VPN Flaw Allows Criminal Access to Everything on Victims’ Computers

Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2019-16770PUBLISHED: 2019-12-05 A poorly-behaved client could use keepalive requests to monopolize Puma’s reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. CVE-2019-19609PUBLISHED: 2019-12-05 The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin…

December 6, 2019
Read More >>

US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts

Maksim Yakubets and his crew stole tens of millions using Zeus and Dridex, with victims including Bank of America, Key Bank, GenLabs, and United Dairy, DoJ says. The US State Department in collaboration with the US Department of Justice and the FBI Thursday announced an unprecedented $5 million reward for information leading to the arrest or conviction of a Russian hacker allegedly responsible for stealing tens of millions of dollars…

December 5, 2019
Read More >>

With Aporeto, Palo Alto Looks Away from the Firewall and Toward the Future

Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2019-5098PUBLISHED: 2019-12-05 An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be trigger… CVE-2012-1104PUBLISHED: 2019-12-05 A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of…

December 5, 2019
Read More >>

10 Security ‘Chestnuts’ We Should Roast Over the Open Fire

These outdated security rules we all know (and maybe live by) no longer apply. As 2019 draws to a close, it’s a good time to take stock of the year in security. The numbers tell us these past 12 months will likely be another record-breaker for breaches. According to Risk Based Security’s “2019 Midyear Quickview Data Breach Report,” about 4.1 billion records were exposed through June alone. Those figures represent…

December 5, 2019
Read More >>

SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit

Assessments can be used against your company in court proceedings. Here’s how to mitigate this potential risk. SOC 2 audits and third-party technical assessments are useful tools for an organization to use in navigating the security risks it may face. But these security road maps also can provide direction to a plaintiff’s counsel suing your organization in a later lawsuit related to a data breach. If the assessment describes your…

December 5, 2019
Read More >>

Microsoft Defender ATP Brings EDR Capabilities to macOS

Mac computers will now have the option to use Microsoft Defender Advanced Threat Protection’s endpoint and detection response. Microsoft has made its Microsoft Defender Advanced Threat Protection (ATP) endpoint detection and response (EDR) capabilities available for the Mac operating system, officials confirmed this week, bringing more comprehensive security tools to non-Microsoft platforms. Back in March, Microsoft debuted Defender ATP for Mac with new antivirus capabilities. This let enterprise customers strengthen…

December 5, 2019
Read More >>

The Human Factor: 5 Reasons Why Cybersecurity Is a People Problem

The industry can only go so far in treating security as a challenge that can be resolved only by engineering. In the early days of computing and connected devices, there was a lot we didn’t yet know about designing secure products and environments. Today, there are established, well-known frameworks and lots of advice to help people protect data and devices in their care for everyone from home users to CISOs…

December 5, 2019
Read More >>

Password-Cracking Teams Up in CrackQ Release

The open source platform aims to make password-cracking more manageable and efficient for red teams. Security services firm Trustwave has released an open source project aimed at companies that want to provide password-cracking as a service to their security teams and red teams, the company announced today at the Black Hat Europe conference. Using the new CrackQ platform, companies can run periodic checks on their own systems or give red…

December 5, 2019
Read More >>

What’s in a Botnet? Researchers Spy on Geost Operators

The investigation of a major Android banking botnet yields insights about how cybercriminals structure and run an illicit business. Researchers who discovered one of the largest Android banking botnets to date also found its attackers’ chat log, which they have been watching for nearly a year to learn the inner workings of this cybercrime operation, how its illicit business is structured, and how members interact. The botnet, dubbed “Geost,” was…

December 5, 2019
Read More >>

Black Hat Europe Q&A: Understanding the Ethics of Cybersecurity Journalism

Investigative journalist Geoff White chats about why now is the right time for his Black Hat Europe Briefing on hackers, journalists, and the ethical ramifications of cybersecurity journalism. Now that major data leaks are a semi-regular occurrence it’s more important than ever for cybersecurity professionals to understand how the media covers them, and there’s no better place to do that than Black Hat Europe in London this week. In his…

December 4, 2019
Read More >>