] The Mad Hacker [

online
mad hacker

Collecting all the news about Cybersecurity, computer security, cracking, hacking, infosec, netsec, & security vunerabilities in one convenient place

Whitehat, greyhat, blackhat, tinker, tailor, solider, spy
We trawl the web so you don't have to
Since 2000

the mad hacker overlay

Time to practice QRiosity? The security dangers of QR codes

(Wednesday October 21, 2020)
It seemed like such a good idea at the time, but Masahiro Hara has regrets. He’s the engineer responsible for the quick response (QR) code – that square block of pixels that now adorns everything from restaurant tables to subway posters. The problem? They’re just not secure enough. “Now that it’s used for payments, I […] The post Time to practice QRiosity? The security dangers of QR codes [https://www.itsecurityguru.org/2020/10/21/time-to-practice-qriosity-the-security-dangers-of-qr-codes/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks

(Wednesday October 21, 2020)
Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browsers include UCWeb, Yandex Browser, Bolt Browser, and RITS Browser. The flaws were discovered by Pakistani

Ransomware Attacks Show Little Sign of Slowing in 2021

(Tuesday October 20, 2020)
Attackers have little motivation to stop when businesses are paying increasingly larger ransoms, say security experts who foresee a rise in attacks.

The Cybersecurity Community Demands Transparency, Not Legal Threats

(Tuesday October 20, 2020)
In response to our Cloud Security Punch-Out! videos, Palo Alto Networks sent this cease and desist letter, demanding the comparison be removed. Here is my response.

Ransomware Group Makes Splashy $20K Donation to Charities

(Tuesday October 20, 2020)
Cybercriminal gang Darkside sent $20K in donations to charities in a ‘Robin Hood’ effort that’s likely intended to draw attention to future data dumps, according to experts.

Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization

(Tuesday October 20, 2020)
This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU) component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module must upload a mixed mode .NET assembly DLL which is then loaded through the deserialization flaw. Uploading the file requires knowledge of the cryptographic keys used by RAU. The default values used by this module are related to CVE-2017-11317, which once patched randomizes these keys. It is also necessary to know the version of Telerik UI ASP.NET that is running. This version number is in...

Red Hat Security Advisory 2020-4273-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4273-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection and traversal vulnerabilities.

Red Hat Security Advisory 2020-4265-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4265-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include cross site scripting and information leakage vulnerabilities.

Ubuntu Security Notice USN-4593-1

(Tuesday October 20, 2020)
Ubuntu Security Notice 4593-1 - Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

Gentoo Linux Security Advisory 202010-06

(Tuesday October 20, 2020)
Gentoo Linux Security Advisory 202010-6 - Ark was found to allow arbitrary file overwrite, possibly allowing arbitrary code execution. Versions less than 20.04.3-r2 are affected.

Gentoo Linux Security Advisory 202010-05

(Tuesday October 20, 2020)
Gentoo Linux Security Advisory 202010-5 - Multiple vulnerabilities have been found in LibRaw, the worst of which may allow attackers to execute arbitrary code. Versions less than 0.20.0 are affected.

WordPress Colorbox Lightbox 1.1.1 Cross Site Scripting

(Tuesday October 20, 2020)
WordPress Colorbox Lightbox plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.

Red Hat Security Advisory 2020-4276-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4276-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

LISTSERV Maestro 9.0-8 Remote Code Execution

(Tuesday October 20, 2020)
An unauthenticated remote code execution vulnerability was found in the LISTSERV Maestro software, versions 9.0-8 and below. This vulnerability stems from a known issue in struts, CVE-2010-1870, that allows for code execution via OGNL Injection. This vulnerability has been confirmed to be exploitable in both the Windows and Linux version of the software and has existed in the LISTSERV Maestro software since at least version 8.1-5. As a result, a specially crafted HTTP request can be constructed that executes code in the context of the web application. Exploitation of this vulnerability does...

Ubuntu Security Notice USN-4592-1

(Tuesday October 20, 2020)
Ubuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

Red Hat Security Advisory 2020-4290-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4290-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.

