A naukri.com initiative
Cyber Security News
WeSecureApp
1d
61
Image Credit: WeSecureApp
Cloud Pentesting 101: What to Expect from a Cloud Penetration Test?
- Cloud Penetration Testing is a simulated attack created to assess the security of an organization's cloud-based setup.
- The test uncovers vulnerabilities before the attackers exploit them, decreasing the potential damage and downtime.
- Cloud Providers like AWS, Azure and GCP offer features such as accessibility on demand, enhanced security, cost optimization, scalability made easy, unified management and built-in security features.
- With the good also comes a bad side, and most security risks arise from misconfigurations, unprotected interfaces and APIs, insider threats, lack of visibility and attacks such as Denial-of-Service, Malware and Shared Technology vulnerabilities among other things.
- Cloud Penetration Testing offers comprehensive evaluation, enhanced security posture, compliance validation, improved data protection, cost savings, and strategic advantage.
- The ideal approach between white-box, black-box, and gray-box testing depends on specific needs and security posture, such as cloud environment complexity, level of access, and specific areas of focus.
- The cloud operates on shared responsibility models, dividing security tasks based on expertise and control needed, and customers hold specific security accountabilities alongside Cloud Service Providers.
- The post also highlights major cloud penetration testing tools such as Scout Suite, Pacu, Metasploit, Burp Suite, and Netsparker.
- WeSecureApp goes beyond the limitations of automated tools by using a meticulous approach that goes beyond scanning only, offering actionable intelligence.
- The result is real-world security assurance to prioritize remediation and ensure compliance with industry standards.
Read Full Article
3 Likes
Medium
1d
338
Image Credit: Medium
Beyond the Basics: Why Premium Support is Essential for Maximizing the Potential of Your PKI…
- Premium support packages are specialized services offered by technology vendors, including Certificate Authorities (CAs), to ensure customers have peace of mind when managing their PKI.
- Premium support provides faster response times, priority access to technical experts, and personalized assistance to resolve issues quickly and efficiently.
- Premium support offers 24/7 availability, allowing customers to receive support anytime, regardless of working hours.
- Premium support includes access to a dedicated team of experts with specialized knowledge in PKI technology, providing insights, troubleshooting, and tailored solutions.
Read Full Article
20 Likes
Tech Radar
1d
609
Image Credit: Tech Radar
Microsoft fixes software bug that could have left devices open to malware
- Microsoft has released its latest cumulative Patch Tuesday update for May, including a fix for a zero-day vulnerability.
- The vulnerability, tracked as CVE-2024-30051, allows threat actors to gain SYSTEM privileges on Windows devices.
- The flaw was discovered by Kaspersky's researchers and has been used together with QakBot malware.
- QakBot is an ancient banking trojan that evolved into a dropper to deliver additional malicious payloads.
Read Full Article
4 Likes
Medium
1d
101
Image Credit: Medium
Introducing EUCC: Revolutionizing Cybersecurity Product Evaluation and Certification in Europe
- The EU Cybersecurity Certification (EUCC) scheme, crafted by ENISA (European Union Agency for Cybersecurity), is set to transform the certification landscape for an array of ICT products, spanning hardware, software, and services.
- Under the scheme, third-party conformity assessments are mandated and self-assessment is strictly prohibited, with ITSEF (Information Technology Security Evaluation Facilities) conducting evaluations exclusively.
- Integral to the scheme are seven Evaluation Assurance Levels (EAL), harmonized with recognized international standards.
- The EUCC finds its roots in the Cybersecurity Act, crafted in 2019 to unify the certification process within the EU.
- The significance of this harmonization is transformative, rectifying the inefficiencies of the previous disjointed approach and establishing a precedent for a more secure and interconnected digital landscape.
- The EUCC certificate is issued with a maximum validity of five years, with the extension flexible and subject to approval by national cybersecurity certification authorities.
