CyberSecurity Updates

24 May

PyPI open-source code repository deals with manic malware maelstrom

Information, Malware

by Paul Ducklin Public source code repositories, from Sourceforge to GitHub, from the Linux Kernel Archives to ReactOS.org, from PHP Packagist to the Python Package Index, better known as PyPI, are a fantastic source (sorry!) of free operating systems, applications, programming libraries, and developers’ toolkits that have done computer science and software engineering a world of good. Most software projects need “helper” code that isn’t a fundamental part of the problem that the project itself…

Read More
24 May

CyberArk’s enterprise browser promises zero-trust support, policy management

Data Breaches, Malware, Social Engineering

CyberArk has announced plans to launch an enterprise browser, dubbed CyberArk Secure Browser, at the end of 2023 as part of its CyberArk Identity Security Platform. The identity security vendor decided to create a new enterprise browser based on trends impacting hybrid work environments and its own research, which found an increase in post-multifactor authentication (MFA) attacks targeting session cookies. “Developing an enterprise browser — with an identity-first, security-first approach — was a natural progression…

Read More
24 May

Credential harvesting tool Legion targets additional cloud services

Data Breaches, Malware, Social Engineering

A commercial malware tool called Legion that hackers deploy on compromised web servers has recently been updated to extract credentials for additional cloud services to authenticate over SSH. The main goal of this Python-based script is to harvest credentials stored in configuration files for email providers, cloud service providers, server management systems, databases, and payment systems. These hijacked resources enable the attackers to launch email and SMS spam campaigns. “This recent update demonstrates a widening…

Read More
24 May

White House Unveils New Efforts to Guide Federal Research of AI

Information, News

The White House on Tuesday announced new efforts to guide federally backed research on artificial intelligence as the Biden administration looks to get a firmer grip on understanding the risks and opportunities of the rapidly evolving technology. Among the moves unveiled by the administration was a tweak to the United States’ strategic plan on artificial intelligence research, which was last updated in 2019, to add greater emphasis on international collaboration with allies. White House officials…

Read More
24 May

Former Uber CSO Joe Sullivan and lessons learned from the infamous 2016 Uber breach

Data Breaches, Malware, Social Engineering

Like most CSOs, Joe Sullivan was drawn to the role to help prevent cybercrimes. His role as CSO of Uber was something of a shift from his previous job prosecuting cybercriminals as an assistant US attorney, but closer to the tip of the cybersecurity spear. As a top-level professional in the business of defending against the bad guys, it was unexpected and not a little ironic that he would find himself on the other side…

Read More
23 May

Axiado releases new security processors for servers and network appliances

Data Breaches, Malware, Social Engineering

Security processor provider Axiado has announced the availability of two new trusted compute units (TCUs) to help detect ransomware and other cyberattacks on servers and infrastructure elements in cloud data centers, 5G networks, and network switches. Dubbed AX3000 and AX2000, these TCUs are AI-powered hardware security platform solutions that, the company says, integrate all security functions within a single system-on-chip (SoC) module. “Products such as Axiado’s TCU are important developments in the market, as they…

Read More
23 May

Teleport releases Teleport 13 with automatic vulnerability patching, enhanced DevOps security

Data Breaches, Malware, Social Engineering

Infrastructure access management company Teleport has announced the release of Teleport 13, the latest version of its Teleport Access Platform. Teleport 13 features scanning and automatic patching of Teleport vulnerabilities to enhance security and reduce operational overhead for DevOps teams responsible for securing cloud infrastructure, the firm said. The solution aims to address the targeting of user credentials and other forms of secrets by attackers and is ideal for users that adopt the Teleport Open…

Read More
23 May

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)

Attacks, Insights, Malware

Today, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the past two years and includes additional recommended actions, resources, and tools to maximize its relevancy and effectiveness and to further help reduce the prevalence…

Read More
23 May

Phone scamming kingpin gets 13 years for running “iSpoof” service

Information

by Naked Security writer In November 2022, we wrote about a multi-country takedown against a Cybercrime-as-a-Service (CaaS) system known as iSpoof. Although iSpoof advertised openly for business on a non-darkweb site, reachable with a regular browser via a non-onion domain name, and even though using its services might technically have been legal in your country (if you’re a lawyer, we’d love to hear your opinion on that issue once you’ve seen the historical website screenshots…

Read More
23 May

Reducing fraud and friction in consumer experiences

Attacks, Data Breaches

Identity and credit checks during onboarding processes are causing customers to abandon their shopping carts. As regulatory oversight aimed at stopping financial fraud increases, the controls put in place for customer protection can cause friction in the onboarding process, preventing the simple, fast and convenient experience customers want. To overcome this challenge, B2C companies and online retailers must rethink their customer journeys. The cyber security protections put in place must yield fast, accurate, low-friction and…

Read More