WordPress Rest Google Maps SQL Injection

(Tuesday October 20, 2020)
WordPress Rest Google Maps plugin versions prior to 7.11.18 suffer from a remote SQL injection vulnerability.

Gentoo Linux Security Advisory 202010-04

(Tuesday October 20, 2020)
Gentoo Linux Security Advisory 202010-4 - Multiple vulnerabilities have been found in libxml2, the worst of which could result in a Denial of Service condition. Versions less than 2.9.10 are affected.

Linux / Unix su Privilege Escalation

(Tuesday October 20, 2020)
This Metasploit module attempts to create a new login session by invoking the su command of a valid username and password. If the login is successful, a new session is created via the specified payload. Because su forces passwords to be passed over stdin, this module attempts to invoke a pseudo-terminal with python, python3, or script.

Red Hat Security Advisory 2020-4291-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4291-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

Visitor Management System In PHP 1.0 SQL Injection

(Tuesday October 20, 2020)
Visitor Management System in PHP version 1.0 suffers from an authenticated remote SQL injection vulnerability.

User Registration And Login And User Management System 2.1 Cross Site Scripting

(Tuesday October 20, 2020)
User Registration and Login and User Management System with admin panel version 2.1 suffers from a persistent cross site scripting vulnerability.

Red Hat Security Advisory 2020-4286-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4286-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

Gentoo Linux Security Advisory 202010-03

(Tuesday October 20, 2020)
Gentoo Linux Security Advisory 202010-3 - An information disclosure vulnerability in libjpeg-turbo allow remote attackers to obtain sensitive information. Versions 2.0.4-r1 are affected.

WordPress HS Brand Logo Slider 2.1 Shell Upload

(Tuesday October 20, 2020)
WordPress HS Brand Logo Slider plugin version 2.1 suffers from a remote shell upload vulnerability.

Red Hat Security Advisory 2020-4289-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4289-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

Ubuntu Security Notice USN-4591-1

(Tuesday October 20, 2020)
Ubuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

Ultimate Project Manager CRM PRO 2.05 SQL Injection

(Tuesday October 20, 2020)
Ultimate Project Manager CRM PRO versions 2.0.5 and below suffer from a remote SQL injection vulnerability.

Apache Struts 2 Remote Code Execution

(Tuesday October 20, 2020)
Apache Struts 2 DefaultActionMapper Prefixes OGNL remote code execution exploit.

Red Hat Security Advisory 2020-4287-01

(Tuesday October 20, 2020)
Red Hat Security Advisory 2020-4287-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and information leakage vulnerabilities.

NSA Publishes List Of Vulns Targeted By Chinese Hackers

(Tuesday October 20, 2020)

FCC Trying To Help Trump Win Election With Twitter Crackdown

(Tuesday October 20, 2020)

Mysterious Robin Hood Hackers Donating Stolen Money

(Tuesday October 20, 2020)

Russian Hackers Targeted Tokyo Olympics, UK Says

(Tuesday October 20, 2020)

Do Standards Exist That Certify Secure IoT Systems?

(Tuesday October 20, 2020)
The IoT industry remains fragmented with a lot of players, big and small, churning out a lot of products.

NSA Reveals the Top 25 Vulnerabilities Exploited by Chinese Nation-State Hackers

(Tuesday October 20, 2020)
Officials urge organizations to patch the vulnerabilities most commonly scanned for, and exploited by, Chinese attackers.

Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio

(Tuesday October 20, 2020)
The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month.

The Cybersecurity Maturity Model Certification: Are You in Compliance?

(Tuesday October 20, 2020)

A script i wrote that automates the exfiltration of data over dns in case we have a blind command execution with restricted outbound connectivity. Works with bash and powershell and is compatible with exec style command execution (e.g. java.lang.Runtime)

(Tuesday October 20, 2020)
A bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked. - vp777/DNS-data-exfiltration

Russian “government hackers” charged with cybercrimes by the US

(Tuesday October 20, 2020)
What can we learn from the US DOJ indictments against the "Sandworm Team"?

Facebook: A Top Launching Pad For Phishing Attacks

(Tuesday October 20, 2020)
Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users.

Farsight Labs Launched as Security Collaboration Platform

(Tuesday October 20, 2020)
Farsight Security's platform will offer no-cost access to certain tools and services.

