SC Media arms information security professionals with the in-depth, unbiased business and technical information they need. The official page for all things IT security.
Operating as usual
Dubbed Vermilion Strike, the ELF-formatted malware follows in the footsteps of geacon, an open-source Golang-based version of Beacon. #malware #cybersecurity
Infosec teams struggle to detect Linux-based threats such as Vermillion Strike due to an overemphasis on Windows malware, a lack of effective solutions for protecting data centers, and the immaturity of sandboxes.
Both Microsoft and industry researchers say security teams should prioritize the four OMIGOD vulnerabilities discovered in Azure. #cybersecurity #cloudsecurity #patchtuesday
Both Microsoft and industry researchers say security teams should prioritize the four OMIGOD vulnerabilities discovered in Azure.
#Breaking: In a joint advisory, the agencies said the flaw, which affects Zoho ManageEngine ADSelfService, can bypass authentication protocols and lead to remote code ex*****on. They warned that a wide range of targets and sectors who use the software are vulnerable.
“The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software,” the advisory notes.
https://www.scmagazine.com/analysis/apt/u-s-warns-apt-groups-likely-among-groups-exploiting-flaw-in-zoho-password-manager
Critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities were listed among the targeted or vulnerable sectors.
A decade in the making, Federal Trade Commission is ready to play hard ball with health app developers https://www.scmagazine.com/analysis/application-security/health-app-developers-be-warned-ftc-ready-to-hand-down-fines-for-failure-to-report-breaches
The FTC Health Breach Notification Rule was enacted 10 years ago to protect the privacy and security of consumer health data not covered by HIPAA, but it was never enforced. A policy decision enacted on Sept. 15 will change that.
In separate reports Thursday, Akamai detailed two threats: One new, complex miner targeting WordPress, and a Linux miner that just learned to speak Windows. #cybersecurity
In separate reports Thursday, Akamai detailed two threats: One new, complex miner targeting WordPress, and a Linux miner that just learned to speak Windows.
X-Force researchers also found password and policy violations in the vast majority of pen tests conducted in the past year. #cybersecurity
X-Force researchers also found cryptominers and ransomware account for more than 50% of detected system compromises.
“The industry has not seen the last of the print spooler vulnerabilities," said Jeff Costlow, CISO at ExtraHop. #cybersecurity
Microsoft released the so-called final patch for PrintNightmare, but security researchers aren’t so sure.
"There's so much choice out there, so many versions out there. The pace of the new supply outpaces the developers' ability to consume the supply intelligently," said Matt Howard, Sonatype executive vice president. #cybersecurity
In an analysis of 100,000 deployed applications, Sonatype found coders updating open-source dependencies in their wares to a suboptimal version of the library the vast majority of the time.
From Cowbell Cyber, the new marketplace is meant to provide a destination where prospective and current policyholders can find solutions to fill holes in their security that make them a potentially risky proposition for insurance providers. https://www.scmagazine.com/analysis/network-security/new-online-marketplace-helps-companies-improve-their-eligibility-for-cyber-insurance/
MFA is among the biggest areas of need for prospective and current cyber insurance policyholders that are looking to reduce their risk, and perhaps their premiums.
Cybersecurity Collaborative launched a task force this month aimed at delivering a #ransomware response playbook and best practices guide to #cybersecurity professionals.
Cybersecurity Collaborative launched a task force this month aimed at delivering cybersecurity professionals a ransomware response playbook and best practices guide.
Use of intelligent snapshot technology delivers a significant one-two punch against ransomware and other forms of malware: data protection and rapid recovery, says the author of this commentary. #cybersecurity #ransomware #malware
IBM's Denis Kennelly offers a strategy for immutable storage that can help companies mitigate ransomware attacks.
“The headlines about API vulnerabilities and ‘leaky APIs’ just keep coming," said Michael Isbitski, technical evangelist at Salt Security.
Neosec aims to combine XDR with behavioral analytics to help security teams mitigate threats hiding inside APIs.
Of the 34% of financial services organizations who said they were hit by ransomware, more than half (51%) said the attackers succeeded in encrypting their data.
A new report by Sophos showed financial services organizations paid about $2.1 million on average to recover from a ransomware attack, about a quarter of a million dollars more than the global average of $1.85 million.
Krebs: “When you’re talking about companies that are providing a service to the federal government – not just the Department of Defense but the civilian agencies as well – I would expect to see enhanced requirements not just on the external threat management but also insider threat management."
https://www.scmagazine.com/analysis/insider-threat/former-cisa-head-calls-for-new-legislation-to-crack-down-on-insider-threats
Chris Krebs said he has recommended Congress establish enhanced requirements around how federal contractors – and perhaps publicly traded companies – are set up to respond to insider threats and communicate with the government in the wake of the incident.
The database belonged to GetHealth, a New York-based unified solution for health and wellness apps, including FitBit, GoogleFit, 23andMe, and a host of others. #cybersecurity #healthIT
WebsitePlanet and Jeremiah Fowler discovered an unsecured GetHealth database containing nearly 17 GB of health and fitness tracking data in more than 61 million records. It's unclear of the immediate impact of the data compromise, but it demonstrates the ongoing challenges to securing consumer data....
