Dec 01 2021
List of data breaches and cyber attacks in November 2021 – 223.6 million records breached
Luke Irwin 1st December 2021
In November, we discovered 81 publicly disclosed cyber security incidents, accounting for 223,615,390 breached records.
With one month left in 2021, the annual total running total of compromised records is to just shy of 5 billion.
Keep an eye out for our end-of-year report in the next few weeks, where we’ll break down the findings of these lists – or subscribe to our Weekly Round-up to get the latest news sent straight to your inbox.
In the meantime, you can find the full list of security incidents below, with those affecting UK organizations listed in bold.
Contents
- Cyber attacks
- Ransomware
- Data breaches
- Financial information
- Malicious insiders and miscellaneous incidents
- In other news…
Different techniques and tools used by cyberattackers to exploit a system are thoroughly discussed and analyzed in their respective chapters.
Use promo code XMASTOOLS to redeem your 10% discount on any toolkit, but hurry – this exclusive offer ends December 5.
Toolkits are sets of documents and tools that allow you to easily create and maintain up-to-date compliance documents. Each toolkit contains:
* Pre-written policies, procedures, and templates created by industry experts that will save you time and money
* Additional tools to ensure complete coverage of the relevant standard, framework, or regulation
* Work instructions and guidance
Nov 29 2021
InfoSec books, toolkits, and training courses – 15% off
Save 15% off books, toolkits, self-paced training courses, and selected Live Online training courses. Use code BF15 at checkout to claim your discount. But hurry, offer ends tomorrow 30 November, midnight PDT*.
This Black Friday ITG is offering you 15% off ITGP books, ITGP toolkits, self-paced training courses, and selected Live Online training courses.
Discover all resources  |
| Bestselling books |
 The California Privacy Rights Act (CPRA) – An implementation and compliance guide This book gives you a comprehensive understanding of the CPRA, covering key terms, security requirements, the breach notification procedure, and the penalties for non-compliance.  ISO 27001 controls – A guide to implementing and auditing The must-have book to understand the requirements of an ISMS (information security management system) based on ISO 27001.  Certified ISO 27001 ISMS Foundation Self-Paced Online Training Course This course provides a complete introduction to the key elements required to achieve ISO 27001 compliance. |
Oct 21 2021
US Bureau of Industry and Security bans export of hacking tools to authoritarian regimes
The Commerce Department’s Bureau of Industry and Security (BIS) would ban U.S. firms from selling hacking tools to authoritarian regimes.
The Commerce Department’s Bureau of Industry and Security (BIS) would introduce a new export control rule aimed at banning the export or resale of hacking tools to authoritarian regimes.
The rule announced by the BIS tightens export controls on technology that could be used by adversaries to conduct malicious cyber activities and surveillance of private citizens resulting in human rights abuse.
The rull will become effective in 90 days and will ban the export of “cybersecurity items” for National Security (NS) and Anti-terrorism (AT) reasons.
“Specifically, this rule establishes a new control on these items for National Security (NS) and Anti-terrorism (AT) reasons, along with a new License Exception Authorized Cybersecurity Exports (ACE) that authorizes exports of these items to most destinations except in the circumstances described. These items warrant controls because these tools could be used for surveillance, espionage, or other actions that disrupt, deny or degrade the network or devices on it.” reads the announcement published by the Bureau of Industry and Security, Commerce.
The new License Exception Authorized Cybersecurity Exports would allow the export, reexport and transfer (in-country) of ‘cybersecurity items’ to most destinations, while retaining a license requirement for exports to countries of national security or weapons of mass destruction concern. The license will be required for those countries subject to a U.S. arms embargo.
The complete list includes states of weapons of mass destruction or national security concern or subject to a U.S. arms embargo.
The rule is consistent with the result of BIS’s negotiations in the Wassenaar Arrangement (W.A.) multilateral export control regime and results from a review of comments from Congress, the private sector, academia, civil society, and other stakeholders.
Aug 17 2021
Fortinet FortiWeb OS Command Injection allows takeover servers remotely
Fortinet addresses a command injection vulnerability that can allow attackers to take complete control of servers running vulnerable FortiWeb WAF installs.
An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that could allow an attacker
The vulnerability impacts Fortinet FortiWeb versions 6.3.11 and earlier, an authenticated attacker could exploit the issue to take complete control of servers running vulnerable versions of the FortiWeb WAF.
An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw (i.e. CVE-2020-29015) to allow an unauthenticated attacker to trigger the vulnerability.
The vulnerability was reported by the researcher William Vu from Rapid7.
