IT Security Newsletter - 09/15/2020
Large Cloud Providers Much Less Likely Than Enterprises to Get Breached
Pen-test results also show a majority of organizations have few protections against attackers already on the network. Major cloud services providers are about half as likely (46%) to experience a data breach compared with large enterprises, a new study suggests. Security assessment vendor Coalfire recently analyzed data from some 800 penetration tests that emulated cyberattacks on customer networks. The exercise showed that cloud services providers - at least the big ones - have made significant security improvements in recent years. READ MORE...
Russian hacker selling how-to vid on exploiting unsupported Magento installations to skim credit card details for $5,000
Thousands of e-commerce stores built using Magento 1 have been poisoned with malicious code that steals customers' bank card information as they enter their details to order stuff online. Sansec, a software company focused on these so-called "digital skimming" attacks, discovered that 1,904 cyber-shops had been altered by miscreants over the weekend to include malicious JavaScript that siphoned off folks' card info. "This automated campaign is by far the largest one that Sansec has identified since it started monitoring in 2015." READ MORE...
Oracle Announces Availability of Cloud Guard, Maximum Security Zones
Oracle on Monday announced the general availability of its Cloud Guard and Maximum Security Zones cloud security tools. Cloud Guard and Maximum Security Zones were some of the new security services univeled by Oracle in September 2019. Offered to Oracle Cloud customers at no extra cost, they help automate threat response and reduce risk. Oracle Cloud Guard, now available in all commercial regions, is designed to continuously monitor activities and configurations in an effort to identify and address potential threats. READ MORE...
Magecart Attack Impacts More Than 10K Online Shoppers
Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit. One of the largest known Magecart campaigns to date took place over the weekend, with nearly 2,000 e-commerce sites hacked in an automated campaign that may be linked to a zero-day exploit. The attacks have impacted tens of thousands of customers, who had their credit-card and other information stolen, researchers said. READ MORE...
Windows 10 'Finger' command can be abused to download or steal files
The list of native executables in Windows that can download or run malicious code keeps growing as another one has been reported recently. These are known as living-off-the-land binaries (LoLBins) and can help attackers bypass security controls to fetch malware without triggering a security alert on the system. The latest addition is finger.exe, a command that ships with Windows to retrieve information about users on remote computers running the Finger service or daemon. READ MORE...
Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs
Monday's CISA advisory is a staunch reminder for federal government and private sector entities to apply patches for flaws in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange servers. The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. READ MORE...
MFA Bypass Bugs Opened Microsoft 365 to Attack
Vulnerabilities 'that have existed for years' in WS-Trust could be exploited to attack other services such as Azure and Visual Studio. Bugs in the multi-factor authentication system used by Microsoft's cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint. The flaws exist in the implementation of what is called the WS-Trust specification in cloud environments. READ MORE...
After researchers test Microsoft Netlogon exploit, feds tell users to patch now or suffer later
Nothing brings urgency to a software vulnerability like an exploit demonstrating its potency. That's what happened Monday when researchers at Dutch cybersecurity company Secura released a "proof of concept" exploit for a vulnerability in the Netlogon protocol that Microsoft employs to authenticate users within a domain. The vulnerability could allow "an attacker with a foothold on your internal network to essentially become [domain administrator] with one click," as Secura analysts put it. READ MORE...
Attacked by ransomware? Five steps to recovery
Ransomware has been noted by many as the most threatening cybersecurity risk for organizations, and it's easy to see why: in 2019, more than 50 percent of all businesses were hit by a ransomware attack - costing an estimated $11.5 billion. In the last month alone, major consumer corporations, including Canon, Garmin, Konica Minolta and Carnival, have fallen victim to major ransomware attacks, resulting in the payment of millions of dollars in exchange for file access. READ MORE...
YouTube unlawfully violates kids' privacy, new $3.2B lawsuit claims
A new lawsuit filed in a United Kingdom court alleges that YouTube knowingly violated children's privacy laws in that country and seeks damages in excess of £2.5 billion (about $3.2 billion). A tech researcher named Duncan McCann filed the lawsuit in the UK's High Court and is serving as representative claimant in the case-a similar, though not identical, process to a US class-action suit. Foxglove, a UK tech advocacy group, is backing the claim, it said today. READ MORE...
- ...in 1857, 27th President William Howard Taft is born in Cincinnati, Ohio.
- ...in 1858, the new Overland Mail Company sends out its first two stages, inaugurating government mail service between the eastern and western regions of the nation.
- ...in 1928, jazz saxophonist Julian Edwin "Cannonball" Adderley ("Mercy, Mercy, Mercy") was born in Tampa, FL.
- ...in 1978, boxer Muhammad Ali defeats Leon Spinks at the Louisiana Superdome in New Orleans to win the world heavyweight championship.