Jan 22 2021
Key 2021 Insights: Proactive Security Needed for Ransomware, Phishing
Healthcare leaders will need to shift into a proactive security approach into 2021, if they hope to defend against the onslaught of ransomware and phishing threats.
The ransomware surge during the last few months has already continued into 2021. And though the malware will remain a key trend into this year, healthcare industry stakeholders will need adopt a proactive security approach and secure key entry points, including phishing threats and vulnerable endpoints.
Listen to theĀ full podcastĀ to learn more about Xtelligent Healthcare Mediaās predictions for 2021. And donāt forget to subscribe onĀ iTunes,Ā Spotify, orĀ Google Podcasts.
Xtelligent Healthcare Media Editors recently compiled predictions for the healthcare sector in the year ahead on aĀ Healthcare StrategiesĀ podcast episode. In the healthcare security space, leaders can expect continued email-based attacks and other schemes that prey on COVID-19 fears.
Source: Proactive Security Needed for Ransomware, Phishing
Jan 22 2021
70% of Financial Service Firms Hit by COVID Cyber Attacks
A new report has emerged detailing that 70% of financial service firms have been hit by COVID-related cyber attacks in the past twelve months that were more damaging due to the unusual circumstances of the COVID-19 virus.
The numbers come from Keeper Security, who took responses from more than 370 information technology leaders in the UK while compiling a global report into financial service firms being targeted by cyber attacks.
Authors of the report state that 70% of financial service firms were hit by cyber attacks, with the majority of IT leaders saying that COVID-19 working conditions made the attacks more severe.
Jan 21 2021
WordPress Security: The Ultimate Guide
WordPress Security: The Ultimate Guide
WordPress security can be intimidating, but it doesnāt hhttps://ithemes.com/wordpress-security-the-ultimate-guide/?ave to be. In this comprehensive guide to WordPress security, weāve simplified the basics of securing your WordPress website so that any non-technical person can understand and protect their website from hacker attacks.
This guide to WordPress security is broken down into 10 easily digestible sections. Each section will guide you through a specific aspect of WordPress security. By the end of the guide, you will learn the different types of vulnerabilities, the motives of hackers, and how to secure everything from your server to the individual users of your WordPress website.
Source: WordPress Security: The Ultimate Guide
Jan 20 2021
List of DNSpooq vulnerability advisories, patches, and updates
Yesterday, seven Dnsmasq vulnerabilities were disclosed, collectively known as DNSPooq, that attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks, on affected devices.
Dnsmasq is a widely used open-source Domain Name System (DNS) forwarding application commonly installed on routers, operating systems, access points, and other networking equipment.
Vendors have started to release information on how customers can protect themselves from DNSPooq. To make it easier to find this information, BleepingComputer will be listing security advisories as they are released.
The related CVEs from JSOF’s DNSpooq advisory are listed below, along with their descriptions.
| Name | CVSS | Description |
|---|---|---|
| CVE-2020-25681 | 8.1 | Dnsmasq versions before 2.83are susceptible to a heap-based buffer overflow in sort_rrset() when DNSSEC is used. This can allow a remote attacker to write arbitrary data into target deviceās memory that can lead to memory corruption and other unexpected behaviors on the target device. |
| CVE-2020-25682 | 8.1 | Dnsmasq versions before 2.83 are susceptible to buffer overflow in extract_name() function due to missing length check, when DNSSEC is enabled. This can allow a remote attacker to cause memory corruption on the target device. |
| CVE-2020-25683 | 5.9 | Dnsmasq versions before 2.83 are susceptible to a heap-based buffer overflow when DNSSEC is enabled. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a Denial of Service. |
| CVE-2020-25687 | 5.9 | Dnsmasq versions before 2.83are vulnerable to a heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of Service. |
| CVE-2020-25684 | 4 | A lack of proper address/port check implemented in dnsmasq versions |
| CVE-2020-25685 | 4 | A lack of query resource name (RRNAME) checks implemented in dnsmasqās versions before 2.83 reply_query function allows remote attackers to spoof DNS traffic that can lead to DNS cache poisoning. |
| CVE-2020-25686 | 4 | Multiple DNS query requests for the same resource name (RRNAME) by dnsmasq versions before 2.83 allows for remote attackers to spoof DNS traffic, using a birthday attack (RFC 5452), that can lead to DNS cache poisoning. |
BleepingComputer suggests checking this page throughout the coming days to see if new information is available for devices you may be using.
