当前节点:rss
时间节点
2022年1月20日 03:34Security Boulevard
Problem Statement: One of our clients was using the Log4j software library to manage their logging services and hence, they were one of the at-risk companies that required an immediate...
The post Log4j Remediation (Case Study) appeared first on vSecureLabs.
The post Log4j Remediation (Case Study) appeared first on Security Boulevard.
问题陈述: 我们的一个客户使用 Log4j 软件库来管理他们的日志服务,因此,他们是需要立即..。
后 Log4j 补救(案例研究)首次出现在 vSecureLabs 上。
后 Log4j 补救(案例研究)首次出现在安全大道。
2022年1月20日 03:34Security Boulevard
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a live video feed of their faces via a mobile device.
The post IRS Will Soon Require Selfies for Online Access appeared first on Security Boulevard.
如果你在美国国税局(IRS)创建了一个在线账户来管理你的税务记录,那么这些登录凭证将在今年晚些时候失效。该机构表示,到2022年夏天,登录 irs. gov 的唯一途径将是通过 ID.me,这是一个在线身份验证服务,要求申请人提交账单和身份证明文件的副本,以及通过移动设备进行的面部实时视频传输。
美国国税局即将要求网上访问的自拍首先出现在安全大道。
2022年1月20日 03:34Security Boulevard
via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech®!
Permalink
The post Joy Of Tech® ‘Scenes From A Wordle’ appeared first on Security Boulevard.
通过漫画 Noggins 的硝基扎克和 Snaggy 在快乐的技术!
Permalink
科技场景的欢乐》最早出现在安全大道上。
2022年1月20日 03:34Security Boulevard
Our customers often ask us for help addressing the requirements of insurers. It’s clear that securing APIs and web apps is increasingly top of mind for insurers; our customers tell us that these are the 10 most common controls insurers are looking at:  Managed vulnerabilities  Patched systems and applications Protected privileged accounts Prepared and tested […]
The post How ThreatX Can Help Address Cyber Insurance Critical Controls appeared first on ThreatX.
The post How ThreatX Can Help Address Cyber Insurance Critical Controls appeared first on Security Boulevard.
我们的客户经常要求我们帮助解决保险公司的要求。显然,保护 api 和网络应用程序越来越成为保险公司的头等大事; 我们的客户告诉我们,这些是保险公司正在关注的10个最常见的控制措施: 管理漏洞补丁系统和应用程序受保护的特权账户准备和测试[ ... ]
如何帮助解决网络保险关键控制的帖子首先出现在威胁网站上。
最早出现在安全大道上的帖子是《 How ThreatX Can Help Address Cyber Insurance Critical Controls 》。
2022年1月20日 03:31The Daily Swig | Cybersecurity
Uncheck risky setting option offered
提供的取消选中有风险的设置选项
2022年1月20日 02:09malware.news
On Jan. 15, 2022, a set of malware dubbed WhisperGate was reported to have been deployed against Ukrainian targets. The incident is widely reported to contain three individual components deployed by the same adversary, including a malicious bootloader that corrupts detected local disks, a Discord-based downloader and a file wiper. The activity occurred at approximately the same time multiple websites belonging to the Ukrainian government were defaced.
This blog covers the malicious bootloader in more detail.
Details
The installer component for the bootloader has an SHA256 hash of
a196c6b8ffcb97ffb276d04f354696e2391311db3841ae16c8c9f56f36a38e92
and contains a build timestamp of 2022-01-10 10:37:18 UTC. It was built using MinGW, similar to the file-wiper component. This component overwrites the master boot record (MBR) of an infected host with a malicious 16-bit bootloader with a SHA256 hash of
44ffe353e01d6b894dc7ebe686791aa87fc9c7fd88535acc274f61c2cf74f5b8
that displays a ransom note when the host boots (Figu
2022年1月20日 01:39malware.news
AWS, CrowdStrike, Exabeam, and Google Cloud Chronicle are operationalizing the new platform.
Article Link: Deloitte launches new SaaS cyber threat detection and response platform | ZDNet
1 post - 1 participant
Read full topic
和 Google Cloud Chronicle 正在运行这个新平台。
文章链接: 德勤推出新的 SaaS 网络威胁检测和响应平台 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月20日 01:39malware.news
Palo Alto Networks Unit 42 and Group-IB helped law enforcement officials disrupt the ring, which was in possession of more than 800,000 potential victim domain credentials.
