Aug 15 2020

PoC exploit code for two Apache Struts 2 flaws available online

Category: Security vulnerabilitiesDISC @ 11:37 am

Security researchers have discovered a PoC code and exploit available online that can be used to trigger unpatched security flaws in Apache Struts 2.

Security researchers have discovered a PoC code and exploit available on GitHub that that can be used to trigger the security vulnerabilities in Apache Struts 2.

The Proof-of-concept exploit code was released last week, it allows to trigger the CVE-2019-0230 and CVE-2019-0233 vulnerabilities in Apache Struts 2 that are classified as remote code-execution and denial-of-service issues respectively. Both vulnerabilities were addressed by the Apache team in November 2019.

According to an advisory published by the Cybersecurity and Infrastructure Security Agency (CISA) the two flaws impact Apache Struts versions 2.0.0 through 2.5.20. The Apache Struts Security Team urges administrators to upgrade their installs to Struts 2.5.22.

Apache Struts 2 is an open-source, extensible framework for creating enterprise-ready Java web applications.

Unpatched installs could allow attackers to carry out malicious activities. In 2017, the credit reporting agency Equifax suffered a massive data breach, attackers exploited the CVE-2017-5638 Apache Struts vulnerability.

The CVE-2019-0230, for which a PoC exploit code is available only, could be triggered when a threat actor sends a malicious Object-Graph Navigation Language (OGNL) expression that can result in a remote code-execution in the context of the affected application.

Depending on the privileges associated with the affected application, an attacker could perform multiple malicious activities, such as install applications; modify or delete data, or create new admin accounts.

The DoS flaw, tracked as CVE-2019-0233, affects the write permissions of file directories that could lead to conditions ripe for a DoS attack.

According to the Apache Struts Wiki description of the bug, this flaw can be triggered with a file upload to a Strut’s Action that exposes the file.

“When a file upload is performed to an Action that exposes the file with a getter, an attacker may manipulate the request such that the working copy of the uploaded file is set to read-only. As a result, subsequent actions on the file will fail with an error.” reads the advisory. “It might also be possible to set the Servlet container’s temp directory to read only, such that subsequent upload actions will fail,”

The Apache security bulletin recommends to upgrade outdated installs and verify no unauthorized system modifications have occurred on the system.

Source: PoC exploit code for two Apache Struts 2 flaws available online

Download a Security Risk Assessment Steps paper!

Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

 

Aug 14 2020

CISA alerts of phishing attack targeting SBA loan relief accounts

Category: PhishingDISC @ 9:31 am

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released an alert about phishing attacks targeting various government organizations to steal logins for the Small Business Administration COVID-19 loan relief accounts.

In a newer phishing attack that started in August, security researchers saw the threat actor using convincing tricks to fool potential victims into providing personal and financial information

 

Some Countermeasures:

Checking the source of the message for the sender address will reveal the real one. Simply comparing it with the legitimate email will show the fraud attempt.

Paying attention to the URL in the address bar should also ensure that you don’t fall for a trick and are on the genuine page.

CISA recommends organizations include warning banners for messages from an external source. Even if the message bypasses email defenses, users may act with more caution.

Source: CISA alerts of phishing attack targeting SBA loan relief accounts



Phishing Scam

Download a Security Risk Assessment Steps paper!

Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Tags: SBA loan relief

Aug 13 2020

Bracing for election day, Facebook rolls out voting resources to US users

Category: Election SecurityDISC @ 10:57 am

Eager to avoid a repeat of its disastrous role as a super-spreader of misinformation during the 2016 election cycle, Facebook is getting its ducks in a row. Following an announcement earlier this summer, the company is now launching a voting information hub that will centralize election resources for U.S. users and ideally inoculate at least […]

The voting information center will appear in the menu on both Facebook and Instagram. As part of the same effort, Facebook will also target U.S. users with notifications based on location and age, displaying relevant information about voting in their state. The info center will help users check their state-specific vote-by-mail options, request mail-in ballots and provide voting-related deadlines.

