Collaborate Disseminate
MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. In this Help Net Security interview, project leader Ada… Continue reading MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros
There’s yet another 0-day exploit chain discovered as part of NSO Group’s Pegasus malware suite. This one is known as BLASTPASS, and it’s a nasty one. There’s no user interaction …read more Continue reading This Week in Security: Blastpass, MGM Heist, and Killer Themes
Attackers typically find exposed “secrets” – pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in many cases, begin exploiting them almost instantly, highlighting the urgent ne… Continue reading Uncovering attacker tactics through cloud honeypots
Hackers have been leveraging a critical flaw in the software that Silicon Valley vendor VMware uses to manage virtual machines in large data centers, U.S. Cyber Command warned on Saturday. The flaw allows an attacker to execute code remotely and potentially infiltrate sensitive computing environments that run on VMware’s widely used server management software. Security fixes have been available since May 25, but the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and Cyber Command, a U.S. military unit, urged users to update their software after researchers discovered at least one public exploit for the vulnerability. “Please patch immediately!” the command tweeted on Saturday. VMware itself issued an urgent advisory telling clients to apply the patch on May 25. As corporations and government agencies increasingly use cloud computing to consolidate data, the value of flaws in code built by VMware and other vendors has only grown. Bad Packets, a […]
The post US Cyber Command, CISA warn of hackers exploiting critical VMware flaw appeared first on CyberScoop.
Continue reading US Cyber Command, CISA warn of hackers exploiting critical VMware flaw
Security researchers on Tuesday warned of the unrelenting interest that cybercriminals have in exploiting applications made by software giant SAP to defraud or disrupt big businesses that rely on SAP products. A months-long study by Boston-based security firm Onapsis found that malicious hackers are growing more knowledgeable of SAP software and the potential impact that compromises could have on customers. In one case, an unidentified attacker managed to chain together multiple software exploits to target an SAP “credential store,” which stores login details for an organization’s high-value SAP users. Access to the credential store could give a hacker the ability to exploit other applications that interact with those credentials. SAP has 400,000 customers worldwide, including more than half of NATO members. A big swath of the world’ largest public companies use the software to manage their business processes. A critical bug in SAP software could be a ticket for a […]
The post Crooks are getting smarter about exploiting SAP software, study finds appeared first on CyberScoop.
Continue reading Crooks are getting smarter about exploiting SAP software, study finds
As the Internet of Things becomes more and more part of our lives, the security of these devices is imperative, especially because attackers have wasted no time and are continuously targeting them. Chen Ku-Chieh, an IoT cyber security analyst with the … Continue reading How IoT insecurity impacts global organizations
Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins to apply them as soon as possible to reduce risk. At the time, there was no pu… Continue reading Attackers are probing Citrix controllers and gateways through recently patched flaws
On average, an exposed Mongo database is breached within 13 hours of being connected to the internet. The fastest breach recorded was carried out 9 minutes after the database was set up, according to Intruder. MongoDB is a general purpose, document-bas… Continue reading MongoDB is subject to continual attacks when exposed to the internet
Two researchers have created a solution that could help security researchers and IoT manufacturers with detecting zero-day exploits targeting internet-connected devices more speedily than ever before. It’s called honware, and it’s a virtual… Continue reading Honware: IoT honeypot for detecting zero-day exploits
The 2017 WannaCry-fueled shutdown of a car facility and other high-profile infections make ransomware too big to ignore for the manufacturing sector. But while factory operators reckon with their security weaknesses, they sometimes lack information on how and why their networks attract the interest of digital thieves. In search of those answers, researchers at cybersecurity company Trend Micro ran a simulated factory network for seven months that invited all sorts of digital miscreants into the fray. Different attackers used the mock network, or honeypot, to mine cryptocurrency and infected it with two strains of a ransomware known as CrySIS. “These are career ransomware actors that are doing these things,” Trend Micro senior threat researcher Stephen Hilt told CyberScoop, reflecting on how professionalized and sector-agnostic ransomware attacks have become. In both cases, the attackers were able to lock up files on the network by breaching the faux factory’s robotics workstation, which […]
The post Researchers set up a mock factory network — and watched the criminals rush in appeared first on CyberScoop.
Continue reading Researchers set up a mock factory network — and watched the criminals rush in