Security daily (28-07-2020)

Security professionals lose ‘central watering hole’ with demise of Peerlyst

For years, the Peerlyst social network has been a resource for software developers looking for a job or cybersecurity enthusiasts wanting to host meetups across the world. But on Aug. 27, the website will shut down, Peerlyst founder Limor Elbaz said Monday, citing financial pressure. “[W]e are realizing that we would not be able to grow [the website] as a VC-backed business without making huge compromises on quality,” Elbaz wrote, encouraging users of the platform to save a copy of their collaborations. Cybersecurity professionals lamented the end of the platform. “I took the news hard,” said J. Wolfgang Goerlich, an advisory CISO at Duo Security who has posted nearly 700 times on Peerlyst. “With the Peerlyst going away, we’re losing a central watering hole. The conversations may continue over LinkedIn and Facebook groups. But the loss of a dedicated security social media site will be felt for some time.” The site […] The post Security professionals lose ‘central watering hole’ with demise of Peerlyst appeared first on CyberScoop. (CyberScoop)

New VPN flaws highlight proven pathway for hackers into industrial organizations

Sometime in the second half of 2019, suspected Iranian hackers started burrowing into the network of an unnamed organization in the Middle East. What likely began, according to investigators, as a breach of a virtual private network application led to a compromise of the organization’s administrative network accounts. It culminated in a data-wiping attack on Dec. 29 that hit most of the machines on the organization’s IT network. A forensic report on the attack produced by Saudi cybersecurity officials warns industrial companies to secure VPN connections, which employees use for remote connectivity, lest they become a valuable foothold for hackers in search of sensitive data. Seven months later, with the rise in remote work during the coronavirus pandemic, that advice is even more critical. On Tuesday, researchers from cybersecurity company Claroty drove the point home by publishing data on multiple remote-connectivity products popular in the oil, gas and other industrial […] The post New VPN flaws highlight proven pathway for hackers into industrial organizations appeared first on CyberScoop. (CyberScoop)

Islamic State propaganda efforts struggle after Telegram takedowns, report says

The Islamic State terrorist group is reportedly struggling to regain a foothold on mainstream social networks amid tighter controls from technology firms and ongoing attention from the U.S. military. As major networks have stifled the group, it has tried to build a presence on a number of marginal social media platforms, only to be met “by increasing efforts by these companies to bring down content,” the European Union’s law enforcement agency, Europol, said Tuesday in a report examining the extremist group’s activities over 2019. Telegram, previously the primary source of terrorist propaganda online, according to Europol, said in November that it had removed more than 5,000 “terrorist accounts and bots” during a two day effort against the group, an uptick from the typical average of 200 to 300 removals. Since then, IS supporters have shifted to more fringe services, like the Russia-based TamTam and Hoop Messenger, which is hosted in Canada. Extremists also have […] The post Islamic State propaganda efforts struggle after Telegram takedowns, report says appeared first on CyberScoop. (CyberScoop)

North Korean hackers are stepping up their ransomware game, Kaspersky finds

While cybercriminals have been ramping up their ransomware attacks against businesses, schools, and governments, rarely have state-backed hackers relied on ransomware to make a buck. But in recent months it appears that government hackers from North Korea want a piece of the pie, too, according to Kaspersky research. In two incidents earlier this year affecting two businesses — one in France and one in Asia — hackers tied to the Lazarus Group deployed a little-known ransomware strain called VHD, which is designed to steal money from victims. A few characteristics tipped off Kaspersky researchers to Lazarus Group’s operations — Kaspersky found few public references and samples of VHD ransomware in their telemetry, indicating the strain was likely not the work of a cybercriminal. Additionally, in one of the intrusions, the researchers noted a spreading utility — which would allow it to proliferate within victim networks — was compiled with credentials specific to the […] The post North Korean hackers are stepping up their ransomware game, Kaspersky finds appeared first on CyberScoop. (CyberScoop)

Business anti-virus products put to the test – which received the highest score?

If you want to find out how different business anti-virus products performed in the tests, and how the one that protects your business fared, check out the report right now. (Graham Cluley)

Bank of Ireland fined €1.66 million after being tricked by fraudster

One of Ireland’s largest banks, Bank of Ireland, has been fined almost €1.7 million after regulators discovered it had failed to inform financial regulators and the police after a fraudster tricked them into transferring funds from a client’s account. Read more in my article on the Hot for Security blog. (Graham Cluley)

Google blames algorithm for adding porn titles to train station search results

If you searched on Google for details of your nearest train station in parts of New York state, you might be in for a rude surprise. (Graham Cluley)

Firefox 79 is out – it’s a double-update month so patch now!

It's a Blue Moon month for Firefox - the second full update in July! (Naked Security)

MI6 Tried To Intervene In Independent Court Tribunal

(News ≈ Packet Storm)

Kaspersky: North Korean Hackers Are Behind The VHD Ransomware

(News ≈ Packet Storm)

Facebook Takes The EU To Court Over Privacy Spat

(News ≈ Packet Storm)

Dave ShinyHunters Hack Exposes 7.5 Million User Records

(News ≈ Packet Storm)

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs

Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud.

Docker is a popular platform-as-a-service (PaaS) solution for Linux and Windows designed to make it easier for developers to (The Hacker News)

Lazarus Group Brings APT Tactics to Ransomware

A new ransomware, VHD, was seen being delivered by the nation-state group's multiplatform malware platform, MATA. (Threatpost)

Podcast: Security Lessons Learned In Times of Uncertainty

Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020. (Threatpost)

Researchers Warn of High-Severity Dell PowerEdge Server Flaw

A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations. (Threatpost)


/security-daily/ 29-07-2020 23:44:22