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

(Tuesday October 20, 2020)
Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud.

Life post-acquisition: A people-centric plan to get you total data security a lot faster

(Tuesday October 20, 2020)
Getting acquired can be an emotional rodeo. Some days are crazy excitement and others are heartache over the unknowns ahead. It’s natural – we’re human. I remember years ago sitting in a doctor’s office staring at a poster about the “10 most stressful life events” and “starting a new job” was #4. But truthfully, I’m […] The post Life post-acquisition: A people-centric plan to get you total data security a lot faster [https://www.imperva.com/blog/life-post-acquisition-a-people-centric-plan-to-get-you-total-data-security-a-lot-faster/] appeared first on Blog...

CISO Spotlight: How diversity of data (and people) defeats today’s cyber threats

(Tuesday October 20, 2020)
This year, we have seen five significant security paradigm shifts in our industry. This includes the acknowledgment that the greater the diversity of our data sets, the better the AI and machine learning outcomes. This diversity gives us an advantage over our cyber adversaries and improves our threat intelligence. It allows us to respond swiftly… The post CISO Spotlight: How diversity of data (and people) defeats today’s cyber threats [https://www.microsoft.com/security/blog/2020/10/20/ciso-spotlight-how-diversity-of-data-and-people-defeats-todays-cyber-threats/] appeared first on...

Businesses Rethink Endpoint Security for 2021

(Tuesday October 20, 2020)
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?

Newly released PyRDP 1.0 has many new features including CredSSP support and clipboard file transfer interception

(Tuesday October 20, 2020)
PyRDP 1.0 is out and comes with cool new features several improvements and bug fixes

Office 365 OAuth Attack Targets Coinbase Users

(Tuesday October 20, 2020)
Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth.

GitHub Pages - Multiple RCEs via insecure Kramdown configuration

(Tuesday October 20, 2020)
I was keeping an eye on the GitHub Enterprise release notes to see when a patch for my previous bug would land, and when it did there was also a critical fix for an issue in Kramdown:

Segmentation Vault: Cloning Thick Client Access

(Tuesday October 20, 2020)
Vault: Cloning Thick Client Access OVERVIEW I started out this research having taken some inspiration from for easily exfiltrating and using a victim’s Chromium based web browser cookies. I was working on a red team engagement and was out of luck as the cookies I had on that occasion for Office 365 in the browser were out of date. I looked through the output from GhostPack’s Seatbelt tool and noticed some content from Windows Credential Manager or “Windows Vault”. Some of the...

Nationwide survey of workers shows they’re losing the will to Zoom

(Tuesday October 20, 2020)
A little over 7 months ago barely any of us had heard of Zoom, but since the pandemic, its users have jumped from 10 million to 300 million at its peak. Yet with Zoom calls becoming part of our everyday workplace routine, you may be surprised at the habits that many Brits have adopted. A […] The post Nationwide survey of workers shows they’re losing the will to Zoom [https://www.itsecurityguru.org/2020/10/20/nationwide-survey-of-workers-shows-theyre-losing-the-will-to-zoom/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Windows GravityRAT Malware Now Also Targets macOS and Android Devices

(Tuesday October 20, 2020)
A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbed "GravityRAT" — now masquerades as legitimate Android and macOS apps to capture device data, contact

Building the Human Firewall

(Tuesday October 20, 2020)
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?

Download Ultimate 'Security for Management' Presentation Template

(Tuesday October 20, 2020)
There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, we'll refer to this individual as the CISO. This person is the

Twitter 2020 Hack Caused by Fake VPN Login Page

(Tuesday October 20, 2020)
The investigative report of the infamous Twitter hack of July 2020 has revealed that the attackers used social engineering skills and phishing links to dupe remote Twitter employees into providing their credentials. On July 15, 2020, a 17-year old hacker and his accomplices seized control of dozens of high-profile users’ accounts, including Barack Obama, Kim […]

Reimagining how work gets done

(Tuesday October 20, 2020)
The global pandemic has brought unprecedented challenges to all parts of our lives and people are starting to reimagine how work might change. The post Reimagining how work gets done [https://blogs.cisco.com/news/reimagining-how-work-gets-done] appeared first on Cisco Blogs [https://blogs.cisco.com].

