Security News

Swiss spies knew about Crypto AG compromise – and kept it from govt overseers for nearly 30 years
2020-11-12 13:17

Swiss politicians only found out last year that cipher machine company Crypto AG was owned by the US and Germany during the Cold War, a striking report from its parliament has revealed. Although Swiss spies themselves knew that Crypto AG's products were being intentionally weakened so the West could read messages passing over them, they didn't tell governmental overseers until last year - barely one year after the operation ended.

Lumu Agent for Windows: Measuring remote worker compromise levels in real time
2020-11-12 03:00

Lumu announced the launch of the Lumu Agent for Windows, a lightweight software built for remote workers in mind, that measures user device's compromise levels in real time. Once installed on an end user's machine, the Lumu Agent silently and persistently runs in the background, collecting network metadata which is then correlated and analyzed by Lumu to provide the most complete compromise visibility available today.

Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)
2020-11-05 11:14

A critical vulnerability in Git Large File Storage, an open source Git extension for versioning large files, allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker's malicious repository using a vulnerable Git version control tool, security researcher Dawid Golunski has discovered. Golunski found that Git LFS does not specify a full path to git binary when executing a new git process via a specific exec.

Business Email Compromise attacks are on the rise
2020-10-29 16:49

The Business Email Compromise is a particular type of phishing attack in which cybercriminals impersonate a trusted contact or other party, either internal or external. During the third quarter of 2020, the median number of BEC attacks received per company each week rose by 15% from the second quarter, according to the report.

Anatomy of Ryuk Attack: 29 Hours From Initial Email to Full Compromise
2020-10-13 03:44

An attack involving the Ryuk ransomware required 29 hours from an email being sent to the target to full environment compromise and the encryption of systems, according to the DFIR Report, a project that provides threat intelligence from real attacks observed by its honeypots. Over the past two years, Ryuk has been responsible for a significant number of high-profile attacks, including incidents involving Pennsylvania-based UHS and Alabama hospital chain DCH Health System.

TikTok Fixes Flaws That Opened Android App to Compromise
2020-09-14 16:23

Researchers have disclosed four high-severity flaws in the Android version of TikTok that could have easily been exploited by a seemingly benign third-party Android app. Disclosure of the flaws come just as the owner of social-media platform have reportedly chosen Oracle as an American tech partner that could help keep the app running in the U.S.,on the heels of U.S. president Donald Trump threatening to ban the app over spying concerns.

Using AI to fight hand-crafted Business Email Compromise
2020-08-21 14:10

Business Email Compromise, is a form of targeted phishing where attackers disguise themselves as senior executives to dupe employees into doing something they absolutely shouldn't, like wire money. BEC emails can be difficult to detect using security solutions because no malware is involved.

The benefits of providing employees with an identity compromise solution
2020-08-19 04:30

Employees find significant value in having access to an identity compromise solution, having an available remediation solution creates a better mindset for those that use it, and there are halo results that benefit others, an Identity Theft Resource Center and Aura Identity Guard survey reveals. There is an opportunity to provide the needed support employees are asking for by giving them access to an identity compromise solution as a component of the benefits suite.

Business Email Compromise – fighting back with machine learning
2020-08-07 12:33

DEF CON is perhaps the ultimate "Come one/come all" hackers' convention, now in its 28th year, and it famously takes place in Las Vegas each year in a fascinating juxtaposition with Black Hat USA, a corporate cybersecurity event. The DEF CON Villages are breakout zones at the event where where likeminded researchers gather to attend talks and discussions in research fields all the way from Aerospace, Application Security and AI to Social Engineering, Voting Machines and Wireless.

NSA warns that mobile device location services constantly compromise snoops and soldiers
2020-08-05 07:29

The United States National Security Agency has issued new advice on securing mobile devices that says location services create a security risk for staff who work in defence or national security. The new guide [PDF], titled "Limiting Location Data Exposure", notes that smartphones, tablets and fitness trackers "Store and share device geolocation data by design."