Security Leftovers
-
Silicon Angle ☛ Cisco Talos details latest tactics employed by prolific ransomware groups
A new report published today by researchers at Cisco Talos details the evolving tactics and techniques used by prolific ransomware groups and the need to protect against them. Ransomware is far from new, with the report identifying groups such as ALPHV/Blackcat as among the most prolific.
-
CRN ☛ More Than 2 Million People Impacted In Snowflake-Related Attack
More details have emerged on what appears to have been another serious data breach linked to a campaign targeting Snowflake customers, with Advance Auto Parts disclosing that data belonging to more than 2 million customers may have been compromised.
-
Bruce Schneier ☛ RADIUS Vulnerability
New attack against the RADIUS authentication protocol:
The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker guessing or brute forcing passwords or shared secrets. The attacker does not learn user credentials.
This is one of those vulnerabilities that comes with a cool name, its own website, and a logo.
-
Silicon Angle ☛ Snowflake introduces mandatory multifactor authentication following recent cyberattacks
Data cloud company Snowflake Inc. has introduced new security measures after its customers were targeted following a third-party breach earlier this year. A hacking campaign targeting Snowflake users first came to light in late May when a claimed 560 million records stolen from Ticketmaster Entertainment appeared for sale on the Breach Forums hacking site.
-
Security Week ☛ VMware Patches Critical SQL-Injection Flaw in Aria Automation
VMware warns that authenticated malicious users could enter specially crafted SQL queries and perform unauthorized read/write operations in the database.
-
Bleeping Computer ☛ Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days
Today is Microsoft’s July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days. This Patch Tuesday fixed five critical vulnerabilities, with all being remote code execution flaws.
-
Security Week ☛ ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories
Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in industrial and OT products.
-
Ubuntu ☛ How often do you apply security patches on Linux?
Understanding Canonical’s release schedules for software updates and knowing security patching coverage windows are essential pieces of information when defining a security patching strategy.
-
Security Week ☛ Citrix Patches Critical NetScaler Console Vulnerability
Citrix rolls out patches for multiple security vulnerabilities, including critical and high-severity issues in the NetScaler product line.
-
Silicon Angle ☛ BlastRADIUS vulnerability exposes legacy security flaws in widely used RADIUS Protocol
Cybersecurity researchers have discovered a critical security vulnerability in RADIUS, a widely used network authentication protocol dating back to the 1990s that’s still in widespread use today. RADIUS, short for Remote Authentication Dial-In User Service, was released in 1991 before being designated a standard (RFC 2058) by the Internet Engineering Task Force in 1997.
-
Help Net Security ☛ Pentera updates RansomwareReady to secure Linux environments
Pentera announced a major update to its RansomwareReady product, enabling customers to proactively test the security of their Linux environments.
-
Silicon Angle ☛ The harsh reality of cyber resilience: Uphill recovery despite ransom payments
In a world with ever-evolving cyber threats and tightening cyber resilience requirements, new market insights point to a glaring difficulty in operations recovery despite making ransom payments following a breach. The stark revelation comes from Veeam Software Group GmbH, whose recent Ransomware Trends report spanned over 1,200 organizations and 3,600 unique incidents.