Mobile Browser Bugs Open Safari, Opera Users to Malware

(Tuesday October 20, 2020)
A set of address-spoofing bugs affect users of six different types of mobile browsers, with some remaining unpatched.

Confronting Data Risk in the New World of Work

(Tuesday October 20, 2020)
With Stanford research showing that nearly half of the U.S. labor force is now working from home full-time, insider threats are a much more difficult problem.

BrandPost: Leveraging Training as a Solution to the Cybersecurity Skills Gap

(Tuesday October 20, 2020)
By now, the majority of industry professionals are aware of the cybersecurity skills gap and its impact on organizations’ abilities to consistently protect their data and networks. The coronavirus pandemic has only amplified the issue, manifesting the economic strain that has forced many business leaders to make budget cuts and furlough, or even lay off, critical employees. Meanwhile, cyber criminals saw the pandemic as an excellent opportunity to execute attacks on vulnerable networks as more employees shifted to remote work. Fortinet’s ’s programs enable IT professionals,...

Trickbot Tenacity Shows Infrastructure Resistant to Takedowns

(Tuesday October 20, 2020)
Both the US Cyber Command and a Microsoft-led private-industry group have attacked the infrastructure used by attackers to manage Trickbot -- but with only a short-term impact.

People who have WOWED us over 25 years

(Tuesday October 20, 2020)
Yvonne Eskenzi, founder and director of Eskenzi PR & Marketing celebrates 25 years in business with a series of discussions with experts and trailblazers of the cybersecurity industry. Episode 4: Yvonne talks with Teresa Cottam, chief analyst at Omnisperience, and expert in the Digital Economy. Cottam is renowned for helping companies create compelling experiences that […] The post People who have WOWED us over 25 years [https://www.itsecurityguru.org/2020/10/20/people-who-have-wowed-us-over-25-years-3/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

BrandPost: SASE in Practice: Grocery Chain Achieves Integrated, Secure Networking

(Tuesday October 20, 2020)
The security landscape has rapidly changed as result of the evolving workspace, ever-new and more sophisticated cybersecurity threats, and continued adoption of cloud infrastructure. The ramifications for security teams are significant. There are now seemingly endless endpoints to protect, creating greater complexity to manage and less visibility across the IT environment. To address these challenges, security too must move to the cloud—with the goal of achieving consolidated, converged services that provide secure networking, including for multi-cloud environments. That includes...

US DOJ indictments might force Russian hacker group Sandworm to retool

(Tuesday October 20, 2020)
The US Department of Justice (DOJ) .

Google’s Waze Can Allow Hackers to Identify and Track Users

(Tuesday October 20, 2020)
The company already patched an API flaw that allowed a security researcher to use the app to find the real identity of drivers using it.

Google to remove location sharing app

(Tuesday October 20, 2020)
Google is removing the Trusted Contacts app from the Play store. This app allowed users to nominate certain contacts to track their location as well as providing their location when they didn’t respond. Instead of this app, Google has integrated a similar software into Google Maps. However, in this reimagined version, users need to have […] The post Google to remove location sharing app [https://www.itsecurityguru.org/2020/10/20/google-to-remove-location-sharing-app/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Bitcoin mixer fined $60 million

(Tuesday October 20, 2020)
The US Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued its first penalty to a cryptocurrency mixing service. Both Helix and Coin Ninja have been fined $60 million by the US Treasury. The FinCEN fine was issued to Larry Deam Harmon, the founder of Coin Ninja and Helix cryptocurrency mixers. The fines were […] The post Bitcoin mixer fined $60 million [https://www.itsecurityguru.org/2020/10/20/bitcoin-mixer-fined-60-million/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Russia set to attack the Olympics, again

(Tuesday October 20, 2020)
The UK government has released a statement outlining how Russian hackers were intending to attack the Tokyo Olympics. Their plans were to target the organisers, logistics and sponsors. Such attacks have already been carried out on previous Olympic Games, including the Winter Olympics in 2018. During this cyberattack, hackers released malware called OlympicDestoryer that attacked […] The post Russia set to attack the Olympics, again [https://www.itsecurityguru.org/2020/10/20/russia-set-to-attack-the-olympics-again/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