Article Link: Interpol and Nigerian police bust cybercrime BEC ring | ZDNet
1 post - 1 participant
Read full topic
帕洛阿尔托网络42单元和 Group-IB 帮助执法官员瓦解了这个团伙,该团伙拥有超过80万个潜在的受害者域名凭证。
文章链接: 国际刑警组织和尼日利亚警方破获 BEC 环网络犯罪 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月20日 01:37Software Integrity Blog
Unique open source licenses provide amusement for developers but they create extra work for legal teams overseeing a company’s IP.
The post Bob Saget and open source license compliance appeared first on Software Integrity Blog.
独特的开源许可证为开发人员提供了娱乐,但是它们为监督公司 IP 的法律团队创造了额外的工作。
后 Bob Saget 和开源许可证遵从首先出现在软件完整性博客上。
2022年1月20日 01:34Files ≈ Packet Storm
Whitepaper that gives an overview of the LightSpeed cache vulnerability as noted in CVE-2020-29172.
概述 cve-2020-29172中提到的 LightSpeed 缓存漏洞的白皮书。
2022年1月20日 01:34Files ≈ Packet Storm
VMware Security Advisory 2022-0002 - VMware Workstation and Horizon Client for Windows updates address a denial of service vulnerability.
VMware 安全咨询2022-0002-Windows VMware Workstation 和地平线客户端更新解决了分布式拒绝服务攻击安全漏洞。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0162-02 - GEGL is a graph-based image processing framework.
Red Hat Security Advisory 2022-0162-02-GEGL 是一个基于图形的图像处理框架。
2022年1月20日 01:34Files ≈ Packet Storm
Whitepaper that explains a misconfiguration based flaw about Local Administrator Password Solution.
白皮书解释了本地管理员密码解决方案中一个基于错误配置的缺陷。
2022年1月20日 01:34Security Boulevard
The majority of users, whether new employees or CEOs, don’t realize that even if their password meets complexity requirements, it doesn’t mean it’s secure. In fact, many common password policies are overdue for an update, as for several years now cybercriminals have been taking advantage of these password policy weaknesses. These issues are compounded by password reuse—a very common user ...
Read More
The post MSPs and MSSPs: 6 Password Management Tips appeared first on Enzoic.
The post MSPs and MSSPs: 6 Password Management Tips appeared first on Security Boulevard.
大多数用户,无论是新员工还是 ceo,都没有意识到即使他们的密码符合复杂性要求,也不意味着它是安全的。事实上,许多常见的密码策略早就应该更新了,因为几年来网络罪犯一直在利用这些密码策略的弱点。密码重用(一个非常常见的用户)加剧了这些问题... ..。
阅读更多
后 MSPs 和 MSSPs: 6密码管理提示首次出现在 Enzoic 上。
后 MSPs 和 MSSPs: 6密码管理提示首次出现在安全大道。
2022年1月20日 01:34Files ≈ Packet Storm
WordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability.
WordPress 电子邮件模板设计器-WP HTML 邮件插件3.0.9及以下版本遭受跨网站脚本漏洞。
2022年1月20日 01:34Security Boulevard
Do you have agency? Agency is both the capacity to act and the exercise of that capacity, with intention. Agency is the ability for individuals to think for themselves then take directed action. It shapes their experiences and outcomes. If we avoid subjective labels like good and bad, it means we’re free to choose our […]
The post Why I prize agency appeared first on Security Boulevard.
你们有代理吗?机构既是行动的能力,也是有意行使这种能力的能力。能动性是个人独立思考然后采取直接行动的能力。它塑造了他们的经历和结果。如果我们避免主观标签,如好和坏,这意味着我们可以自由选择我们的[ ... ]
为什么我奖机构首先出现在安全大道。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0164-03 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.5.1 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.9 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include bypass and information leakage vulnerabilities.
Red Hat Security Advisory 2022-0164-03-Red Hat Single Sign-On 是一个集成的登录解决方案,作为一个用于 OpenShift 的 JBoss 中间件提供。OpenShift 映像的 Red Hat Single Sign-On 提供了一个身份验证服务器,您可以使用该服务器集中登录、注销和注册。您还可以管理 web 应用程序、移动应用程序和
2022年1月20日 01:34Security Boulevard
Employees are increasingly accessing corporate information and accounts from their personal phones. As a result, SMiShing attacks now pose a serious threat to corporate information. How serious is this threat?...