We’re kicking off our free, one-day Secure Cloud Migration virtual event shortly with keynote speaker James Kaplan and his session “Security as code: The only way to protect your business in the cloud”. There’s still time to register but if you can’t attend live, you can still sign up and we’ll send you the recorded content once it’s available. #cybersecurity #cloudmigration #virtualevent
https://fb.me/e/1604olHNG
We’re kicking off our free, one-day Secure Cloud Migration virtual event shortly with keynote speaker James Kaplan and his session “Security as code: The only way to protect your business in the cloud”. There’s still time to register but if you can’t attend live, you can still sign up and we’ll send you the recorded content once it’s available. #cybersecurity #cloudmigration #virtualevent
https://fb.me/e/1604olHNG
Industry needs to focus on a collaborative and scalable approach to making attacks costly to the adversary, whether it’s from organized cybercrime groups or nation-state sanctioned groups, says the author of this commentary.
As part of a strategy to mitigate ransomware, governments around the world must start taxing the cryptocurrency exchanges.
With Accurics acquisition, Tenable aims to focus on solving the misconfigurations that have plagued many cloud deployments. #cybersecurity #cloudsecurity
With Accurics acquisition, Tenable aims to focus on solving the misconfigurations that have plagued many cloud deployments.
The House Energy and Commerce Committee teed up legislation Monday as part of the Democrats’ $3.5 trillion reconciliation bill that would include $1 billion for the Federal Trade Commission over the next decade to build a new Data Security Bureau.
Congressional legislation would set aside a billion dollars for a new Data Security Bureau, but the bill offers little in the way of details.
Approximately 115,448 patients of LifeLong Medical are just now being notified that their data was accessed and stolen during a series of ransomware-related intrusions at one of its third-party vendors, Netgain. #cybersecurity #ransomware #healthIT
LifeLong Medical is just now notifying 115,448 patients that their data was compromised during a ransomware attack against one of its vendors, Netgain. However, the initial breach reports were first released more than six months ago, putting the notice far outside the 60-day HIPAA requirement.
Todt most recently was the managing director of the Cyber Readiness Institute, a small-business-focused cybersecurity advocacy non-profit, and has collaborated with CISA on CRI projects.
Todt most recently was the managing director of the Cyber Readiness Institute, a small-business-focused cybersecurity advocacy non-profit, and has collaborated with CISA on CRI projects.
During M&A, how does the IT security team inventory, catalog and assess the risks of all the new assets it’s just inherited? According to asset management experts, the answer is: as comprehensively and early in the process as possible. But the challenges often pile, introducing significant risk to an already complex process of integration. https://www.scmagazine.com/feature/asset-management/complexity-of-asset-management-brings-unexpected-risk-into-ma-process
Experts reveal the challenges of inheriting new systems and data, and how to get IT security teams involved earlier in the process.
Third-party threats are real and now. That’s according to a Cybersecurity Collaborative task force of chief information security officers who developed a framework with supporting tools to build, manage and scale a management program covering third-party risk. WATCH:
Members of the Cybersecurity Collaboration presented a brief on its Third-Party Risk Management Program 2021 Implementation Guide and Toolkit by its task force of CISOs.
WATCH: Cybersecurity and IT teams want systems to operate securely, but their missions begin to diverge when things break down, said Brendan Williams, #cybersecurity adjunct professor at the University of Dallas, in an SC Media eSummit.
An enterprise’s IT and cybersecurity departments want the same thing: for systems to operate efficiently and securely. However, they begin to diverge when things break down, said the University of Dallas's Brendan Williams.
"Rather than just worried about onesie-twosie computers, it was more about the full attack chain and leveraging that as a weaponized tool to push through your environment and lock up your environment," Eric Decker, a chief information security officer in the health care industry.
Eric Decker, a CISO in health care, discusses how forging relationships and having the appropriate risk-based discussions to address challenges facing the industry.
As Microsoft’s director of identity security, Alex Weinert had a front-row seat into the SolarWinds investigation, which he called the most sophisticated attack he or anyone on his team had ever seen during an SC Media eSummit on zero trust. Learn more here: http://ow.ly/HdCO50G88F6
A conversation with Benjamin Corll, vice president of cybersecurity and data protection at Coats. One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media.
Benjamin Corll of Coats noted that a security leader's primary role is is getting their teams the tools and support that they need in order to be successful. As he put it, we may run the organization, yet we truly work for them.
If data has value, then electronic health records are a treasure trove, says the author of this commentary. #cybersecurity #healthIT #ransomware
Today's columnist, Mona Abutaleb, outlines six tips for mitigating ransomware and phishing attacks in health care environments.
Google described Private Compute Core as an open source, secure environment isolated from the rest of the operating system and applications — a move security researchers view as a potentially effective way to foil hackers.
Google described Private Compute Core as an open source, secure environment isolated from the rest of the operating system and applications — a move security researchers view as a potentially effective way to foil hackers.