FBI Warns of 63 Spoofed Domains Impersonating the US Census Bureau

(Tuesday October 20, 2020)
Cybercriminals register fake US Census Bureau domains to dupe unsuspecting citizens to provide personal information and install malware, the FBI warns. In a flash alert published in coordination with the federal government statistical agency, the FBI notes that they have observed around 63 domains impersonating the US Census Bureau. “Spoofed domains (aka typosquatting) mimic legitimate […]

Avoiding the snags and snares in data breach reporting: What CISOs need to know

(Tuesday October 20, 2020)
Failing to report sensitive data breaches to US regulatory and law enforcement agencies just got more dangerous and confusing for CISOs and their organizations. If that failure is seen as a coverup, such as paying ransoms for retrieving sensitive data, it could lead to steep fines or jail time.(Insider Story)

Twitter Hack Investigation Report

(Tuesday October 20, 2020)
Report on Investigation of Twitter’s July 15, 2020 Cybersecurity Incident and the Implications for Election Security

U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks

(Tuesday October 20, 2020)
The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate (GRU), have been accused of perpetrating the "most disruptive and destructive series of computer attacks

NSS Labs Shuttered

(Monday October 19, 2020)
The testing firm's website says it has "ceased operations" as of Oct. 15.

Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns

(Monday October 19, 2020)
US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks.

UK and US accuse Russian hackers of targeting Tokyo Olympics

(Monday October 19, 2020)
Russian is accused of "wantonly causing unprecedented collateral damage to pursue small tactical advantages as fits of spite", hacking broad targets like Olympics organisers, the French election and US hospitals and businesses.

GravityRAT Spyware Targets Android & MacOS in India

(Monday October 19, 2020)
The Trojan once used in attacks against Windows systems has been transformed into a multiplatform tool targeting macOS and Android.

IoT Vulnerability Disclosure Platform Launched

(Monday October 19, 2020)
VulnerableThings.com is intended to help vendors meet the terms of a host of new international IoT security laws and regulations.

Microsoft Tops Q3 List of Most-Impersonated Brands

(Monday October 19, 2020)
The technology sector was also the most likely targeted industry for brand phishing attacks, according to Check Point's latest report on brand phishing.

Rapper Scams $1.2M in COVID-19 Relief, Gloats with ‘EDD’ Video

(Monday October 19, 2020)
"Nuke Bizzle" faces 22 years in prison after brazenly bragging about an identity-theft campaign in his music video, "EDD."

BrandPost: Your People are Being Hacked: How to Defend Against Social Engineering During WFH

(Monday October 19, 2020)
_“To make your organization more secure, the answer is, was, and always will be in people.”_ Jenny Radcliffe is the Founder and Director of Human-Centered Security, a social-engineering-focused cybersecurity firm. Radcliffe is known as “The People Hacker”. She is hired by organizations to target their staff members with social engineering, and to leverage psychology and emotions to find vulnerabilities in the human side of their operations. When the pandemic struck, Radcliffe saw malicious actors take advantage of the chaos and leverage pandemic-themed social engineering within...

DOJ Charges 6 Sandworm APT Members in NotPetya Cyberattacks

(Monday October 19, 2020)
DOJ charges six Russian nationals for their alleged part in the NotPetya, Ukraine power grid and Olympics cyberattacks.

BrandPost: The New Security Landscape: How to Defend Your Organization

(Monday October 19, 2020)
_“It’s been really surprising, just the degree of inhumanity in some of these bad guys.”_ Kris McConkey works for the leading professional services firm PwC, where he acts as the Cyber Threat Operations Lead Partner for their clients in the United Kingdom. McConkey and his teams work directly with PwC’s clients, with an emphasis on threat intelligence, and incident response to high-sophistication threats. When the pandemic struck, and organizations shifted to a primarily arrangement, McConkey witnessed numerous changes in the security landscape—from both attackers and...

