Security Leftovers
-
Implementing a Linux Server Security Audit: Best Practices and Tools
A security audit is an essential part of maintaining the security and integrity of your Linux server. Regular audits help identify potential vulnerabilities, misconfigurations, and deviations from security best practices.
-
Use of X-Frame-Options and CSP frame-ancestors security headers on 1 million most popular domains, (Fri, Mar 31st)
X-Frame-Options HTTP security headers (not just) in order to prevent phishing pages, which overlay a fake login prompt over a legitimate website, from functioning correctly. Or, to be more specific, to prevent them from dynamically loading a legitimate page in an iframe under the fake login prompt, since this makes such phishing websites look much less like a legitimate login page and thus much less effective.
-
Huge Microsoft exploit allowed users to manipulate Bing search results and access Outlook email accounts
/ Researchers discovered a vulnerability in Microsoft’s Azure platform that allowed users to access private data from Office 365 applications like Outlook, Teams, and OneDrive.
-
Report: Chinese State-Sponsored Hacking Group Highly Active
Chinese hacking group linked previously to attacks on U.S. state government computers is still “highly active”
-
Lumen Technologies Hit by Two Cyberattacks
Communications and IT company Lumen Technologies fell victim to two cyberattacks that led to data theft.
-
Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks
Documents show that Russian IT company NTC Vulkan was requested to develop offensive tools for government-backed hacking group Sandworm.
-
‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics
-
Backdoored version of popular video-conferencing app found on GitHub
The company's researchers said analysis of the binary had shown that a backdoored version of ffmpeg.dll was among the files that were dropped during installation.
-
‘They outsmarted us.’ 3CX CEO acknowledges mistakes handling potential supply chain cyberattack
"We have a security team, we do our own pentesting, we've got software scanners, we got a CSO ... Nonetheless, they outsmarted us."
-
Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months
Several cybersecurity companies have published blog posts, advisories and tools to help organizations that may have been hit by the 3CX supply chain attack.
-
Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution
A high-severity vulnerability in Azure Service Fabric Explorer could have allowed a remote, unauthenticated attacker to execute arbitrary code.
-
FDA Announces New Cybersecurity Requirements for Medical Devices
The FDA is asking medical device manufacturers to provide cybersecurity-related information when submitting an application for a new product.
-
Fairwinds Automates Remediation of Kubernetes Misconfigurations
Fairwinds this week added an Automated Fix Pull Requests (PRs) capability to its commercial platforms that identifies and automatically remediates Kubernetes misconfigurations.
-
Army officer detained in connection with Defense Ministry hack
El Universal newspaper reported that an officer who worked in Sedena's IT department was detained in connection with the "Guacamaya" hack.
-
North Korean hacker group poses as journalists and experts to steal intel
Report tracks activities of ‘APT43’ since 2018, elevates status to ‘named threat actor’
-
Agencies hunt for [cr]acker
Authorities are hunting down a [cr]acker who has threatened to release the personal data of 55 million Thais if the government agency allegedly involved in the leakage of information fails to meet a ransom demand by April 5.
-
FDA requires medical devices be secured against cyberattacks | CNN Business
The Food and Drug Administration will now require medical devices meet specific cybersecurity guidelines after years of concerns that a growing number of internet-connected products used by hospitals and healthcare providers could be hit by hacks and ransomware attacks.
-
Fake ransomware gang targets U.S. orgs with empty data leak threats
Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid.
-
Today’s “Don’t Say ‘Ransomware’ Award” goes to….
DataBreaches probably sounds like a broken record after six years of calls for more transparency in breach notifications. Sadly, the situation has gotten worse in the past year. Not only do entities fail to admit they suffered a ransomware attack, but they fail to inform patients if the patient’s protected health information was leaked or is freely available on the internet.
Yesterday, the Institute for Liver Health LLC, doing business as Arizona Clinical Trials and Arizona Liver Health (“ALH”) issued a press release about a “data security incident.” Their statement indicates that they had no idea they had been attacked until law enforcement contacted them on January 30 to tell them that their name had shown up “in a part of the internet used by criminals as an entity whose information may have been taken by a criminal.”