Nearly 43% of all websites use WordPress, one of the main reasons the Cybersecurity Infrastructure and Security Agency (CISA) posted a notice for WordPress users to move quickly and update.
Nearly 43% of all websites use WordPress, one of the main reasons the Cybersecurity Infrastructure and Security Agency (CISA) posted a notice for WordPress users to move quickly and update.
These relationships between the Russian government and the #ransomware criminal ecosystem are, the report by Recorded Future notes, indirect, amorphous and “based on spoken and unspoken agreements” as well as “fluid associations.”
The relationship between the Russian government and ransomware groups within its borders are indirect, amorphous and “based on spoken and unspoken agreements” as well as “fluid associations” where the interests of Moscow and the cybercriminal underworld align.
400 Madison Ave
New York, NY
10017
| Monday | 9am - 5pm |
| Tuesday | 9am - 5pm |
| Wednesday | 9am - 5pm |
| Thursday | 9am - 5pm |
| Friday | 9am - 5pm |
SC Magazine US, SCMedia.com; SC Media Awards
Be the first to know and let us send you an email when SC Media posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.
Send a message to SC Media:
We are officially one month out from #RiskSec Conference and this is our #MondayMood! Join us in Philly for a day of cybersecurity, networking, and a look at the future threat landscape: https://risksecconference.com/social
Tripwire researcher Craig Young said a series of flaws he recently found in Ruckus routers making them vulnerable to several security issues is representative of the security problems found in many consumer connected devices.
In an analysis of five separate manufacturers' web servers running on the new HTTP/2 protocol, cybersecurity firm Imperva found that all five were vulnerable to at least one of four high-profile denial-of-service vulnerabilities.
Ransomware is a brilliant attack because it hits the sweet spot - the value of what they're taking away from you is more than what they're asking for, Zscaler CSO Michael Sutton told SCMagazine.com.
At #BlackHat2016, SCMagazine.com caught up with Sophos's John Shier to discuss these "designer" attacks.
The cyber defenses offered up by many medical facilities are so poor that attackers are able to breach them using outdated hacking tools, according to a new study by ESET.
The cloud is creating numerous security challenges that Intel's Brian Dye said could be resolved by taking specific steps.
SC Magazine Associate Editor Teri Robinson talks cybersecurity with Dell Security Vice President of Product Management and Marketing Patrick Sweeney.
Check out our interview with Akamai's VP of Engineering Ohad Parush.
As cyber attacks increase, IT departments continue to be challenged by older techniques, such as targeted phishing attacks because the attacks bypass perimeter defenses and are difficult to prevent. Ray Rothrock, CEO of RedSeal Networks, spoke with SCMagazine.com on how to mitigate risks.
Malwarebytes received a $50 million Series B funding round from Fidelity Management and Research Co.
Find out why Bruce McCulley, senior information security specialist, U.S. Senate-Sergeant at Arms, says that combating social engineering doesn't need to hinder employees at SCMagazine.com
Check out what Chief Strategist Becky Bace has to say about IoT security at SCMagazine.com
Check out the full version at SCMagazine.com | http://bit.ly/1M2Nfzn
In this interview, Harry Sverdlove, CTO of Bit9, describes to SC Magazine Executive Editor Dan Kaplan what the bring-your-own-device revolution means for organizations, and how they should best address the threat posed by endpoints such as the Android.
SC Magazine Managing Editor Greg Masters chats with Carl Herberger, vice president of security solutions at Radware, about the risk posed by politically and ideologically motivated attacks, known as hacktivism.
Security researcher Dillon Beresford speaks to the press at the Black Hat conference in Las Vegas following his presentation which demonstrated how to hack into Siemens industrial control systems.
Researcher Joe Stewart discusses his research into tracing the origin of the advanced persistent threat.
An interview from SC Congress Canada 2011 with Ron Deibert and Rafal Rohozinski from The Munk School for Global Affairs at the University of Toronto.
In an interview with SC Magazine Managing Editor Greg Masters, David Koretz, CEO of web application security start-up Mykonos Software, explains why the industry needs a rethink. He says security products traditionally have produced too much data, which leads to stress on customers and too many false positives. And even with this preponderance of information, solutions still are missing threats, as evidenced by zero-day attacks that evade malware detection technology. Koretz explains why a shift in focus, plus increased education for college students, may make all the difference.
As virtualization becomes more mainstream, even in small and midsize organizations, security professionals must consider the risks of managing this emerging technology. Threats such as VM sprawl, in which IT departments lose visibility of their virtual assets, creates the potential of unpatched and vulnerable machines. Rob Juncker, VP of technology at Shavlik, sits down with SC Magazine Executive Editor Dan Kaplan to explain why organizations must apply the same security principles to their virtual machines as they do for their traditional computing systems.
Relive the pageantry of the SC Awards.
Cyberwar: Has it actually happened yet? Mikko Hypponen, chief research officer of F-Secure, weighs in on that and other cool stuff.
Jeff Hudson, CEO of Venafi, explains why it is critical to keep track of certificates on applications and servers.