Along with other facets of its pre-election push, Facebook will roll previously-announced “voting alerts,” a feature that will allow state election officials to communicate election-related updates to users through the platform. “This will be increasingly critical as we get closer to the election, with potential late-breaking changes to the voting process that could impact voters,”

Source: Bracing for election day, Facebook rolls out voting resources to US users



Election Security by U.S. Election Assistance Commission
httpv://www.youtube.com/watch?v=wbXO5821SIw







Download a Security Risk Assessment Steps paper!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Tags: Commission on Elections, election hacking, election2020, Secure election

Aug 12 2020

If you haven’t yet patched this critical hole in SAP NetWeaver Application Server, today is not your day

Category: Security vulnerabilitiesDISC @ 1:32 pm

Full details of security vuln plus proof-of-concept exploits revealed

This critical-severity bug – scoring 9.9 out of 10 on the CVSS v3 meter – can be exploited by a rogue authenticated user, or someone whose access has been hijacked, to inject arbitrary code into an application server. This means they can run malicious commands they shouldn’t be able to on the server, download sensitive information, or crash the installation.

“In consequence, an attacker can break out of the desired syntactic instructions. Injecting ABAP code in the VALUE field allows the attacker to manipulate the source code of the generated subroutine pool and thereby the execution logic of the entire module. Since the attacker can freely choose the characters that can be used in this field, arbitrary ABAP code can be injected.

“To exploit this behavior an attacker can supply special characters like ‘ and . to escape the string quotation that is built into the source code. Afterwards, an attacker can simply specify any semantically valid ABAP code that gets executed by the application server.”

Source: If you haven’t yet patched this critical hole in SAP NetWeaver Application Server, today is not your day

 

Download a Security Risk Assessment Steps paper!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

Aug 11 2020

WSJ News Exclusive | TikTok Tracked User Data Using Tactic Banned by Google

Category: Cyber surveillance,Information PrivacyDISC @ 3:16 pm

TikTok skirted a privacy safeguard in Google’s Android operating system to collect unique identifiers from millions of mobile devices, data that allows the app to track users online without allowing them to opt out, a Wall Street Journal analysis has found.

The tactic, which experts in mobile-phone security said was concealed through an unusual added layer of encryption, appears to have violated Google policies limiting how apps track people and wasn’t disclosed to TikTok users. TikTok ended the practice in November, the Journal’s testing showed.

The identifiers collected by TikTok, called MAC addresses, are most commonly used for advertising purposes. The White House has said it is worried that users’ data could be obtained by the Chinese government and used to build detailed dossiers on individuals for blackmail or espionage.

Source: WSJ News Exclusive | TikTok Tracked User Data Using Tactic Banned by Google
Cyber Espionage



Download a Security Risk Assessment Steps paper!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

 

Tags: data espionage, Tracked data, tracked user data

Jun 29 2020

Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

Category: cyber securityDISC @ 9:10 pm

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.

Source: Tall Order for Small Businesses: 3 Tips to Find Tailored Security Solutions

FIC2020: The top cybersecurity trends to watch for
httpv://www.youtube.com/watch?v=QZKSUwSo0IA

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Jun 28 2020

Apple strong-arms entire CA industry into one-year certificate lifespans

Category: cyber securityDISC @ 11:18 pm

Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities. A decision that Apple unilaterally took in February 2020 has reverberated across the browser landscape and has effectively strong-armed the Certificate Authority industry into bitterly accepting a new default lifespan of 398 days for TLS certificates.

Following Apple’s initial announcement, Mozilla and Google have stated similar intentions to implement the same rule in their browsers.

Starting with September 1, 2020, browsers and devices from Apple, Google, and Mozilla will show errors for new TLS certificates that have a lifespan greater than 398 days.

Source: Apple strong-arms entire CA industry into one-year certificate lifespans | ZDNet

How does HTTPS work? What’s a CA? What’s a self-signed Certificate?
httpv://www.youtube.com/watch?v=T4Df5_cojAs





Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Tags: Cert Authority, Cert Lifespan

Jun 27 2020

Good Cyber Hygiene in a Post-Pandemic World Starts with Us

Category: cyber security,Security vulnerabilitiesDISC @ 1:00 pm

Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.

