SecurityWeek
New Variant of Gustuff Android Banking Trojan Emerges
Recent Gustuff Android banking Trojan campaigns featured an updated malware version, Cisco Talos security researchers report.
Microsoft Invests in Securing Device Firmware
Microsoft is working with PC manufacturing and silicon partners to design devices with a more secure firmware layer.
The initiative aims to combat threats that are specifically targeting the firmware and operating system levels with the help of Secured-core PCs, devices that apply security best practices to firmware.
Gaining a Decisive Advantage in the Cyber Battle
One the most significant challenges facing cybersecurity professionals today is the need to simplify and consolidate their existing cybersecurity infrastructure. This is a trend that I saw time and time again over my 33-year career at the National Security Agency (NSA) and USCYBERCOM.
New Winnti Backdoor Targets Microsoft SQL
A recently identified backdoor used by the China-linked Winnti hackers and which targets Microsoft SQL (MSSQL) is very stealthy, ESET’s security researchers say.
Historical Breadcrumbs Link Magecart 5 to Carbanak Group
Magecart is the umbrella term for a range of criminal groups that use software to perform digital credit card skimming. It isn't clear how many different Magecart groups are currently operating. There are some suggestions that there are dozens, but with counter-suggestions that some of these may be individual operators rather than groups.
Microsoft Launches ElectionGuard Bug Bounty Program
Microsoft last week announced the launch of a new bug bounty program covering the ElectionGuard open source software development kit (SDK).
New Azure AD Feature Detects Unauthorized Access Attempts
Microsoft this week announced the public preview of a new feature that allows enterprise users to check their Azure Active Directory sign-ins for any unusual activity.
Outdated OSs Still Present in Many Industrial Organizations: Report
ATLANTA — SECURITYWEEK 2019 ICS CYBER SECURITY CONFERENCE — Outdated and unsupported operating systems are still present and they still pose a serious risk in many industrial organizations, according to a new report from industrial cybersecurity firm CyberX.
Facebook Steps Up Security Amid Fresh Signs of Russia Meddling
Facebook said Monday it was tightening its security for the 2020 US elections, amid signs of fresh activity from Russia attacking Democratic presidential candidates, including Joe Biden.
TorGuard, NordVPN Respond to Breach Reports
VPN providers TorGuard and NordVPN have responded to reports that their systems have been breached, and both blame the incident on a third-party service provider.
Hackers have leaked private RSA keys and information on configuration files that were stolen from a NordVPN server last year.
Google Boosts Site Isolation in Chrome
Google has improved the Site Isolation feature in Chrome to help defend against more types of attacks.
New Cybersecurity Bills Promote CISOs and Privacy
Two bills, currently in the Senate, have the potential to change the U.S. cybersecurity landscape if passed into law. The first is the 'Cybersecurity Disclosure Act of 2019', introduced by Senator Jack Reed (D-RI) on 28 February 2019. The second is the 'Mind Your Own Business Act of 2019', introduced by Senator Ron Wyden (D-OR) last week on 17 October 2019.
Trend Micro Acquires Cloud Security Firm Cloud Conformity
Trend Micro on Monday announced the acquisition of cloud security company Cloud Conformity for $70 million.
Founded in Australia, Cloud Conformity specializes in cloud security posture management (CSPM) and it provides cloud security, governance and compliance solutions for organizations using AWS, Microsoft Azure and Google Cloud.
Georgia County's Experience Shows Perils of Ransomware
On the first Saturday in March, computer screens at the 911 dispatch center in this small town went dark.
Staff at the county jail around the same time could no longer open cell doors remotely with electronic controls, and sheriff's deputies lost the use of their laptops to look up license plates.
Czech Police, Intelligence Bust Russian Spy Network
Czech police and intelligence services said on Monday they had busted a Russian espionage network operating through its Prague embassy.
It was allegedly set up to attack Czech and foreign targets through computer servers.
Avast Discloses New Supply-Chain Attack Attempt
An unknown threat actor managed to access Avast’s network in yet another supply chain compromise attempt, the security company announced on Monday.
US, UK: Russian Hackers Hijacked Iranian Malware, Infrastructure
The U.S. National Security Agency (NSA) and Britain’s National Cyber Security Centre (NCSC) reported on Monday that the Russia-linked threat group known as Turla has hijacked malware and infrastructure from Iranian hackers.
Public, Election Officials May Be Kept in the Dark on Hacks
If the FBI discovers that foreign hackers have infiltrated the networks of your county election office, you may not find out about it until after voting is over. And your governor and other state officials may be kept in the dark, too.
Best Practices for Evaluating and Vetting Third Parties
The global and interconnected nature of business today means that no company or organization is an island. Every modern business relies on many others, either as part of the supply or distribution chain, or for value-added services like accounting and social media marketing.
Ingredients Giant Ingredion Hit by Malware
Westchester, Illinois-based ingredients giant Ingredion Incorporated revealed this week that it recently detected suspicious activity on some data center servers.
Only a few details have been provided about the incident, but it appears that a piece of malware infected some of the company’s systems.