Security daily (30-10-2020)

How to implement password-less authentication with Amazon Cognito and WebAuthn

In this blog post, I show you how to offer a password-less authentication experience to your customers. To do this, you’ll allow physical security keys or platform authenticators (like finger-print scanners) to be used as the authentication factor to your web or mobile applications that use Amazon Cognito user pools for authentication. An Amazon Cognito […] (AWS Security Blog)

Iranian hackers probed election-related websites in 10 states, US officials say

Suspected Iranian hackers have probed the election-related websites of 10 states and, in one case, accessed voter registration data, federal personnel told election security officials on Friday. The hackers were conducting broad scanning of state and local websites at the end of September, then attempted to exploit the websites and nab voter data, officials from the FBI and Department of Homeland Security said during a phone briefing. They successfully compromised one database, according to Jermaine Roebuck, an official at DHS’s Cybersecurity and Infrastructure Security Agency. “We have confirmed that in at least one state the threat actor did obtain [access] to a voter registration database by abusing a website misconfiguration,” he said. “We are aware of the specific states that were targeted in this activity and we’re actively coordinating with those states currently to ensure proper remediation.” The suspected Iranian hackers have been attempting to exploit known software vulnerabilities in their search for voter data, federal […] The post Iranian hackers probed election-related websites in 10 states, US officials say appeared first on CyberScoop. (CyberScoop)

How cloud transformation helps stop emerging threats

Automation, agility, efficiency and cost play critical roles in accelerating public sector transformation through the cloud, according to an experienced cybersecurity-focused executive with an eye on the future. They also are provide a smarter, more progressive approach to protecting data, said Rajiv Gupta, a senior vice president in the cloud security business unit at McAfee, during an Oct. 20 presentation at CyberTalks, the annual summit of government and private sector leaders presented by Scoop News Group. The need to consider more modern security approaches has taken on new urgency since the COVID-19 pandemic impacted U.S. firms, forcing leaders to reconsider many of their operating assumptions. “Not only have you seen, in the U.S., employees working from home but, in many cases, the employees accessing large public cloud services,” Gupta said during a keynote presentation. “What we’ve seen is that a threat landscape has changed, the threat vectors have changed, the […] The post How cloud transformation helps stop emerging threats appeared first on CyberScoop. (CyberScoop)

Adobe Flash – it’s the end of the end of the end of the road at last

The journey to the end of Flash. Are we there yet? (Naked Security)

S3 Ep4: Now THAT’S what I call a fire alarm! [Podcast]

Listen to the Naked Security podcast! (Naked Security)

Experian's GDPR Fine Leaves Companies Scrambling

(News ≈ Packet Storm)

Google Discloses Windows Zero-Day Exploited In The Wild

(News ≈ Packet Storm)

NVIDIA Patches Critical Information Disclosure Bug

(News ≈ Packet Storm)

Marriott Gets Data Breach Fine Lowered To $23.8 Million

(News ≈ Packet Storm)

Reflected XSS in WordPress v5.5.1 and Lower

WordPress released version 5.5.2 yesterday, which fixed a reflected XSS vulnerability we reported earlier this year. The root cause of this issue is a bug in the way WordPress determines a user’s current page, and which may cause a few other problems as well. Are You Affected? This vulnerability is exploitable on every WordPress site and user account. For the exploit to be successful, the attacker must trick an unsuspecting user into clicking on a malicious link or visiting a booby-trapped website. Continue reading Reflected XSS in WordPress v5.5.1 and Lower at Sucuri Blog. (Sucuri Blog)

Bridging the Gap Between Application and Network Security with CleanBrowsing

When we started Sucuri we set out to make enterprise security accessible, affordable, and effective for every day webmasters. It was at a time when open-source platforms like WordPress, Joomla!, Drupal, and others were changing the web landscape. With them came an entirely new generation of administrators who had no idea that they were now webmasters — but they shared the same responsibilities that large enterprises had around ensuring the Confidentiality, Integrity and Availability (CIA) of their web applications. Continue reading Bridging the Gap Between Application and Network Security with CleanBrowsing at Sucuri Blog. (Sucuri Blog)

Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers

Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the campaign involves the use of SLUB (for SLack and githUB) malware and two new backdoors — dneSpy and (The Hacker News)

Crippling Cyberattacks, Disinformation Top Concerns for Election Day

Cyber-researchers weigh in on what concerns them the most as the U.S. heads into the final weekend before the presidential election -- and they also highlight the positives. (Threatpost)

WordPress Patches 3-Year-Old High-Severity RCE Bug

In all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software. (Threatpost)

Firestarter Android Malware Abuses Google Firebase Cloud Messaging

The DoNot APT threat group is leveraging the legitimate Google Firebase Cloud Messaging server as a command-and-control (C2) communication mechanism. (Threatpost)

Wisc. GOP’s $2.3M MAGA Hat Debacle Showcases Fraud Concerns

Scammers bilked Wisconsin Republicans out of $2.3 million in a basic BEC scam — and anyone working on the upcoming election needs to pay attention.    (Threatpost)

Halloween News Wrap: The Election, Hospital Deaths and Other Scary Cyberattack Stories

Threatpost breaks down the scariest stories of the week ended Oct. 30 haunting the security industry -- including bugs that just won't die. (Threatpost)

Wroba Mobile Banking Trojan Spreads to the U.S. via Texts

The Roaming Mantis group is targeting the States with a malware that can steal information, harvest financial data and send texts to self-propagate. (Threatpost)

Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers. (Threatpost)


/security-daily/ 31-10-2020 23:44:23