MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros

MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. In this Help Net Security interview, project leader Ada… Continue reading MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros

Uncovering attacker tactics through cloud honeypots

Attackers typically find exposed “secrets” – pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in many cases, begin exploiting them almost instantly, highlighting the urgent ne… Continue reading Uncovering attacker tactics through cloud honeypots

US Cyber Command, CISA warn of hackers exploiting critical VMware flaw

Hackers have been leveraging a critical flaw in the software that Silicon Valley vendor VMware uses to manage virtual machines in large data centers, U.S. Cyber Command warned on Saturday. The flaw allows an attacker to execute code remotely and potentially infiltrate sensitive computing environments that run on VMware’s widely used server management software. Security fixes have been available since May 25, but the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and Cyber Command, a U.S. military unit, urged users to update their software after researchers discovered at least one public exploit for the vulnerability. “Please patch immediately!” the command tweeted on Saturday. VMware itself issued an urgent advisory telling clients to apply the patch on May 25. As corporations and government agencies increasingly use cloud computing to consolidate data, the value of flaws in code built by VMware and other vendors has only grown. Bad Packets, a […]

The post US Cyber Command, CISA warn of hackers exploiting critical VMware flaw appeared first on CyberScoop.

Continue reading US Cyber Command, CISA warn of hackers exploiting critical VMware flaw

Crooks are getting smarter about exploiting SAP software, study finds

Security researchers on Tuesday warned of the unrelenting interest that cybercriminals have in exploiting applications made by software giant SAP to defraud or disrupt big businesses that rely on SAP products. A months-long study by Boston-based security firm Onapsis found that malicious hackers are growing more knowledgeable of SAP software and the potential impact that compromises could have on customers. In one case, an unidentified attacker managed to chain together multiple software exploits to target an SAP “credential store,” which stores login details for an organization’s high-value SAP users. Access to the credential store could give a hacker the ability to exploit other applications that interact with those credentials. SAP has 400,000 customers worldwide, including more than half of NATO members. A big swath of the world’ largest public companies use the software to manage their business processes. A critical bug in SAP software could be a ticket for a […]

The post Crooks are getting smarter about exploiting SAP software, study finds appeared first on CyberScoop.

Continue reading Crooks are getting smarter about exploiting SAP software, study finds

How IoT insecurity impacts global organizations

As the Internet of Things becomes more and more part of our lives, the security of these devices is imperative, especially because attackers have wasted no time and are continuously targeting them. Chen Ku-Chieh, an IoT cyber security analyst with the … Continue reading How IoT insecurity impacts global organizations

Attackers are probing Citrix controllers and gateways through recently patched flaws

Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins to apply them as soon as possible to reduce risk. At the time, there was no pu… Continue reading Attackers are probing Citrix controllers and gateways through recently patched flaws

MongoDB is subject to continual attacks when exposed to the internet

On average, an exposed Mongo database is breached within 13 hours of being connected to the internet. The fastest breach recorded was carried out 9 minutes after the database was set up, according to Intruder. MongoDB is a general purpose, document-bas… Continue reading MongoDB is subject to continual attacks when exposed to the internet

Honware: IoT honeypot for detecting zero-day exploits

Two researchers have created a solution that could help security researchers and IoT manufacturers with detecting zero-day exploits targeting internet-connected devices more speedily than ever before. It’s called honware, and it’s a virtual… Continue reading Honware: IoT honeypot for detecting zero-day exploits