Source: Good Cyber Hygiene in a Post-Pandemic World Starts with Us

Cyber ‘hygiene’ could resolve 90% of cyber attacks | FT Business Notebook
httpv://www.youtube.com/watch?v=3Qm0NgDBR3w

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

Jun 26 2020

Police arrested 32 people while investigating underground economy forum

Category: CybercrimeDISC @ 12:20 pm

German Police have arrested 32 individuals and detained 11 after a series of raids targeting users of an illegal underground economy forum.

Source: Police arrested 32 people while investigating underground economy forum

Exploring the Dark Web
httpv://www.youtube.com/watch?v=BN1NU0ivzj8



Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

Tags: black market, dark net, dark web

Jun 24 2020

Maersk, me & notPetya – gvnshtn

Category: Malware,RansomwareDISC @ 12:31 pm

Maersk is the world’s largest integrated shipping and container logistics company. I was massively privileged (no pun intended) to be their Identity & Access Management (IAM) Subject Matter Expert (SME), and later IAM Service Owner. Along with tens (if not hundreds) of others, I played a role in the recovery and cybersecurity response to the events of the well-publicised notPetya malware attack in 2017.

Source: Maersk, me & notPetya – gvnshtn

Petya/NotPetya Ransomware Spreading via LAN
httpv://www.youtube.com/watch?v=Vor9sWpJQHw

Global Ransomware Attack | Petya/NotPetya
httpv://www.youtube.com/watch?v=KdgCwCuBUp4

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

Jun 23 2020

A daily average of 80,000 printers exposed online via IPP

Category: cyber security,data securityDISC @ 1:39 pm

Experts found tens of thousands of printers that are exposed online that are leaking device names, organization names, WiFi SSIDs, and other info.

Source: A daily average of 80,000 printers exposed online via IPP

Exploiting Network Printers
httpv://www.youtube.com/watch?v=DwKzSO4yA_s

How To Hack A Printer And See All Documents Printed
httpv://www.youtube.com/watch?v=6JFP_gUIZZY

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

Jun 22 2020

Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies

Category: Cyber Spy,Cyber WarDISC @ 1:50 pm

Aerospace and military companies in the crosshairs of CyberSpies | CyberWar

ESET research uncovers attacks against several high-profile aerospace and military companies in Europe and the Middle East, with several hints suggesting a possible link to the Lazarus group.

Source: Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies | WeLiveSecurity

This blogpost above will shed light on how the attacks unfolded. The full research can be found in this white paper, Operation In(ter)ception: Targeted attacks against European aerospace and military companies.



Confessions of a cyber spy hunter | Eric Winsborrow | TEDxVancouver
httpv://www.youtube.com/watch?v=YiUN35Ikdfw



Spyeye : Script To Generate Win32 .exe File To Take Screenshots

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

Jun 21 2020

Digital Downfall: Technology, Cyberattacks and the End of the American Republic

Category: Cyber Attack,HackingDISC @ 1:34 pm

Digital Downfall: Technology, Cyberattacks and the End of the American Republic…

Source: Digital Downfall: Technology, Cyberattacks and the End of the American Republic:

Is America on the brink of civil war?

Could foreign cyber plots turn Americans against one another and cause a disastrous domestic conflict?

What would happen if the lights went out and the technology we rely upon to run American life is no longer available?

The present dangers are real. The US is more vulnerable to destructive foreign interference today than it has been in over a century. As Russia and China realize they can’t win shooting wars against the US, they have devised new and cunning ways to destabilize American politics and cripple the US economy. Cyber meddling in elections, disinformation campaigns, abuse of social media to widen racial and political divides, and the theft of military data are just some of the malicious acts threatening the Republic. Digital Downfall examines the potential effects of such attacks, with a look at:

  • The vulnerability of the US to cyber attack
  • American technological weaknesses that could be exploited by our enemies
  • How the US military could be affected by cyberwar
  • The possibility that the American Republic we know could be destroyed
  • America’s relationship with racism
  • What the future may hold

And more…The dangers posed by external sources can only be real when the internal politics of the United States is in a fragile state. The past four years bear testimony to this political decline as does every passing day of the Trump presidency.The perfect storm of external interference, a rampant and deadly pandemic, and a culture of racism that will no longer be tolerated is upon us.Who knows where it will lead to, or what will be left at the end.