The post Social Engineering in the News: SMiShing appeared first on Security Boulevard.
员工越来越多地通过个人电话访问公司信息和账户。因此,SMiShing 攻击现在对企业信息构成了严重威胁。这种威胁有多严重?...
社会工程的新闻: smisshing 首先出现在安全大道。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0163-01 - The RHEL-8 based Cryostat container images have been updated with a security fix for "CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache". Users of RHEL-8 based Cryostat container images are advised to upgrade to these updated images, which contain backported patches to correct this security issue. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in Red Hat Ecosystem Catalog.
红帽安全咨询2022-0163-01-基于 rhel-8的 Cryostat 容器图像已经更新了“ CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache”的安全补丁。建议使用基于 rhel-8的 Cryostat 容器图像的用户升级到这些更新的图像,其中包含支持的补丁来纠正这个安全问题。还鼓励这些图像的用户重建所有依赖于这些图像的容器图像。你可以在红帽子生态系统目录中找到这个建议更新的图片。
2022年1月20日 01:34Security Boulevard
The bottom line is that every feature of your API is a potential attack vector. Simplifying your API can reduce your attack surface area, in turn allowing you to better focus your security efforts. The good news is that many of the recommendations in this article align well with general software engineering best practices – […]
The post More Simple = Less API Attack Vectors appeared first on ThreatX.
The post More Simple = Less API Attack Vectors appeared first on Security Boulevard.
底线是您的 API 的每个特性都是潜在的攻击载体。简化您的 API 可以减少您的攻击面积,从而允许您更好地集中您的安全工作。好消息是,本文中的许多建议与通用软件工程最佳实践很好地一致 -- [ ... ]
更简单 = 更少的 API 攻击向量首先出现在威胁 x 上。
更简单 = 更少的 API 攻击向量首先出现在安全大道。
2022年1月20日 01:34Files ≈ Packet Storm
Ubuntu Security Notice 5235-1 - It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service.
Ubuntu 安全通告5235-1-人们发现 Ruby 不正确地处理了某些 HTML 文件。攻击者可能会利用这个问题导致崩溃。这个问题只影响到 Ubuntu 20.04 LTS,Ubuntu 21.04和 Ubuntu 21.10。人们发现 Ruby 不能正确地处理某些正则表达式。攻击者可能会利用这个问题导致正则表达式分布式拒绝服务攻击。
2022年1月20日 01:34Security Boulevard
Our thanks to Security BSides London for publishing their tremendous videos from the Security BSides London 2021 Conference on the organization’s YouTube channel. Enjoy!
Permalink
The post Security BSides London 2021 – Eva Summerfield’s ‘When Encryption Fails’ appeared first on Security Boulevard.
我们感谢伦敦安全协会在该组织的 YouTube 频道上发布了他们在伦敦安全协会2021年会议上的大量视频。享受吧!
Permalink
2021年伦敦安全大道-伊娃萨莫菲尔德的《当加密失败》首次出现在安全大道上。
2022年1月20日 01:34Files ≈ Packet Storm
Ubuntu Security Notice 5234-1 - Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information.
Ubuntu 安全公告5234-1-Sander Bos 发现 Byobu 错误地处理了某些 Apport 数据。攻击者可能会利用这个问题来暴露敏感信息。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0177-02 - GEGL is a graph-based image processing framework.
Red Hat Security Advisory 2022-0177-02-GEGL 是一个基于图形的图像处理框架。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0178-02 - GEGL is a graph-based image processing framework.
Red Hat Security Advisory 2022-0178-02-GEGL 是一个基于图形的图像处理框架。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0176-06 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-0176-06-Kernel-rt 包提供了实时 Linux 内核,它支持对具有极高确定性要求的系统进行微调。解决的问题包括堆溢出漏洞。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0184-02 - GEGL is a graph-based image processing framework.