“An attacker, who is first authenticated to the management interface of the FortiWeb device, can smuggle commands using backticks in the “Name” field of the SAML Server configuration page. These commands are then executed as the root user of the underlying operating system.” reads the post published by Rapid7. “An attacker can leverage this vulnerability to take complete control of the affected device, with the highest possible privileges. “
The flaw could allow an attacker to deploy a persistent shell, install crypto mining software, or other malware families. If the management interface is exposed to the internet, an attacker could trigger the issue to reach into the affected network beyond the DMZ. Rapid7 researchers discovered less than three hundred devices exposing their management interfaces online. Let’s remind that management interfaces for devices like FortiWeb should not be exposed online!
![OWASP WEB APPLICATION SECURITY THREATS – MARKET INTEREST TREND : FULL REPORT PACKAGE by [CURIOSITY PUBLISHERS]](https://m.media-amazon.com/images/I/41MW20-YgdL.jpg)
Aug 13 2021
Google open-sourced Allstar tool to secure GitHub repositories
Google has open-sourced the Allstar tool that can be used to secure GitHub projects and prevent security misconfigurations.
Google has open-sourced the Allstar tool that can be used to secure GitHub projects by enforcing a set of security policies to prevent misconfiguration.
“Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to be able to continuously monitor and detect any GitHub setting or repository file contents that may be risky or do not follow security best practices.” reads the project description. “If Allstar finds a repository to be out of compliance, it will take an action such as create an issue or restore security settings.”
Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information
Jan 28 2021
TeamTNT group adds new detection evasion tool to its Linux miner
The TeamTNT cybercrime group has upgraded their Linux cryptocurrency miner by adding open-source detection evasion capabilities, AT&T Alien Labs researchers warn.
Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with the ability to steal Docker credentials.
The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations.
“The group is using a new detection evasion tool, copied from open source repositories,” reads the analysis published by AT&T Alien Labs.
The threat actor behind the botnet used the new tool to hide the malicious process from process information programs such as `ps` and `lsof`and evading the detection.
The libprocesshider open-source tool is available on Github since 2014 and is able to “hide a process under Linux using the ld preloader.” The “preloading” technique allows the system to load a custom shared library before other system libraries are loaded. If the custom shared library exports a function with the same signature of a library that is located in the system libraries, the custom version will override it.
Jan 27 2021
ISO Self Assessment Tools
ISO Self assessment tools list includes but not limited to Privacy, ISO 27001, ISO 9001 and ISO 14001 & ISO/IEC 27701 2019 Standard and Toolkit
May 24 2020
FREE Open Source Tools
FREE Open Source Tools – via SANS Institute
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/05/Free-open-source-tools.pdf” title=”Free open source tools”]
Open source intelligence (OSINT)
Cybersecurity Tools | Popular Tools for Cybersecurity Threats
httpv://www.youtube.com/watch?v=KgtevibJlTE
Download a CyberAware cheat sheet
Jun 15 2019
Chinese spies stole NSA hacking tools, report finds
In the report, the cybersecurity company Symantec claims that a Chinese hacker group associated with Chinese government intelligence conducted a hacking campaign using a tool that at the time was only known to be the property of the NSA.
Source: Chinese spies stole NSA hacking tools, report finds
Jun 11 2019
Zydra : Password Recovery Tool & Linux Shadow File Cracker
Zydra is a file password recovery tool and Linux shadow file cracker. It uses the dictionary search or Brute force method for cracking passwords.
Source: Zydra : Password Recovery Tool & Linux Shadow File Cracker
Apr 25 2019
Computer security training courses
Computer security training courses – Online cyber security courses
Build your cyber security awareness and InfoSec career to keep your cyber security skills relevant. Learn how to protect your information assets against today’s cyber threats with best online cyber security training courses.
DISC InfoSec cyber security training curriculum includes specialized InfoSec training and general cyber security courses for all levels.
Security Penetration Testing (The Art of Hacking Series) LiveLessons
Linux Security and Hardening, The Practical Security Guide
CISSP LiveLessons
Red Hat Certified Engineer (RHCE) with Virtual Machines LiveLessons
Fundamentals of nerc cip
Cyber Security – Online Scams & How to Avoid Them
Disaster Recovery and Risk Management
 |
|
|
|---|---|---|
| Penetration Testing | AWS Security | |
- InfoSec books from Amazon
- InfoSec books from IT Governance
- InfoSec books from eBay
- InfoSec books from Wordery
Apr 20 2019
Every Linux Networking Tool
Mar 23 2019
Python Cheat Sheets
« Previous Page
