall victim to the next major ransomware attack, it is now time to take action. The FBI IC3 report of 2020 classified Ransomware as the most financially damaging cybercrime of the year, with no major (The Hacker News)

Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground

After 500 million LinkedIn enthusiasts were affected in a data-scraping incident in April, it's happened again - with big security ramifications. (Threatpost)

5G Security Vulnerabilities Fluster Mobile Operators

A survey from GSMA and Trend Micro shows a concerning lack of security capabilities for private 5G networks (think factories, smart cities, industrial IoT, utilities and more). (Threatpost)

NVIDIA Patches High-Severity GeForce Spoof-Attack Bug

A vulnerability in NVIDIA’s GeForce Experience software opens the door to remote data access, manipulation and deletion. (Threatpost)

Attackers Breach Microsoft Customer Service Accounts

American IT companies and government have been targeted by the Nobelium state-sponsored group.   (Threatpost)

Microsoft Signs Malware That Spreads Through Gaming

The driver, called "Netfilter," is a rootkit that talks to Chinese C2 IPs and aims to spoof gamers' geo-locations to cheat the system and play from anywhere, Microsoft said.


Critical CISO Initiatives for the Second Half of 2021

Saryu Nayyar, CEO at Gurucul, goes over what defenses CISOs need now, and how and why to prioritize the options. (Threatpost)


/security-daily/ 29-06-2021 23:44:23