BrandPost: Long-Term WFH: How to Make it Secure and Sustainable

(Monday October 19, 2020)
_“Initially, it was a band-aid over a bullet hole.”_ Stephanie Aceves is a Director of Technical Account Management at Tanium, a provider of unified endpoint management and security solutions. Aceves works directly with , and a picture of how their priorities have changed in the last six months. Here’s what Aceves learned.

BrandPost: Unified Endpoint Security: Short-Lived Hype or Long-Term Trend?

(Monday October 19, 2020)
“A time of extreme uncertainty.” “A once-in-a-lifetime event.” “The ‘new normal.’ ” We’ve all heard these phrases relating to the global COVID-19 pandemic that hit the world without warning. But there’s another term that’s been making headlines in the cybersecurity space: “Unified Endpoint Security” or “UES.” What’s the story behind Unified Endpoint Security? Why is UES in the spotlight right now? And is UES a temporary hype or a trend that’s here to stay beyond the pandemic? Let’s take a closer look: TWO TRENDS ARE SHAPING THE ENDPOINT SECURITY...

Trickbot, Phishing, Ransomware & Elections

(Monday October 19, 2020)
The botnet has taken some hits lately, but that doesn't mean the threat is over. Here are some steps you can take to keep it from your door.

Naked Security Live – Ping of Death: are you at risk?

(Monday October 19, 2020)
Here's the latest Naked Security Live video - enjoy (and please share with your friends)!

7 Tips for Choosing Security Metrics That Matter

(Monday October 19, 2020)
Experts weigh in on picking metrics that demonstrate how the security team is handling operational efficiency and reducing risk.

Enter_The_Matrix (Tool) - NIST 800-30 Threat Matrix Generation

(Monday October 19, 2020)
Enter The Matrix is a tool to aid operators during a Risk Assessment in creating Threat Matrices and Directed Threat Graphs

Chart: The Pandemic Reprioritizes Security Projects

(Monday October 19, 2020)
Responses among IT and security pros reflect concern over vulnerabilities incurred by workers accessing the enterprise network from poorly protected home networks.

Trust

(Monday October 19, 2020)
If there’s one thing that makes the world go ‘round, it’s trust - trust in institutions, trust in science, trust in the economy, trust in each other. Trust is what protects our vulnerability; it’s behind the unspoken social contracts that keep us safe. Without trust, we’re done. And since the beginning of our love-hate relationship with the Web, we’ve been wondering: is computer-mediated communication eroding trust? Or, does it make trust stronger? Or, are we more likely to misplace it more now that we can’t see, touch and smell a person’s true intentions? Producer: Kate...

CloudSecDocs: technical notes, how-tos, and cheatsheets related to cloud-native technologies

(Monday October 19, 2020)
Cloud Security Docs - by Marco Lancini

A Swift Reminder About Cybersecurity

(Monday October 19, 2020)
The hackers gonna crack, crack, crack, crack, crack ...

Tech Resume Library: 20 downloadable templates for IT pros

(Monday October 19, 2020)
A well-crafted resume will attract recruiters, HR pros and hiring managers, but getting it just right is a daunting task. To jump start the process, Insider Pro has assembled this collection of real resumes revamped by professional resume writers. (Watch this space for new templates.)

Expert Tips to Keep WordPress Safe

(Monday October 19, 2020)
The most widely used content management system on the Web relies heavily on plug-ins and add-on software -- and that requires rigorous security measures at every level.

New Malware Uses Remote Overlay Attacks To Hijack Your Bank Account

(Monday October 19, 2020)

Fancy Bear Imposters Are On A Hacking Extortion Spree

(Monday October 19, 2020)

Microsoft Is The Most Imitated Brand For Phishing

(Monday October 19, 2020)

Hackers Smell Blood As Schools Grapple With Virtual Instruction

(Monday October 19, 2020)

Secret fragments: Remote code execution on Symfony based websites

(Monday October 19, 2020)
Remote code execution using Symfony's _fragment's page and unsecure secret values.

A New Risk Vector: The Enterprise of Things

(Monday October 19, 2020)
Billions of devices -- including security cameras, smart TVs, and manufacturing equipment -- are largely unmanaged and increase an organization's risk.