Source: List of DNSpooq vulnerability advisories, patches, and updates
Jan 19 2021
CPRA Compliance
This tool enables you to identify your organizationās CPRA (California Privacy Rights Act) compliance gaps, and helps you plan the steps necessary to achieve ongoing compliance.
Jan 18 2021
Crafting the InfoSec PlayBook
Any good attacker will tell you that expensive security monitoring and prevention tools arenāt enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. Youāll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone.
Written by members of Ciscoās Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture.
- Learn incident response fundamentalsāand the importance of getting back to basics
- Understand threats you face and what you should be protecting
- Collect, mine, organize, and analyze as many relevant data sources as possible
- Build your own playbook of repeatable methods for security monitoring and response
- Learn how to put your plan into action and keep it running smoothly
- Select the right monitoring and detection tools for your environment
- Develop queries to help you sort through data and create valuable reports
- Know what actions to take during the incident response phase
Jan 17 2021
President Biden’s Peloton exercise equipment under scrutiny
President Joe Biden can’t bring his Peloton exercise equipment to the White House due to security reasons.
Peloton devices are connected online and are equipped with a camera and microphone that give the users an immersive experience and communications capabilities. On the other side, these features pose a potential risk to the user in case of a hack, and President Joe Biden is a privileged target.
To secure the exercise equipment, Bidenās Peloton may have to be modified, removing the microphone, camera and networking equipment.
āIf you really want that Peloton to be secure, you yank out the camera, you yank out the microphone, and you yank out the networking equipment ā¦ and you basically have a boring bike,ā Max Kilger, Ph.D., director of the Data Analytics Program and Associate Professor in Practice at the University of Texas at San Antonio, told Popular Mechanics. āYou lose the shiny object and the attractiveness.ā
Source: President Biden’s Peloton exercise equipment under scrutiny
So long Peloton Joe Biden may need new exercise equipment when he moves
httpv://www.youtube.com/watch?v=m7VjoflLL8k&ab_channel=InsideNews
Nov 29 2020
10 Best InfoSec Hacking Books
10 Best InfoSec Hacking Books
To downloadĀ 10 Best InfoSec Hacking Books pdf
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/11/10-best-InfoSec-hacking-books.pdf” title=”10 best InfoSec hacking books”]
To downloadĀ 10 Best InfoSec Hacking Books pdf
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/11/Metsploit-cheatsheet.pdf” title=”Metsploit cheatsheet”]
Nov 17 2020
Microsoft’s Pluton chip upgrades the hardware security of Windows PCs
The next Windows PC you buy could come with an advanced security co-processor that will protect your data from being stolen by hackers.
The next Windows PC you buy could come with an advanced security co-processor that will protect your data from being stolen by hackers. Building on work it started with the Xbox One, on Tuesday Microsoft announced the existence of Pluton. Itās a new project the company is working on with both AMD and Intel, as well as Qualcomm, to create x86 and ARM CPUs that integrate a dedicated security component.
At its simplest, Pluton is an evolution of the existing Trusted Platform Module (TPM) you find in many modern computers. TPMs store security-related information about your operating system and enable features like Windows Hello. However, for all the additional security they add to PCs, they still have vulnerabilities. As security researchers have shown, itās possible for hackers to attack the bus interface that allows the TPM and CPU to communicate with one another.
Thatās where Pluton comes into the picture. By integrating the TPM into the CPU, Microsoft says itās able to close off that avenue of attack. When the first slate of Pluton-equipped CPUs and computers start making their way out to consumers, Microsoft says theyāll emulate TPM chips so that they can take advantage of existing APIs and provide Windows users with immediate usefulness. The end goal is for Pluton-equipped CPUs to protect your credentials, encryption keys and personal data. In that way, it will be similar to the T2 and Titan M security chips Apple and Google offer, but with the added advantage of being there for the entire Windows ecosystem to use.
Source: Microsoft’s Pluton chip upgrades the hardware security of Windows PCs
Microsoft Pluton is a new security chip for Windows PCs
httpv://www.youtube.com/watch?v=f85ipqsOcqc&ab_channel=REFILLSOLUTIONS
Nov 06 2020
Pwn2Own Tokyo Day one: NETGEAR Router, WD NAS Device hacked
Pwn2Own Tokyo 2020 hacking competition is started, bug bounty hunters already hacked a NETGEAR router and a Western Digital NAS devices.
