Security daily (30-07-2020)

Over 150 AWS services now have a security chapter

We’re happy to share an update on the service documentation initiative that we first told you about on the AWS Security Blog in June, 2019. We’re excited to announce that over 150 services now have dedicated security chapters available in the AWS security documentation. In case you aren’t familiar with the security chapters, they were […] (AWS Security Blog)

042| The Encryption Debate Rages On

Encryption plays a critical role in protecting our data from hackers and theft. But at the same time, it presents a challenge for law enforcement when it comes to their work catching dangerous criminals and terrorists. What are the possible options at the end of the encryption debate, and are any of them actually viable? How can we protect our data while still enabling law enforcement to do their jobs? Erka Koivunen, CISO of F-Secure, joins us to discuss the encryption "sweet spot" that we've currently found, why some parties want to change it, and why there are no easy answers. Links Episode 42 transcript New York Times The Daily podcast "A Criminal Underworld of Child Abuse, Part 2" (Cyber Security Sauna)

For North Korea, phishing with fake job-recruitment emails never gets old

Give someone an undetected software exploit and they’ll have access to a system for a day, the security researcher The Grugq once said, but teach them to phish and they’ll have “access for life.” North Korean hackers have been following that bit of social-engineering wisdom to a T. In recent years, they have consistently posed as job recruiters to try to phish their way into the networks of aerospace and defense firms on multiple continents. The latest activity— a months-long spying campaign against aerospace and defense firms — was revealed this week by researchers from McAfee. Malware from the campaign has been detected in the U.S. and Europe. The suspected North Korean hackers appear to be spearphishing their targets using Microsoft Word documents with job descriptions involving active defense contracts, according to McAfee. Their goal is to use that foothold to plant additional code to gather data on their targets, the researchers said. […] The post For North Korea, phishing with fake job-recruitment emails never gets old appeared first on CyberScoop. (CyberScoop)

EU sanctions Russian intelligence, Chinese nationals and a North Korean front company for alleged hacks

The European Union has sanctioned six people and three organizations in Russia, China and North Korea in connection with three major cyberattacks dating back to 2017. EU officials announced Thursday they would enact restrictive measures against the people it deemed responsible for the WannaCry ransomware outbreak in 2017, the NotPetya campaign and Operation Cloud Hopper, a Chinese cyber-espionage effort. Penalties include a travel ban, asset freeze and prohibit people and organizations in the EU from “making funds available” to the sanctioned individuals and entities. The move follows previous U.S. allegations against many of the same parties. “Sanctions are one of the options available in the EU’s cyber diplomacy toolbox to prevent, deter and respond to malicious cyber activities directed against the EU or its member states, and today is the first time the EU has used this tool,” officials said in a statement. The sanctions name unit 74455 of Russia’s […] The post EU sanctions Russian intelligence, Chinese nationals and a North Korean front company for alleged hacks appeared first on CyberScoop. (CyberScoop)

Zoom bug meant attackers could brute force their way into password-protected meetings

Zoom has patched a security hole that could have allowed attackers to break their way into password-protected private calls. Read more in my article on the Hot for Security blog. (Graham Cluley)

Smashing Security podcast #189: DNA cock-up, Garmin hack, and virtual kidnappings

Why are students faking their own kidnappings? What’s the story behind Garmin’s ransomware attack? And a genetic genealogy website suffers a hack or two. All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Ray REDACTED. (Graham Cluley)

Servers at risk from “BootHole” bug – what you need to know

We explain the "BootHole" vulnerability - as usual, in plain English and without hype. Find if you're affected and what to do. (Naked Security)

Build Websites the Easy Way with Sparkle Pro

If you're a hacker, pentester, or any other type of Null Byte reader, and would like to create a website to showcase your services and skill set, you may not have the time or energy to do it the long way.

Even if you're an absolute coding pro who's well-versed in multiple web-building languages, you should be thankful that you no longer need to wade through countless lines of HTML to build a truly responsive website from scratch.

The WordPress revolution has made it incredibly easy to build pro-level websites without the time-consuming programming that slows you down, but WordPress is no... more (Null Byte « WonderHowTo)

Cisco Flaws Fixed In Data Center Network Manager

(News ≈ Packet Storm)

Levandowski Asks Judge Not To Send Him To Prison Over IP Theft

(News ≈ Packet Storm)

Botnet Abuses Docker Servers And Crypto Blockchain

(News ≈ Packet Storm)

Two Tor Zero Days Disclosed, More To Come

(News ≈ Packet Storm)

SEO Hacktool: Sitemap Generator

An XML sitemap is an important part of a website’s SEO and exists to help search engine crawlers index new URLs on your website. For example, if a site has a large number of pages that were recently updated and the owner wants Google to index their latest content, they could utilize a sitemap.xml containing all the URLs along with some metadata. Unfortunately, blackhat SEO spammers are well aware of sitemap.xml’s abilities and use tools to assist in generating malicious sitemap files that direct search engine crawlers like Googlebot to prioritize their SEO spam content. Continue reading SEO Hacktool: Sitemap Generator at Sucuri Blog. (Sucuri Blog)

Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants.

Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who identified the issue, the lack of rate (The Hacker News)

Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes

Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts. (Threatpost)

Doki Backdoor Infiltrates Docker Servers in the Cloud

The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet. (Threatpost)

Critical, High-Severity Cisco Flaws Fixed in Data Center Network Manager

The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices. (Threatpost)

Vermont Taxpayers Warned of Data Leak Over the Past Three Years

A vulnerability in the state’s system may have exposed personal data that can be used for credential theft for those who filed Property Transfer Tax returns online. (Threatpost)


/security-daily/ 31-07-2020 23:44:24