Red Hat Security Advisory 2022-0184-02-GEGL 是一个基于图形的图像处理框架。
2022年1月20日 01:34Files ≈ Packet Storm
Red Hat Security Advisory 2022-0161-03 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-0161-03-The Java-17-OpenJDK packages provide The OpenJDK 17 JRE 和 OpenJDK 17 Java 软件开发工具包。所涉及的问题包括反序列化和整数溢出漏洞。
2022年1月20日 01:34Files ≈ Packet Storm
Ubuntu Security Notice 5233-2 - USN-5233-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
Ubuntu 安全公告5233-2-usn-5233-1修复了 ClamAV 中的一个漏洞。本更新提供了 Ubuntu 14.04 ESM 和 Ubuntu 16.04 ESM 的相应更新。当启用 cl_scan _ general _ collect _ metadata 扫描选项时,发现 ClamAV 错误地处理了内存。远程攻击者可能会利用这个问题导致 ClamAV 崩溃,从而导致分布式拒绝服务攻击攻击。
2022年1月20日 01:33Recent Posts - Red Team Journa
Hibernating the site gave us time to think about what Red Team Journal should be in 2022. We went back to the original mission, assessed its continuing relevance, and drew up a plan.
冬眠的网站给了我们时间去思考红队杂志在2022年应该是什么样子。我们回到了最初的任务,评估了它的持续相关性,并制定了一个计划。
2022年1月20日 01:31The Daily Swig | Cybersecurity
Uncheck risky setting option offered
提供的取消选中有风险的设置选项
2022年1月20日 01:09malware.news
I am spared having to do a detailed analysis of the judgment in Vitrition UK Ltd v Caine & Ors [2022] EWHC 51 (Comm) (13 January 2022)  because, as so often, Gordon Exall has distilled the main points in a … Continue reading →
Article Link: Relief from sanctions denied after non-compliance with disclosure unless order | eDisclosure Information Project
1 post - 1 participant
Read full topic
我不必详细分析玻璃化英国有限公司诉凯恩和奥尔斯[2022] EWHC 51(委员会)(2022年1月13日)的判决,因为一如既往,戈登 · 艾克索在... ... 继续阅读→中提炼了主要观点
第条链接: 除非命令 | eDisclosure 信息项目,否则对不遵守披露后的制裁的救济
1名1岁以后的参与者
阅读完整主题
2022年1月20日 01:09malware.news
New measures, which include the removal of hyperlinks from email or SMS messages sent to customers and a 12-hour delay in activation of software tokens, will be implemented within two weeks and follow a spate of phishing SMS scams that wiped some victims of their life savings.
Article Link: Singapore pushed to introduce security measures amidst online banking scams | ZDNet
1 post - 1 participant
Read full topic
新措施包括删除发送给客户的电子邮件或短讯的超连结,以及延迟12小时启动软件令牌。这些措施将于两星期内实施。此前,一连串的网上钓鱼短讯骗案令部分客户的毕生积蓄化为乌有。
文章链接: 新加坡推出网上银行骗局中的安全措施 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月20日 01:09malware.news
The European Union is interested in building its own recursive DNS service that will be made available to EU institutions and the general public for free.
The proposed service, named DNS4EU, is currently in a project planning phase, and the EU is looking for partners to help build a sprawling infrastructure to serve all its current 27 member states.
EU officials said they started looking into an EU-based centrally-managed DNS service after observing consolidation in the DNS market around a small handful of non-EU operators.
“The deployment of DNS4EU aims to address such consolidation of DNS resolution in the hands of few companies, which renders the resolution process itself vulnerable in case of significant events affecting one major provider,” officials said in the DNS4EU infrastructure project revealed last week.
But EU officials said that other factors also played a role in their decision to build DNS4EU, including cybersecurity and data privacy.
DNS4EU to include powerful filtering capabilities
The EU sa
2022年1月20日 01:09malware.news
In June 2021, The Washington Post identified five ransomware myths that could cloud organizations’ security strategies. It’s been a few months since the list was released, so Let’s see how those myths are looking as we launch into Q1 of 2022:
Article Link: Five Ransomware Myths that Leave Businesses Vulnerable
1 post - 1 participant
Read full topic
2021年6月,《华盛顿邮报》发现了五个勒索软件的神话,这些神话可以云计算组织的安全策略。这份名单发布已经有几个月了,所以让我们看看2022年第一季度这些神话是怎么样的:
文章链接: 五个勒索软件神话,让企业变得脆弱
1名1岁以后的参与者
阅读完整主题
2022年1月20日 01:09malware.news
We’ve already spoken about the strengths of Extended Detection and Response (XDR) as it relates to other solutions such as EDR, SIEM, and SOAR. But did you know that not all XDR platforms are created equal?
