Security News > 2020 > August

Infosec biz F-Secure has uncovered a North Korean phishing campaign that targeted a sysadmin with a fake Linkedin job advert using a General Data Protection Regulation themed lure. The sysadmin worked for a cryptocurrency business, said the threat intel firm, which made him a ripe target for the money-hungry state hackers Lazarus Group, aka APT38, supposedly backed by North Korea.

Denmark's top foreign intelligence chief has been suspended for spying on Danish citizens illegally for up to six years after a whistleblower released a trove of documents to government regulators. In a press release yesterday, the independent regulator of the Danish security services said it had received information from a whistleblower in November that revealed the country's foreign intelligence service "Had withheld key and crucial information," and given "Incorrect information on matters relating to the collection of the service and disclosure of information."

Apache recently fixed multiple vulnerabilities in its web server software that could have potentially led to the execution of arbitrary code and, in specific scenarios, even could allow attackers to cause a crash and denial of service. The first of the three issues involve a possible remote code execution vulnerability due to a buffer overflow with the "Mod uwsgi" module, potentially allowing an adversary to view, change, or delete sensitive data depending on the privileges associated with an application running on the server.

There are three additional, sometimes overlooked sources of early warning clues of ransomware and breaches I have seen yield more direct, actionable insights in my years as an incident response leader. Ransomware attacks are a great example: A company typically calls in incident response once an attacker has detonated their ransomware payload and taken infected machines hostage.

"Since ERP systems have a lot of moving parts, one of the biggest misconceptions is that the built-in security is enough. In reality, while you may not have given access to your company's HR data to a technologist on your team, they may still be able to access the underlying database that stores this data," Mike Rulf, CTO of Americas Region, Syntax, told Help Net Security. "Another misconception is that your ERP system's access security is robust enough that you can allow people to access their ERP from the internet."

With over 1,000 premium courses from top instructors, StackSkills Unlimited provides endless learning opportunities. Learning about the cloud is also an excellent way to future-proof your résumé and impress technical recruiters.

In a recent study, researchers from Daegu Gyeongbuk Institute of Science and Technology, Korea, describe a new way of implementing a key-value store in solid state drives, which offers many advantages over a more widely used method. A key-value store is a way of storing, managing, and retrieving data in the form of key-value pairs.

As organizations are settling into long-term remote working, new attack vectors for opportunistic cyberattackers-and new challenges for network administrators have been introduced, Nuspire reveals. There was an increase in both botnet and exploit activity over the course of Q2 2020 by 29% and 13% respectively-that's more than 17,000 botnet and 187,000 exploit attacks a day.

The owners and administrators of e-commerce websites powered by WordPress and the WooCommerce platform have been warned of attacks exploiting vulnerabilities discovered recently by researchers in a discounts plugin. The flaws were identified on August 7 by researchers at web security company WebARX in Discount Rules for WooCommerce, a plugin that has been installed on over 30,000 websites and which allows users to create various types of discounts for their products.

According to a report by ABI Research, asset tracking device shipments will see a 51% year-on-year device shipment growth rate through 2024. Expanding LPWAN coverage, technological maturity, and the associated miniaturization of sophisticated devices are key to moving asset tracking from traditionally high-value markets to low-value high-volume markets, which will account for most of the tracker connection and shipment numbers.