The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from Toronto, Canada, and white hat hackers taking part in the competition have to demonstrate their ability to find and exploit vulnerabilities in a broad range of devices.
On the day one of the competition, bug bounty hunters have successfully hacked a vulnerability in the NETGEAR Nighthawk R7800 router. The participants were the Team Black Coffee, Team Flashback, and teams from cybersecurity firms Starlabs and Trapa Security, and the Team Flashback earned $20,000 for a remote code execution exploit that resulting from the chaining of two bugs in the WAN interface.
āThe team combined an auth bypass bug and a command injection bug to gain root on the system. They win $20,000 and 2 points towards Master of Pwn.ā reads the post on the official site of the Pwn2Own Tokyo 2020.
The Trapa team successfully chained a pair of bugs to gain code execution on the LAN interface of the router, the experts earned $5,000 and 1 point towards Master of Pwn.
The STARLabs team earned the same amount after using a command injection flaw to take control of the device.
The Western Digital My Cloud Pro series PR4100 NSA device was targeted by The Trapa Security team also earned $20,000 for a working exploit for the Western Digital My Cloud Pro series PR4100 NSA device.
The exploit code chained an authentication bypass bug and a command injection vulnerability to gain root on the device.
Source: Pwn2Own Tokyo Day one: NETGEAR Router, WD NAS Device hacked
Pwn2Own Tokyo (Live from Toronto) 2020 – Day One
httpv://www.youtube.com/watch?v=jX0b8iKXnbI&ab_channel=ZeroDayInitiative
Nov 05 2020
Spotting a Common Scam
Spotting a CommonĀ ScamĀ
These scams seek to collect personal information about you, often appearing to come from a real businessĀ or agency.Ā Someone may pose as an official disaster aid worker, orĀ send you aĀ fraudulentĀ COVIDĀ contact tracing email.Ā If you receive a message with a link, you should not click it as it may download malware to your device to steal passwords and personal information.Ā GovernmentĀ agencies like FEMA or the IRSĀ will never contact you asking for a FEMA registration number, a Social Security number, or a bank account or credit card number to give you aĀ COVIDĀ or FEMA paymentāor ask you to pay anything up front to fill out an application or to access state or federal resources.
Before sharing, check that what you are reading is from a trustworthy source. Disinformation can be life threatening in a global pandemic.
No curesĀ or vaccines have been approved for COVID-19 yet. Online offers claiming to provide a medicine orĀ device to treat or prevent COVID should be ignored. When there is a new breakthrough in the treatment and prevention of COVID, it will be widely reported on by reputable news sources.
Fake charitiesĀ often emerge followingĀ aĀ crisis, soliciting donations, but not using them for the described purpose. Before donating, check outĀ www.ftc.gov/charityĀ Ā to research the organization and make sure itās legitimate.
If you receive a robocall, you should hang up instead of pushing any buttons or giving away any personal information.Ā If a call claims to be from the IRSĀ orĀ FEMA, butĀ demands immediate payment through debit card or wire transfer, it is fraudulent.Ā Federal agenciesĀ will never demand immediate payment over the phone, threaten immediate arrest, or ask you to make a payment to anyone other than the U.S. Treasury.
Warning Signs that a Loved One may be the Victim of a ScamĀ
VictimsĀ to a scamĀ may be embarrassed or uncomfortable asking forĀ help. Itās not always obvious when someoneĀ has been scammed, so check in with your loved ones frequently, especially if they are older, live alone, or are otherwise high risk.
Warning signs include large ATM withdrawals, charges, or checks; secretiveness and increased anxiety about finances; large quantities of goods being delivered that they do not need; an unusual number of phone calls or visits from strangers; and a sudden lack of money, unpaid bills, or a change in daily habits.
For more information, and to get helpĀ with a potential FEMA fraud, you can call theĀ National Center for Disaster Fraud Hotline at 866-720-5721Ā or FEMAāsĀ Public Inquiry Unit at 916-210-6276. ForĀ questionsĀ about pandemic scams,Ā go toĀ www.ftc.gov/coronavirusĀ orĀ www.cdc.goc/coronavirus/2019-ncovĀ .
