CyberSecure Specialist

29 Sep

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

Information, News

Cloud computing giant AWS says an internal threat intel decoy system called MadPot has been used successfully to trap malicious activity, including nation state-backed APTs like Volt Typhoon and Sandworm. MadPot, the brainchild of AWS software engineer Nima Sharifi Mehr, is described as “a sophisticated system of monitoring sensors and automated response capabilities” that entraps malicious actors, watches their movements, and generates protection data for multiple AWS security products. AWS said the honeypot system is designed…

Read More
29 Sep

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Information, News

Gaps in Cloudflare’s security controls allow users to bypass customer-configured protection mechanisms and target other users from the platform itself, technology consulting firm Certitude warns. The issue, the company says, arises from the shared infrastructure that all Cloudflare tenants have access to, allowing malicious actors to abuse the trust customers place in the platform’s protections to target them via Cloudflare. A major cybersecurity vendor offering web application firewall (WAF), bot management, and distributed denial-of-service (DDoS)…

Read More
28 Sep

5 of the top programming languages for cybersecurity

Information

Secure Coding While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles Christian Ali Bravo 27 Sep 2023  •  , 4 min. read Coding is a pivotal skill in many aspects of today’s technology-driven society and it holds growing significance for many jobseekers and students, including those contemplating a career…

Read More
28 Sep

Can open-source software be secure?

Information

Secure Coding, Business Security Or, is mass public meddling just opening the door for problems? And how does open-source software compare to proprietary software in terms of security? 26 Sep 2023  •  , 5 min. read There are – and will always be – vulnerabilities in software. Just like there is no perfect security, there is no perfect codebase. That begs the question: What is the best way to fix software problems, especially at scale?…

Read More
28 Sep

NIST Unveils Newly Named Human-Centered Cybersecurity Program

Insights

The Human-Centered Cybersecurity program (formerly Usable Cybersecurity) is part of the Visualization and Usability Group at NIST. It was created in 2008, but we’ve known for quite some time that we needed to rename our program to better represent the broader scope of work we provide for the cybersecurity practitioner and IT professional communities. We made the decision to update the name to Human-Centered Cybersecurity to better reflect our new (but long-time practiced) mission statement,…

Read More
28 Sep

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Information, News

Google has rushed to patch another Chrome zero-day vulnerability exploited by a commercial spyware vendor.  The internet giant announced on Tuesday that the stable channel of Chrome for Windows, macOS and Linux has been updated to version 117.0.5938.132. The latest update patches 10 vulnerabilities, three of which have been highlighted by the company in its advisory. The most important vulnerability, tracked as CVE-2023-5217, has been described as a “heap buffer overflow in vp8 encoding in…

Read More
27 Sep

Mozilla Releases Security Advisories for Thunderbird and Firefox

Attacks, Insights, Malware

Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox ESR 115.3, and Firefox 118. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security advisories for Thunderbird 115.3, Firefox ESR 115.3 and Firefox 118 for more information and apply the necessary updates.

Read More
27 Sep

NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors

Attacks, Insights, Malware

Today, the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA), along with the Japan National Police Agency (NPA) and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released joint Cybersecurity Advisory (CSA) People’s Republic of China-Linked Cyber Actors Hide in Router Firmware. The CSA details activity by cyber actors, known as BlackTech, linked to the People’s Republic of China (PRC). The advisory…

Read More
27 Sep

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Data Breaches, Information, Insights

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord. First spotted in 2018,…

Read More
27 Sep

Update on Naked Security

Information

Dear Naked Security readers, Firstly, thank you for your interest, your time, and your contributions to the Naked Security community. Your invaluable engagement and expertise have helped improve cybersecurity for everyone. We have recently added the extensive catalog of Naked Security articles to the Sophos News blog platform, enabling us to provide all Sophos security research, insights, and intelligence in a single location. We are redirecting articles from Naked Security to Sophos News and you…

Read More