Digital security – threats, risks and how to protect yourself
httpv://www.youtube.com/watch?v=QbyAVsbtGh0

How to protect your online privacy in 2020 | Tutorial
httpv://www.youtube.com/watch?v=jxeeKKfjb5o

Take an awareness quiz to test your basic cybersecurity knowledge

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Tags: Digital Downfall

Jun 19 2020

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Category: Identity TheftDISC @ 8:31 am

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Source: FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email



Jun 18 2020

Facebook sues developer over alleged data scraping abuse

Category: Data mining,data securityDISC @ 10:36 am

The lawsuit alleges that a data scraper took login credentials from about 5,500 people and then harvested phone numbers of their friends.

Source: Facebook sues developer over alleged data scraping abuse



What Is Web/Data Scrapping ? How To Scrap Large Data From A Website
httpv://www.youtube.com/watch?v=bp73TqGcY9c



Would like to know more on InfoSec Awareness…

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email


Jun 17 2020

AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever | ZDNet

Category: DDoS,Information SecurityDISC @ 12:34 pm

The previous record for the largest DDoS attack ever recorded was of 1.7 Tbps, recorded in March 2018.

Source: AWS said it mitigated a 2.3 Tbps DDoS attack, the largest ever | ZDNet



Was the US hit by a massive ‘DDoS attack’?
httpv://www.youtube.com/watch?v=54IJil_rZkY

What is DDOS? Is America Under a Foreign Cyber Attack?!
httpv://www.youtube.com/watch?v=Sp5ZgIGunTc



Would like to know more on InfoSec Awareness…

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email



Jun 16 2020

CyberSecurity Awareness Quiz

Category: cyber security,Security AwarenessDISC @ 2:16 pm

Take an InfoSec awareness quiz to test your basic cybersecurity knowledge







Would like to know more on InfoSec Awareness…

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Jun 16 2020

Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found

Category: Cyber Attack,Cyber Espionage,Cyber resilience,cyber security,Cyber Threats,Cyber War,CybercrimeDISC @ 10:19 am

The publication of ‘Vault 7’ cyber tools by WikiLeaks marked the largest data loss in agency history, a task force concluded.

The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of securing their own systems,” according to an internal report prepared for then-director Mike Pompeo as well as his deputy, Gina Haspel, now the current director.

Source: Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found.

Wikileaks Vault 7: What’s in the CIA Hacking Toolbox?
httpv://www.youtube.com/watch?v=X45Bb8O-gMI

CIA Hacking Tools Released in Wikileaks Vault 7 – Threat Wire
httpv://www.youtube.com/watch?v=5LYSjLwkAo4

Download a Security Risk Assessment steps paper!

Download a vCISO template

Take an awareness quiz to test your basic cybersecurity knowledge

Subscribe to DISC InfoSec blog by Email

Jun 15 2020

Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

Category: AWS Security,Security BreachDISC @ 2:37 pm

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users. Researchers find a developer running multiple dating services left 845GB of explicit photos, chats, and more exposed in AWS buckets

Source: Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

Download a Security Risk Assessment steps paper!

Download a vCISO template

Take an awareness quiz to test your basic cybersecurity knowledge

Subscribe to DISC InfoSec blog by Email

Best Practices for Amazon S3 Security with S3 Access Management Tools and S3 Block Public Access
httpv://www.youtube.com/watch?v=7M3s_ix9ljE

AWS S3 Bucket Security 👮- Restrict Privileges🔒to User using IAM Policy | Grant User Access
httpv://www.youtube.com/watch?v=vtz3ruCebH8

Jun 14 2020

Tech firms suspend use of ‘biased’ facial recognition technology

Category: Access Control,Information Privacy,Information SecurityDISC @ 1:07 pm

Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use.

Source: Tech firms suspend use of ‘biased’ facial recognition technology

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email



Why Cities Are Banning Facial Recognition Technology | WIRED
httpv://www.youtube.com/watch?v=sYftT5YgwVI

Facial-recognition technology: safe or scary?
httpv://www.youtube.com/watch?v=-yvxbi5GMnA



ARTIFICIAL INTELLIGENCE Dangers to Humanity: AI, U.S., China, Big Tech, Facial Recogniton, Drones, Smart Phones, IoT, 5G, Robotics, Cybernetics, & Bio-Digital Social Programming

« Previous PageNext Page »