Article Link: Evaluating Open XDR vs. Native XDR
1 post - 1 participant
Read full topic
我们已经讨论了扩展检测和响应(XDR)的优点,因为它与其他解决方案(如 EDR、 SIEM 和 SOAR)有关。但是您知道并不是所有的 XDR 平台都是一样的吗?
文章链接: 评估开放 XDR 和本地 XDR
1名1岁以后的参与者
阅读完整主题
2022年1月20日 00:39malware.news
Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.
This report profiles the organizational structure of the People’s Liberation Army (PLA) on China’s outposts in the South China Sea. The analysis draws heavily from Chinese-language open source materials, including state media reports, government websites, resumes, procurement records, academic writings, and patents, as well as visual materials, such as photographs, videos, and satellite imagery. The report will be of most interest to governments and militaries with an interest in Southeast Asia and the broader Indo-Pacific region, companies seeking to comply with PLA-oriented export controls, and defense analysts focused on the PLA. The author, Zachary Haver, thanks Roderick Lee, Morgan Clemens, and Kenneth Allen for their generous support.
Executive Summary
People’s Liberation Army (PLA) units operating from militarized outposts in the South China Sea defend China’s expan
2022年1月20日 00:39malware.news
A bipartisan pair of senators on Wednesday introduced legislation that would require the Homeland Security Department’s cybersecurity branch to supply commercial satellite owners and operators with tools to better protect against hackers.
The Satellite Cybersecurity Act from Sens. Gary Peters (D-Mich.) and John Cornyn (R-Texas) would mandate that the Cybersecurity and Infrastructure Security Agency (CISA) develop voluntary satellite cybersecurity recommendations to help companies better understand how to secure their systems.
The measure would also require CISA — which last year launched a Space Systems Critical Infrastructure Working Group — to create a publicly available online repository in order to give companies access to satellite-specific cybersecurity resources, as well as network security recommendations.
In addition, the bill would tap the Government Accountability Office (GAO) to examine how the U.S. government currently supports commercial satellite industry cybersecurity.
“Hackers have already su
2022年1月20日 00:09malware.news
Researchers at FingerprintJS, a Chicago-based firm that specializes in online fraud prevention, have published a software bug introduced in Safari 15’s implementation of the IndexedDB API that lets any website track your internet activity and may even reveal your identity.
They found that in Safari 15 on macOS, and in all browsers on iOS and iPadOS 15, the IndexedDB API is violating the same-origin policy; a fundamental security mechanism that restricts how documents or scripts loaded from one origin can interact with resources from other origins.
Safari
Safari is developed by Apple and designed to be the default browser for the Operating Systems macOS, iOS and iPadOS. As such, it has a market share of around 20%, which makes it the most used browser after Chrome, which has a market share of over 60%.
The researchers found that the current version of WebKit, the browser engine that powers Safari on Macs as well as all browsers on iOS and iPadOS, can be tricked into skipping the same-origin check. To put it si
2022年1月20日 00:09malware.news
Sysdig Secure adds Rapid Response feature to streamline detection and response in container environments
The increasing number of yearly reported data breaches and new critical vulnerabilities, such as log4j, impacting both small and large businesses shows that cyberthreats are real and targeting everyone. You can minimize risk by implementing runtime security and having an incident response plan in place to contain attacks. But, in container environments, responding fast to incidents is challenging.
Cloud-native complexity and ephemerality leaves security teams without an easy way to perform investigations and detect suspicious activities in containers.
Existing EDR solutions cannot solve this, because they were designed for hosts. As they don’t see containers, they just present a list of all processes running on the host. Which processes belong to each container is up to the response team to figure out. For instance, they don’t zoom in and isolate the troubled container in a Kubernetes cluster. Response tea
2022年1月19日 23:39malware.news
Zloader is a banking trojan with historical ties to the Zeus malware.  Recently, Egregor and Ryuk ransomware affiliates used Zloader for the initial point of entry. Zloader featured VNC remote access capabilities and was offered on the infamous Russian-speaking cybercrime forum exploit[.]in. Zloader infects users by leveraging malicious web advertising to redirect users into downloading […]
Article Link: Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike – Sophos News
1 post - 1 participant
Read full topic
Zloader 是一个与宙斯恶意软件有历史联系的银行木马。最近,伊格雷戈和洛克勒索软件附属机构使用 Zloader 作为最初的入口点。Zloader 具有 VNC 远程访问能力,并且提供了臭名昭著的俄语网络犯罪论坛漏洞[ . ]在。Zloader 通过利用恶意网络广告将用户重定向到下载[ ... ]来感染用户
文章链接: Zloader 安装远程访问后门并提供钴罢工-Sophos 新闻
1名1岁以后的参与者
阅读完整主题
2022年1月19日 23:39malware.news
Posted by Laurent Simon and Azeem Shaikh, Google Open Source Security Team (GOSST)




Since our July announcement of Scorecards V2, the Scorecards project—an automated security tool to flag risky supply chain practices in open source projects—has grown steadily to over 40 unique contributors and 18 implemented security checks. Today we are proud to announce the V4 release of Scorecards, with larger scaling, a new security check, and a new Scorecards GitHub Action for easier security automation.