Aug 28 2020
Cisco engineer resigns then nukes 16k WebEx accounts, 456 VMs
A former Cisco employee pleaded guilty to accessing the company’s cloud infrastructure in 2018,Ā five months after resigning, to deploy code that led to the shut down of more than 16,000 WebEx Teams accounts and the deletion of 456 virtual machines.
According to a plea agreement filed on July 30, 2020, 30-year-old Sudhish Kasaba Ramesh accessed Cisco’s cloud infrastructure hosted on Amazon Web Services without permission on September 24, 2018 ā he resigned from the company in April 2018.
Source: Cisco engineer resigns then nukes 16k WebEx accounts, 456 VMs
From Weakest Link to Human Firewall in Seven Days
Download a Security Risk Assessment Steps paper!
Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!
DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles
Subscribe to DISC InfoSec blog by Email
👉Ā Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet
Aug 19 2020
edX Courses | View all online computer science courses on edX
Find online courses from top universities. Search all edX MOOCs from Harvard, MIT and more and enroll in a free course today.
Source: edX Courses | View all online courses on edX.org
Download a Security Risk Assessment Steps paper!
Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!
DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles
Subscribe to DISC InfoSec blog by Email
👉Ā Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet
Jul 28 2020
Rite Aid deployed facial recognition system in hundreds of U.S. stores
Rite Aid used facial recognition in largely lower-income, non-white neighborhoods. The systems included one from a firm with links to China and its government
Source: Rite Aid deployed facial recognition system in hundreds of U.S. stores
Rite Aid facial recognition rollout faces trouble
httpv://www.youtube.com/watch?v=ltA9fABnee8
Download a Security Risk Assessment Steps paper!
Subscribe to DISC InfoSec blog by Email
Take an awareness quiz to test your basic cybersecurity knowledge
DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles
Jul 17 2020
Twitter stepped up search to fill top security job ahead of hack
Search for a chief information security officer
Twitter Inc had stepped up its search for a chief information security officer in recent weeks, two people familiar with the effort told Reuters, before the breach of high-profile accounts on Wednesday raised alarms about the platform’s security. Twitter said hackers had targeted employees with access to its internal systems and āused this access to take control of many highly-visible (including verified) accounts.ā
The second and third rounds of hijacked accounts tweeted out messages telling users to send bitcoin to a given address in order to get more back. Publicly available blockchain records show the apparent scammers received more than $100,000 worth of cryptocurrency.
The U.S. House Intelligence Committee was in touch with Twitter regarding the hack, according to a committee official who did not wish to be named.
Source: Twitter stepped up search to fill top security job ahead of hack
Twitter says 130 accounts were targeted in hack
httpv://www.youtube.com/watch?v=4pquwx-doYg
Explore latest CISO Titles at DISC InfoSec
Download a Security Risk Assessment Steps paper!
Subscribe to DISC InfoSec blog by Email
Take an awareness quiz to test your basic cybersecurity knowledge
DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles
Jul 11 2020
Ten Steps to Reduce Your Cyber Risk
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/07/Ten-Steps-to-Reduce-Your-Cyber-Risk.pdf” title=”Ten Steps to Reduce Your Cyber Risk”]
Reduce your cyber risk with ISO 27001
Contact DISC InfoSec if you have a question regarding ISO 27001 implementation.
Explore the subject of Cyber Attack
Download a Security Risk Assessment Steps paper!
Subscribe to DISC InfoSec blog by Email
Take an awareness quiz to test your basic cybersecurity knowledge
DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles
Jul 07 2020
How to uninstall Microsoft Edge forced-installed via Windows Update
If Microsoft Edge was installed in Windows 10 via Windows Update, you can not remove it via standard methods. That does not mean you cannot remove it, though, as a technique has been discovered to uninstall the program via the command prompt.
Source: How to uninstall Microsoft Edge forced-installed via Windows Update
New Microsoft Edge browser cant be uninstalled when you get it on Windows update
httpv://www.youtube.com/watch?v=2mvyKqFzf5o
Explore the subject of Cyber Attack
Download a Security Risk Assessment Steps paper!
Subscribe to DISC InfoSec blog by Email
Take an awareness quiz to test your basic cybersecurity knowledge
DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles
« Previous Page — Next Page »
