Day: November 15, 2021

Building a Security Training Testbed for Azure

This blog was originally published by Adobe here. Written by Akriti Srivastava, Security Analyst, Adobe OpSec Team. With any cloud platform, a lack of understanding of required security controls and unintentional misconfigurations can bring additional risk to the DevSecOps process. A test environment, where engineers can safely learn new attack methodologies, is the preferred approach, …

Building a Security Training Testbed for Azure Read More »

Achieving Zero Trust Remote Access with Privileged Access Management

Written by Matt Miller, BeyondTrust. The radical shift to embrace largescale remote work—and even a work-from-anywhere mindset, the accelerated pace of digital transformation, the proliferation of ransomware, and massive breaches (i.e. SolarWinds Orion, Colonial Pipeline, etc.) together have kicked down the last vestiges of the perimeter-focused security mindset. In the wake, the concept of zero …

Achieving Zero Trust Remote Access with Privileged Access Management Read More »

Immuta strengthens Snowflake integration to evolve complex data access control policies

Immuta announced new capabilities that strengthen its integration with Snowflake, the data cloud company, streamlining and enhancing the data governance experience for joint customers. With its latest release, Immuta is more deeply integrated with Snowflake, providing a scalable, automated way to author and evolve complex data access control policies. Immuta introduced its integration with Snowflake …

Immuta strengthens Snowflake integration to evolve complex data access control policies Read More »

Chinese Communist Party official expelled for mining cryptocurrency

China’s Central Commission for Discipline Inspection has expelled a communist party member for allowing cryptocurrency mining to happen, corruption, and other infractions. A Saturday announcement by the commission stated that Xiao Yi, formerly a member and vice chairman of the Jiangxi Provincial Political Consultative Conference, was stripped of his post and lost his qualifications as …

Chinese Communist Party official expelled for mining cryptocurrency Read More »

ASEC Weekly Malware Statistics (November 1st, 2021 – November 7th, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from November 1st, 2021 (Monday) to November 7th, 2021 (Sunday). For the main category, info-stealer ranked top with 51.8%, followed by Downloader with 22.7%, RAT (Remote Administration Tool) malware …

ASEC Weekly Malware Statistics (November 1st, 2021 – November 7th, 2021) Read More »

Zyxel collaborates with Avira to help SMBs defend against unknown threats

Zyxel Networks launched Cloudbox API from Avira OEM, part of NortonLifeLock’s offerings. Avira’s Cloud Sandbox service integrates with Zyxel’s Advanced Threat Protection (ATP) firewalls. Available now, this integration provides SMBs with threat detection rates and response times to thwart unknown threats. According to Zyxel’s threat intelligence lab, around 100 million of unknown threats were detected …

Zyxel collaborates with Avira to help SMBs defend against unknown threats Read More »

Analysis Report of Lazarus Group’s NukeSped Malware

AhnLab Security Emergency response Center (ASEC) reveals an analysis report of Lazarus group’s attacks found from around 2020 until recently. The malware discussed here is known as NukeSped, a backdoor type that can perform various malicious behaviors by receiving commands from the attacker. This report will show the analysis of the overall flow of attacks …

Analysis Report of Lazarus Group’s NukeSped Malware Read More »

DevSecOps and Misconfigurations: Key Facts to Know

Secure DevOps, DevSecOps, and “shifting left” have become increasingly popular terms in cybersecurity. With the rapid increase both in volume and speed to delivery of applications, attacks on applications have also increased in both volume and complexity. Combine this with the shortage of cybersecurity professionals and lacking security skillsets, cybersecurity teams are already stretched to …

DevSecOps and Misconfigurations: Key Facts to Know Read More »

Digivault partners with Asset Reality to assist law enforcement agencies with asset recovery

Digivault and Asset Reality announced a new partnership aimed at making the digital asset ecosystem safer by assisting global law enforcement agencies and victims of cybercrime with asset recovery. Soaring crypto prices and bullish market sentiment have increased participation to more than 221M users worldwide however, the industry remains vulnerable to hacking and phishing events …

Digivault partners with Asset Reality to assist law enforcement agencies with asset recovery Read More »

Immersive Labs acquires Snap Labs to bring cyber simulations customized for specific environments

Immersive Labs announces the acquisition of Snap Labs. The transaction brings a new level of realism to organizations looking to develop cyber knowledge, skills and judgement, providing them with the ability to build multi-player simulations customized for specific environments and roles. The acquisition underlines the need to develop human capabilities which reflect the nuances of …

Immersive Labs acquires Snap Labs to bring cyber simulations customized for specific environments Read More »

Netography raises $45M to secure the atomized network and boost technology innovations

Netography announced it has secured $45 million in Series A funding, led by Bessemer Venture Partners and SYN Ventures, with participation from existing investors Andreessen Horowitz, Mango Capital, Harpoon Ventures, and Wing Venture Capital. The new capital will be applied toward new technology innovations and enhancements, channel expansion, and sales. Alongside the funding, the company …

Netography raises $45M to secure the atomized network and boost technology innovations Read More »

[Control Systems] FATEK Automation Security Advisory

Number: AV21-588Date: 16 November 2021 On 16 November 2021 ICS-CERT published an ICS Advisory to highlight vulnerabilities in the following product: WinProladder – version 3.30_24518 and prior   Exploitation of these vulnerabilities could result in arbitrary code execution. The Cyber Centre encourages users and administrators to review the provided web link and perform the suggested …

[Control Systems] FATEK Automation Security Advisory Read More »

Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels

A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition across five continents involving law enforcement and private partners, including Trend Micro, sought to crack down on big ransomware operators. About the GandCrab/REvil arrests According to a report by Interpol, the global operation, which was …

Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels Read More »

[webapps] Online Learning System 2.0 – Remote Code Execution (RCE)

# Exploit Title: Online Learning System 2.0 – Remote Code Execution (RCE) # Date: 15/11/2021 # Exploit Author: djebbaranon # Vendor Homepage: https://github.com/oretnom23 # Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/elearning_v2_0.zip # Version: 2.0 # Tested on: Kali linux / Windows 10 # CVE : CVE-2021-42580 #!/usr/bin/python3 import os import time import argparse import requests import sys from colorama …

[webapps] Online Learning System 2.0 – Remote Code Execution (RCE) Read More »

[webapps] CMDBuild 3.3.2 – 'Multiple' Cross Site Scripting (XSS)

# Exploit Title: CMDBuild 3.3.2 – ‘Multiple’ Cross Site Scripting (XSS) # Date: 15/11/2021 # Exploit Author: Hosein Vita # Vendor Homepage: https://www.cmdbuild.org # Software Link: https://www.cmdbuild.org/en/download/latest-version # Version: CMDBuild 3.3.2 # Tested on: Linux Summary: Multiple stored cross-site scripting (XSS) vulnerabilities in Tecnoteca CMDBuild 3.3.1 allow remote attackers to inject arbitrary web script or …

[webapps] CMDBuild 3.3.2 – 'Multiple' Cross Site Scripting (XSS) Read More »

A Practical Guide to the Different Compliance Kubernetes Security Frameworks and How They Fit Together

This blog was originally published by ARMO here. Written by Jonathan Kaftzan, ARMO. TL;DR – Comparing popular Kubernetes security and compliance frameworks, how they differ, when to use, common goals, and suggested toolsThe challenge of administering security and maintaining compliance in a Kubernetes ecosystem is typically the same: an increasingly dynamic, changing landscape, be it …

A Practical Guide to the Different Compliance Kubernetes Security Frameworks and How They Fit Together Read More »

Why Cloud-Ready, Centralized AppSec Must Underpin State Government Cloud Adoption

This blog was originally published by Checkmarx here. Written by Rebecca Spiegel, Checkmarx. State and local governments are accelerating their use of the cloud as they focus on delivering more digital services with fewer resources and continue responding to pandemic pressures. In a recent FedRAMP survey conducted by Maximus and Genesys, 49% of state and …

Why Cloud-Ready, Centralized AppSec Must Underpin State Government Cloud Adoption Read More »

Booz Allen spins out SnapAttack to a new cyber threat hunting and detection company

Booz Allen Hamilton announced it has completed a transaction to transfer all assets related to SnapAttack, a cloud-based software solution that brings together actionable threat intelligence and hacker detection to proactively detect and defend against cyber threats, to a new cyber threat hunting and detection company. Financial terms were not disclosed. The entity includes a …

Booz Allen spins out SnapAttack to a new cyber threat hunting and detection company Read More »

Data Security and Privacy-related ISO/IEC Certifications

Written by Ashwin Chaudhary, CEO of Accedere. In this blog, we will focus on Data Security and Privacy-related ISO/IEC Certifications. With the cybercrime market targeting 10.5 Trillion USD and increasing data security breaches, the need for third-party vendor certifications is also increasing. ISO/IEC 27001 The most popular ISO/IEC Certification is the 27001:2013 which has shown …

Data Security and Privacy-related ISO/IEC Certifications Read More »

OneSpan appoints Matthew Moynahan as President and CEO

OneSpan announced that the Company’s Board of Directors has appointed Matthew Moynahan as President and Chief Executive Officer effective November 29, 2021. Mr. Moynahan most recently served as CEO at Forcepoint, a subsidiary of Raytheon Technologies, for nearly five years where he transformed the company’s offerings from predominantly on-premises to a cloud-consumption model and drove …

OneSpan appoints Matthew Moynahan as President and CEO Read More »

Magecart Juggernaut Devastates Businesses Globally

Analysis reveals how some of the world’s largest brands were compromised – Charlie Osborne London – Nov. 15, 2021 When the “Magecart” name first appeared in connection to an attack against Ticketmaster, in many circles, it was believed that the major incident was only a one-off attack. However, Magecart-style assaults have been going back to …

Magecart Juggernaut Devastates Businesses Globally Read More »

Hacker Compromises FBI Server to Send Fake Emails

Hackers got into an email server at the FBI over the weekend to spread fake messages in an attempt to blame a cybersecurity expert for non-existent attacks, apparently in hopes of damaging his reputation. According to intelligence organization Spamhaus and subsequent reports, the hackers sent out emails with the false accusations in two waves to …

Hacker Compromises FBI Server to Send Fake Emails Read More »

Operation Reacharound – Emotet malware is back

The Emotet botnet is still active, ten months after an international operation coordinated by Europol shut down its infrastructure. Early this year, law enforcement and judicial authorities worldwide conducted a joint operation, named Operation Ladybird, which disrupted the EMOTET botnet. At the time the investigators have taken control of its infrastructure in an international coordinated action.  …

Operation Reacharound – Emotet malware is back Read More »

The Beginner’s Guide to Azure PowerShell: One Shell to Rule Them All

PowerShell has been a favorite solution of Windows administrators for over a decade, with the capability to automate almost any task that exists in the Microsoft ecosystem. From governing user accounts, servers, databases, and more, the list of its uses is never-ending! And with the Azure module, you can use the same basic principles to …

The Beginner’s Guide to Azure PowerShell: One Shell to Rule Them All Read More »