The Scorecards Action is released in partnership with GitHub and is available from GitHub's Marketplace. The Action makes using Scorecards easier than ever: it runs automatically on repository changes to alert developers about risky supply-chain practices. Maintainers can view the alerts on GitHub's code scanning dashboard, which is available for free to public repositories on GitHub.com and via GitHub Advanced Security for private repositories.

Additionally, we have scaled our weekly Scorecards scans to over one mi
2022年1月19日 23:39malware.news
If you have been forgoing updating your Mac, this article might make you think twice.
The Microsoft 365 Defender Research Team has discovered a vulnerability in macOS, which allows malicious apps to successfully bypass a user’s privacy preferences. This means attackers could access personal data that was once private, as well as install a malicious app—or hijack one that’s already installed—to access the microphone to record conversations or capture screenshots of the user’s screen without them knowing.
Dubbed “Powerdir,” it is the latest in a lengthening line of Transparency, Consent, and Control (TCC) security framework bypasses that have been hitting Apple these past few months. The Microsoft team is said to have reported Powerdir to Apple in mid-July 2021, and Apple patched it 6 months after. It is tracked as CVE-2021-30970.
The Security & Privacy UI of a macOS device, which helps users configure the privacy settings of their apps. The TCC is the underlying technology that makes this happen. (Source: Micr
2022年1月19日 23:37WordPress › Error
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources. This issue covers the week from January 10 to 17, 2022. Our […]
The post Bug Bytes #155 – When logout logs you in, 120 days bug hunting challenge & Testing reverse proxies with Nuclei appeared first on Intigriti.
Bug Bytes 是一个由 Bug bounty 社区成员策划的每周通讯。第一个系列是由 Mariem 策划的,也就是我们熟知的 PentesterLand。每个星期,她都会给我们提供一个全面的列表,包括写作、工具、教程和资源。本期为二○二二年一月十日至十七日的一星期。我们的... .
当你注销时,120天的错误追踪挑战和使用 Nuclei 的反向代理测试第一次出现在 Intigriti 上。
2022年1月19日 23:34Security Boulevard
Some users of LastPass, the password management tool, recently reported getting emails from the service stating that their master passwords had been compromised and that unusual credential stuffing attempts had been noticed. Though this turned out to be just a scare, this incident reiterates the need for effective bot management to strengthen data security.
The post Credential Stuffing Attack on LastPass appeared first on Radware Blog.
The post Credential Stuffing Attack on LastPass appeared first on Security Boulevard.
密码管理工具 LastPass 的一些用户最近报告称,他们收到了该服务发来的电子邮件,称他们的主密码已经被破解,并且发现了不寻常的填写证书的企图。虽然这只是一个恐慌,但是这个事件再次证明需要有效的机器人管理来加强数据安全。
针对 LastPass 的文凭填充攻击首先出现在 Radware 博客上。
在 LastPass 上发起的填充凭证攻击最早出现在安全大道上。
2022年1月19日 23:34Security Boulevard
Awards Recognize Partners for Providing Exceptional Value and Solving Customers’ Business Challenges Through LogRhythm’s NextGen SIEM Platform  LogRhythm, the company powering today’s security operations centers (SOCs), today announced the winners of its 2021 Americas Partner Awards. The awards recognize exceptional…
The post LogRhythm Announces 2021 Americas Partner Award Winners at Annual Revenue Kickoff Meeting appeared first on LogRhythm.
The post LogRhythm Announces 2021 Americas Partner Award Winners at Annual Revenue Kickoff Meeting appeared first on Security Boulevard.