- Unlike traditional certification schemes, the EUCC maintains an active stance post-certification to guarantee that certified products adhere to the certification requirements even after approval.
- The EUCC’s profound impact is evident in fortifying the security stance of critical infrastructures like energy, transport, and healthcare, which rely heavily on intricate ICT product networks.
- The scheme aligns seamlessly with the Network and Information Systems Security (NIS2) directive, expected to bolster the cybersecurity resilience of network and information systems across the EU.
- The EUCC finds itself as a crucial enabler for implementing the forthcoming Cyber Resilience Act, which is expected to contribute significantly to enhancing the EU’s cyber resilience.
Read Full Article
6 Likes
Medium
1d
173
Image Credit: Medium
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC)
- Attackers gain more power in a system through response manipulation.
- Making small changes in data exchanges gives them higher access rights.
- Real-life examples illustrate how response tricks are used to gain privileges.
- Developers and security experts should strengthen systems against these attacks.
Read Full Article
10 Likes
Medium
1d
323
Image Credit: Medium
WannaCry ransomware attack
- WannaCry is a type of ransomware that encrypts files and demands ransom payment to decrypt them.
- It spreads automatically through vulnerable systems on the same network without user interaction.
- The attack began in May 2017 and impacted organizations worldwide, including the NHS and major companies.
- The attack highlighted the importance of timely patching, cybersecurity measures, and vulnerability disclosure.
Read Full Article
19 Likes
Medium
1d
157
Image Credit: Medium
Mitigation Plans to Combat Black Basta Ransomware
- Black Basta ransomware is a type of malicious software that locks data and demands a ransom to unlock it.
- To protect against ransomware attacks, it is important to educate yourself and your team about the latest threats.
- Implementing network segmentation and multi-factor authentication adds layers of security to prevent ransomware from spreading and gaining unauthorized access.
- Regularly backing up your data, keeping software updated, conducting security audits, and fostering a culture of cybersecurity are effective measures to combat Black Basta ransomware.
Read Full Article
9 Likes
Tech Radar
1d
180
Image Credit: Tech Radar
Thousands of Linux servers infected by Ebury malware
- Thousands of Linux servers are still infected by Ebury, a decades-old information-stealing malware.
- Ebury is a sophisticated malware that compromises Linux-based systems, particularly servers.
- Key victims of Ebury are hosting providers, and the malware is used for spam, web traffic redirection, and cryptocurrency theft.
- Since 2009, around 400,000 Linux-powered servers have been infected by Ebury, with over 100,000 still carrying the infection as of last year.
Read Full Article
10 Likes
Socprime
1d
177
Image Credit: Socprime
FIN7 Attack Detection: russia-linked Financially-Motivated Group Exploits Google Ads to Drop NetSupport RAT via MSIX App Installer Files
- FIN7, a Russia-linked financially-motivated group, has been exploiting Google Ads to drop NetSupport RAT malware via MSIX app installer files.
- These attacks have led to financial losses, data breaches, and reputational damage for targeted organizations.
- Security professionals can use SOC Prime Platform and browse the Threat Detection Marketplace to detect and analyze FIN7 attacks.
- To mitigate risks, staying vigilant when clicking Google Ads, relying on verified sources for software downloads, and conducting phishing awareness programs are recommended.
Read Full Article
10 Likes
TechBullion
1d
92
Image Credit: TechBullion
How to Safeguard Your Data When Surfing the Web
- With more and more data being shared online every day, it is important to learn how to safeguard your personal data when browsing the web.
- Cybercriminals are always looking for ways to exploit your sensitive information, making it necessary to take steps to protect it.
- Safeguarding your personal data is crucial in the fight against cyber threats, not just for your privacy but to prevent further attacks that can harm others.
- One way to protect your data is by using a Virtual Private Network (VPN) to create an encrypted connection between your device and the network you are connected to; this is especially helpful on public Wi-Fi networks.
