Security News > 2022 > August

Protect your data and work from anywhere with this docking station We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. You can invest in anti-malware, VPNs and other digital solutions to protect your data, but the best solution to protect your most important data is to keep it on a private drive.

Security researchers found a new service called Dark Utilities that provides an easy and inexpensive way for cybercriminals to set up a command and control center for their malicious operations. The Dark Utilities service provides threat actors a platform that supports Windows, Linux, and Python-based payloads, and eliminates the effort associated with implementing a C2 communication channel.

Just over a year ago, we wrote about a "Cybersecurity researcher" who posted almost 4000 pointlessly poisoned Python packages to the popular repository PyPI. This person went by the curious nickname of Remind Supply Chain Risks, and the packages had project names that were generally similar to well-known projects, presumably in the hope that some of them would get installed by mistake, thanks to users using slightly incorrect search terms or making minor typing mistakes when typing in PyPI URLs. A GitHub source code search that Lacy carried out in good faith led him to a legitimate-looking project.

DOUG. A critical Samba bug, yet another crypto theft, and Happy SysAdmin Day. Moving on to something not so great: a memory mismanagement bug in GnuTLS. DUCK. Yes, I thought this was worth writing up on Naked Security, because when people think of open-source cryptography, they tend to think of OpenSSL. Because that's the one that everybody's heard of, and it's the one that's probably had the most publicity in recent years over bugs, because of Heartbleed.

With the proliferation of mobile devices and hybrid work environments where employees often use their personal devices for work-related activities almost half of respondents of the Verizon Mobile Security Index 2022 said their organizations were subject to a security incident involving a mobile device that led to data loss, downtime or other negative outcome-a 22% increase over 2021's numbers. Despite these results, 36% of respondents said that mobile devices are of less interest to cybercriminals than other IT assets-an increase of six percentage points from the 2021 MSI report.

Ransomware has become more pervasive and more sophisticated, challenging organizations to combat attacks that occur at greater frequency and greater complexity. Among the respondents to the report,"2022 Impacts: Ransomware attacks and preparedness," one-third said that their organization is hit by a ransomware attempt at least weekly, with 9% reporting attacks more than once each day.

A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device. Over the past 1.5 months since its discovery, the new botnet used over 3,500 unique IPs worldwide to scan and attempt brute-forcing Linux SSH servers.

The U.S. Cybersecurity and Infrastructure Security Agency released a list of the topmost detected malware strains last year in a joint advisory with the Australian Cyber Security Centre. "Most of the top malware strains have been in use for more than five years with their respective code bases evolving into multiple variations," the cybersecurity agencies said.

The paradox lies in the fact that it's the security team's responsibility to secure the organization's SaaS app stack and they cannot effectively execute this task without full control of the SaaS app. While the security and IT teams are reported to be the main destination for SaaS app management, it's the 40% of business departments also taking part and having full access that complicates the threat landscape.

Programming the Mac to remember my fingerprint and substitute my touch for entering usernames and passwords sounded nifty, but just how much time would it really save? Occasionally it's necessary to add a fingerprint or adjust Touch ID settings.