Security News > 2021 > May
The compromise of SolarWinds enterprise solutions and the recent Microsoft Exchange zero-days have had a tremendous impact on the security posture of many US organizations, and it was just a matter of time before the US federal government took steps to act on these threats. While there's some focus on threat intelligence sharing between different agencies and between providers and federal agencies, I am going to be focusing this article on the more preventive security measures outlined in the EO, specifically relating to modernizing federal government IT infrastructure, supply chain security and vulnerability management.
Victim losses from healthcare related eCrime in the U.S. rose by 2,473 percent during 2020 as the COVID-19 pandemic swept through the nation and world, CrowdStrike reveals. Healthcare eCrime describes a scheme attempting to defraud private or government healthcare programs, affecting healthcare providers, companies, or individuals.
Vulnerabilities identified by security researchers with Cisco's Talos unit in Trend Micro Home Network Security devices could be exploited to elevate privileges or achieve arbitrary authentication. The Home Network Security station provides users with monitoring and protection capabilities, including vulnerability scanning, intrusion prevention, threat protection, and device-based access control.
The term "Hacker" has almost become synonymous with Russia. Russia has for decades been a breeding ground for computer experts.
A Benenson Strategy Group study surveyed over 700 adults on their concerns about ID theft and cybercrime, the type of help they feel they would need to address those concerns, and which institutions they trust with alleviating those concerns. Chris Carnicelli, CEO of Generali Global Assistance, commented on the findings, "Consumers are looking for an ID theft hero that can provide them with comprehensive protection before an incident occurs and help save the day when their identity is comprised. To find that hero, they're turning to the institutions they already trust to protect their sensitive data for guidance as well as comprehensive ID theft and cyber protection services."
The enormous growth in cloud-based applications, surge in data breaches on the public cloud environment, and ever-changing firewall protocols for business organizations are some of the major factors influencing growth for the firewall-as-a-service in the global market. Complexity in integrating hosted firewalls with on-premise firewalls and inadequate IT infrastructures in underdeveloped nations are obstructing market growth.
A Russian man was sentenced Monday to what amounted to time already served and will be deported after pleading guilty to trying to pay a Tesla employee $500,000 to install computer malware at the company's Nevada electric battery plant in a bid to steal company secrets for ransom. Egor Igorevich Kriuchkov, appearing by videoconference from jail, apologized after U.S. District Judge Miranda Du in Reno acknowledged the attempted hack was not successful and the company network was not compromised.
As Naked Security readers have pointed out before, you don't always know in advance which courier company an online vendor might might use, so even if the crooks send you a fake message from a company you wouldn't normally expect, it's easy to fall for it. The trick you see in the "Pay page" above is very common: to set your mind at rest, the crooks ask for very little money, typically from about 99 cents up to amounts such as £1.49, €1.99 or, as shown above, $3. The idea is that the modest fee sounds believable, and it might feels at though it's worth the risk of paying out the money anyway, given that it's only a few dollars, in case it is a real delivery and you miss out.
Safety of current encryption methods, and especially of the key exchange mechanisms based on asymmetric cryptography, is a major concern today particularly for governments and enterprises which must protect data for five to ten years or more. The arrival of quantum computers is imminent and will render asymmetric key exchanges unsafe: encrypted data can be stored now and easily decrypted later.
Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges. The flaw, identified as CVE-2021-22908, has a CVSS score of 8.5 out of a maximum of 10 and impacts Pulse Connect Secure versions 9.0Rx and 9.1Rx. In a report detailing the vulnerability, the CERT Coordination Center said the issue stems from the gateway's ability to connect to Windows file shares through a number of CGI endpoints that could be leveraged to carry out the attack.