Security News > 2020 > July

Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud. According to the latest research Intezer shared with The Hacker News, an ongoing Ngrok mining botnet campaign scanning the Internet for misconfigured Docker API endpoints and has already infected many vulnerable servers with new malware.

Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud. According to the latest research Intezer shared with The Hacker News, an ongoing Ngrok mining botnet campaign scanning the Internet for misconfigured Docker API endpoints and has already infected many vulnerable servers with new malware.

To help the reader understand the scale of today's cyber threats, the author explains the history behind them and how they kept pace with the evolution of information and communications technologies, as they became an essential part of out everyday lives. One must adapt to new circumstances posed by the cyber enemy.

As consumers change their online habits, the distinction between human and bot behavior is becoming increasingly blurred, presenting cybersecurity teams with an even bigger challenge than before when it comes to differentiating humans from bots, and good bot behavior from bad. In the past, businesses have just blocked all bot activity. Credential stuffing involves using stolen passwords and usernames to hijack accounts-the hacker buys a list of leaked passwords and then has a bot input these passwords on other sites to try to gain access.

Over the past several days, a hacker managed to replace the payloads typically delivered by the Emotet Trojan with GIF images. Within days after the campaign kicked off security researchers noticed that a hacker managed to hijack Emotet's delivery process and replace the payloads with GIF images.

Privacy is a basic right and a necessary protection in the digital age to avoid victimization and manipulation. Privacy has been one of the shields used to protect people from unjust victimization.

This "Selection round" will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard. "At the end of this round, we will choose some algorithms and standardize them," said NIST mathematician Dustin Moody.

Based on responses from 1,000 U.S. cardholders who are familiar with contactless credit/debit card or "Tap and pay" technology, a new Entrust Datacard survey reveals that 75% of U.S.-based payment cardholders prefer contactless cards as their primary payment method over chip insert, card swipe, mobile pay and cash. According to the survey's results, 83% of respondents believe contactless cards are here to stay and 61% believe it's at least somewhat of a priority to have a contactless feature on their credit or debit card.

CyberSaint announced new updates to its flagship CyberStrong platform allowing customers to identify, measure, and dynamically manage IT and cybersecurity risks along the risk management lifecycle. "As an organization that faces a wide range of risk across multiple departments, the CyberStrong platform has helped us track and manage new and unprecedented risks as they emerge in a standardized way that was previously impossible, helping us achieve a truly integrated approach to cybersecurity program management."

Sysdig announced a 5-minute setup for the Sysdig Secure DevOps Platform, a fast path to delivering container and Kubernetes security and visibility with a SaaS-first offering. The latest release by Sysdig helps organizations of all sizes get results quickly and efficiently by giving customers guided onboarding as well as out-of-the-box dashboards and integrations.