- Another way to protect your data is by keeping your web browsers and all your software updated to ensure that vulnerabilities are addressed and not easily exploited by cybercriminals.
- Avoid clicking on suspicious links and always remain aware of potential threats while browsing the web.
- Using a strong password and a password manager is crucial to safeguarding sensitive information, and enabling Two-Factor Authentication (2FA) adds an additional layer of protection.
- It is also important to be aware of common online threats like phishing attacks, malware, and social engineering attacks, and to have a robust firewall, updated antivirus software, and exercise critical thinking when dealing with any communication that asks for personal information.
- By taking the necessary steps to safeguard your personal data when browsing the web, you can minimize your chances of becoming a target of cyber attacks and surf with more confidence.
- Remember to stay informed, stay protected, and be cautious when sharing your personal information online.
Read Full Article
5 Likes
Gbhackers
1d
177
Adobe Patches Multiple Code Execution Flaws in a Wide Range of Products
- Adobe has addressed several critical code execution flaws across a broad spectrum of its products.
- The patches aim to rectify vulnerabilities that could allow malicious actors to execute arbitrary code on affected systems.
- Adobe's Product Security Incident Response Team (PSIRT) plays a pivotal role in addressing security vulnerabilities.
- Regularly updating Adobe software is crucial to safeguard against potential security risks.
Read Full Article
10 Likes
Tech Radar
1d
173
Image Credit: Tech Radar
Dell may have suffered another fairly embarrassing hack
- A recent Dell data breach has resulted in the theft of sensitive data on 30,000 customers, potentially including personal information and photos.
- The hacker responsible, known as Menelik, managed to exploit the same vulnerabilities used in a previous incident that exposed information on 49 million Dell customers.
- Some of the stolen data pertains to customers within the European Union, which may trigger GDPR concerns.
- Menelik has not yet made concrete plans for the stolen database, stating that they want to assess Dell's response to the situation.
Read Full Article
10 Likes
Socprime
1d
212
Image Credit: Socprime
SOC PRIME TO PRESENT AT THE TWELFTH EU MITRE ATT&CK® COMMUNITY WORKSHOP
- SOC Prime is set to present at the Twelfth EU MITRE ATT&CK Community Workshop on May 17th in Brussels.
- The workshop will bring together cybersecurity professionals to discuss and exchange insights on utilizing the MITRE ATT&CK framework.
- SOC Prime will deliver two presentations, one on AI and Large Language Models in threat detection, and another on educating students on MITRE ATT&CK in Ukraine.
- This marks the 10th anniversary of SOC Prime's participation in the EU MITRE ATT&CK Community Workshops.
Read Full Article
12 Likes
Securityaffairs
1d
277
Image Credit: Securityaffairs
Adobe fixed multiple critical flaws in Acrobat and Reader
- Adobe addressed multiple code execution vulnerabilities in its products, including Adobe Acrobat and Reader software.
- The company released Patch Tuesday updates to fix 35 security vulnerabilities, with 12 of them impacting Adobe Acrobat and Reader software.
- The vulnerabilities include Use After Free, Improper Input Validation, and Improper Access Control, which can lead to arbitrary code execution.
- Experts and research teams from Trend Micro Zero Day Initiative, Cisco Talos, and Renmin University of China reported the vulnerabilities.
Read Full Article
16 Likes
Medium
1d
216
Image Credit: Medium
Information Security In Africa: Navigating The Cyber Threat Landscape
- Africa lost over $4 billion to cyber risks in 2021, according to Interpol.
- Limited public awareness campaigns and lack of knowledge contribute to cybersecurity vulnerabilities in Africa.
- Email is the main source of malware distribution, accounting for 41% of incidents.
- To tackle cybersecurity threats, Africa needs awareness, education, resources, up-to-date technology, and strong legal frameworks.
Read Full Article
12 Likes
For uninterrupted reading, download the app