通过 LogRhythm 的 NextGen SIEM 平台 LogRhythm,该公司为今天的安全运营中心(SOCs)提供支持,今天宣布了2021年美国合作伙伴奖的获奖者。这个奖项表彰杰出的..。
日志节奏宣布2021年度美国合作伙伴奖获奖者在年度收入启动会议上首次出现在日志节奏。
日志节奏宣布2021年度美国合作伙伴奖获奖者在年度收入启动会议上首次出现在安全大道。
2022年1月19日 23:33Light Blue Touchpaper
This week sees the start of a course on security engineering that Sam Ainsworth and I are teaching. It’s based on the third edition of my Security Engineering book, and is a first cut at a ‘film of the book’. Each week we will put two lectures online, and here are the first two. Lecture … Continue reading Security engineering course →
本周,我和萨姆 · 安斯沃思(samainsworth)教授的一门安全工程课程开始了。这是基于我的安全工程书的第三版,也是这本书的第一部电影。每周我们会在网上放两节课,这是前两节课。继续阅读安全工程课程→
2022年1月19日 23:31The Daily Swig | Cybersecurity
Silicon Valley giants joined government officials to thrash out remedies to software supply chain woes
硅谷巨头们与政府官员一起研究出解决软件供应链问题的方法
2022年1月19日 23:31The Daily Swig | Cybersecurity
Phased rollout begins from Chrome 98 with DevTools warnings of failed preflight requests
分阶段推出从 Chrome 98开始,DevTools 警告飞行前请求失败
2022年1月19日 23:31The Daily Swig | Cybersecurity
Partial fix applied for two separate bugs in the open source software
部分修复应用于开放源码软件中的两个单独的 bug
2022年1月19日 23:09malware.news
On December 23, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “WordPress Email Template Designer – WP HTML Mail”, a WordPress plugin that is installed on over 20,000 sites. This flaw made it possible for an unauthenticated attacker to inject malicious JavaScript that would execute whenever a site administrator accessed the template editor. This vulnerability would also allow them to modify the email template to contain arbitrary data that could be used to perform a phishing attack against anyone who received emails from the compromised site.
Wordfence Premium users received a firewall rule to protect against any exploits targeting this vulnerability on December 23, 2021. Sites still using the free version of Wordfence will receive the same protection on January 22, 2022.
We sent the full disclosure details to the developer on January 10, 2022, after multiple attempts to contact the developer and eventually receiving a response. Th
2022年1月19日 23:09malware.news
The many issues surrounding end-to-end encryption (E2EE) are ever-present. They usually spring up when something that could potentially affect the safety of those who are vulnerable comes to light.
Back in November, Meta announced it had delayed plans to roll out E2EE on its Facebook and Instagram platforms until 2023, because the company needed more time to “get this right”. Not surprisingly, the UK government has been deeply concerned since it was first announced in 2019.
Child predators were busy in 2021
No Place To Hide, a UK-government backed child safety campaign, launched on Tuesday, aiming to “keep children safe online without compromising user privacy.”
An official campaign video for No Place To Hide
The campaign is supported by Barnardo’s, the UK’s largest national children’s charity; The Lucy Faithfull Foundation, a charity that focuses on abused children; The Marie Collins Foundation, a charity that focuses on children abused using technology and the internet; and SafeToNet, a “cyber-safety compan
2022年1月19日 23:09malware.news
President Joe Biden on Wednesday signed a national security memorandum aimed at strengthening the cybersecurity of networks used in the country’s national defense, as the administration issues warnings of potential digital strikes by Russian hackers over the escalating crisis in Ukraine.
The 17-page document specifies how the national security systems and networks utilized by the Defense Department and the U.S. intelligence community must meet the same standards that were laid out for civilian federal agencies and contractors under last year’s sweeping executive order, which was issued in the wake of the SolarWinds espionage campaign and the ransomware attack on the Colonial Pipeline.
“Modernizing our cybersecurity defenses and protecting all federal networks is a priority for the Biden Administration, and this National Security Memorandum raises the bar for the cybersecurity of our most sensitive systems,” the White House said in a fact sheet accompanying the new document.
The memorandum gives the National S
2022年1月19日 22:39malware.news
From the time I started in DFIR, one question was always on the forefront of incident responder's minds...how do you know what "bad" looks like? When I was heading on-site during those early engagements, that question was foremost on my mind, and very often, the reason I couldn't sleep on the plane, even on the long, cross country flights. As I gained experience, I started to have a sense of what "bad" might or could look like, and that question started coming from the folks around me (IT staff, etc.) while I was on-site.
