Security News > 2021

How scammers copied a government website almost to perfection. What to do about those fake "Bug" hunters who ask for payment for finding "Vulnerabilities" that aren't.

Docker Bench for Security is a simple way of checking for common best practices around your Docker deployments in production. One such tool is a pre-built container, called Docker Bench for Security-it does a great job of auditing your container host and the currently running deployments.

Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan. In November 2020, Belden disclosed they had suffered a cyberattack where threat actors gained access and copied "Some current and former employee data, as well as limited company information regarding some business partners."

Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents. The Microsoft 365 Defender Research team created CyberBattleSim to model how a threat actor spreads laterally through a network after its initial compromise.

Jack Wallen shows you how to install and configure FreeRADIUS as a centralized SSH authentication tool. FreeRADIUS is a tool for authentication that is used by over 100 million people daily.

DOWNSTREAM ISSUES. The result is that under-resourced teams need to manage vulnerabilities that may or may not be relevant within hundreds of libraries, possibly within many different apps, and always with the possibility that library updates may cause further downstream issues. "Failure to keep libraries updated over time not only increases risk to an organization but also makes library updates much more difficult and time-consuming when they are finally done. When a library stays dormant in an application for multiple years, any new vulnerability is difficult to fix because so much code has been built over it."

Contestants hacked Microsoft's Windows 10 OS twice during the second day of the Pwn2Own 2021 competition, together with the Google Chrome web browser and the Zoom video communication platform. The first to demo a successful Windows 10 exploit on Wednesday and earn $40,000 was Palo Alto Networks' Tao Yan who used a Race Condition bug to escalate to SYSTEM privileges from a normal user on a fully patched Windows 10 machine.

Specialty networking solutions provider Belden on Wednesday shared an update on the data breach disclosed in November 2020, and said health-related information was also exposed. Belden revealed in November that it had detected a data breach that resulted in the theft of some information pertaining to business partners, as well as current and former employee data.

The firm found that Azure Functions containers run with the -privileged Docker flag, which means that device files in the /dev directory can be shared between the Docker host and the container guest. The issue becomes a problem given that the Azure Functions environment contains 52 different partitions with file systems, which can be visible across users, according to Intezer.

"In at least in one case, an attack of the ransomware resulted in a temporary shutdown of the industrial process due to servers used to control the industrial process becoming encrypted," Kaspersky senior security researcher Vyacheslav Kopeytsev wrote in the report. One of those bugs, is CVE-2018-13379, a path-traversal flaw in Fortinet FortiOS. The vulnerability is tied to system's SSL VPN web portal and allows an unauthenticated attacker to download system files of targeted systems via a specially crafted HTTP resource requests.