How do you know what "bad" looks like?
The most obvious answer to the question is, clearly, "anything that's not "good"...". However, that doesn't really answer the question, does it? Back in the late '90s, I did a vulnerability assessment for an organization, and at one of the offices I visited there were almost two dozen systems with the AutoAdminLogon value in the Registry. This was anomalous to the organization as a whole, an outlier within the enterprise, even though only a single syste
2022年1月19日 22:39malware.news
Hundreds of million euros for smuggling more than 1 100 migrants into the EU Authorities believe that the suspects, mainly of Iraqi and Syrian origin, are part of a criminal network of about 80 members that is allegedly responsible for at least 30 sea smuggling operations. The criminal group operated migrant smuggling activities from Turkey to the Salento coast of…
Article Link: 29 arrested in Albania, Greece and Italy for smuggling more than 1 100 migrants in yachts | Europol
1 post - 1 participant
Read full topic
欧盟当局认为,这些主要来自伊拉克和叙利亚的嫌疑人是由大约80名成员组成的犯罪网络的一部分,据称该网络至少负责30次海上走私行动。该犯罪集团从土耳其向萨伦托沿岸进行移民走私活动..。
29人在阿尔巴尼亚、希腊和意大利被捕,罪名是用游艇偷运超过1100名移民
1名1岁以后的参与者
阅读完整主题
2022年1月19日 22:39malware.news
We wanted to give everyone a heads up about the new Sophos Central login experience, which is a phased rollout beginning now and lasting about a week. Instead of entering an email address and password on the same login page, users will initially enter only their email address when logging into Sophos Central, at which […]
Article Link: New Sophos Central login experience begins rolling out – Sophos News
1 post - 1 participant
Read full topic
我们希望给每个人一个关于新 Sophos 中央登录体验的提醒,这是一个从现在开始的分阶段推出,持续约一个星期。用户在登录 Sophos Central 时,不需要在同一个登录页面上输入电子邮件地址和密码,而只需要输入自己的电子邮件地址
文章链接: 新 Sophos 中心登录体验开始推出-Sophos 新闻
1名1岁以后的参与者
阅读完整主题
2022年1月19日 22:09malware.news
Cybersecurity researchers identify White Rabbit, which is a new ransomware that appears to have links to FIN8, a hacking group that previously focused on finances.
Article Link: This new ransomware comes with a small but dangerous payload | ZDNet
1 post - 1 participant
Read full topic
网络安全研究人员确认了“白兔”,这是一种新型勒索软件,似乎与 fin8有关。 fin8是一个以前专注于财务的黑客组织。
文章链接: 这个新的勒索软件带有一个小型但是危险的有效载荷 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月19日 22:09malware.news
Microsoft’s first Patch Tuesday for 2022 was a rocky start to the year, giving admins and users numerous headaches to deal with.
Article Link: Microsoft releases fix for patch that broke VPNs, Hyper-V virtual machines and more | ZDNet
1 post - 1 participant
Read full topic
微软2022年的第一个补丁周二是一个艰难的开始,给管理员和用户无数的头痛处理。
文章链接: 微软发布修补程序,破坏 vpn,Hyper-V 虚拟机和更多 | ZDNet
1名1岁以后的参与者
阅读完整主题
2022年1月19日 21:37Trail of Bits Blog
By Francesco Bertolaccini Have you ever wondered how a compiler sees your data structures? Compiler Explorer may help you understand the relation between the source code and machine code, but it doesn’t provide as much support when it comes to the layout of your data. You might have heard about padding, alignment, and “plain old […]
你有没有想过编译器是如何看待你的数据结构的?编译器资源管理器可以帮助您理解源代码和机器代码之间的关系,但是当涉及到数据的布局时,它不能提供足够的支持。您可能听说过填充、对齐和“普通的[ ... ]”
2022年1月19日 21:35Hacking Articles
Introduction Writer is a CTF Linux box with difficulty rated as “medium” on the HackTheBox platform. The machine covers SQL injection vulnerability and privilege escalation
The post Writer HackTheBox Walkthrough appeared first on Hacking Articles.
介绍 Writer 是一个在 HackTheBox 平台上难以被评为“中等”的 CTF Linux 机器。该机器涵盖了 SQL 注入漏洞和权限提升
文章作者 HackTheBox 攻略首次出现在 Hacking Articles 上。