A naukri.com initiative
Info. Security News News
Kaspersky
1w
171
Image Credit: Kaspersky
New 2024 NIST requirements for password strength and storage
- New 2024 NIST requirements have been outlined regarding password strength and storage.
- The online services' user verification procedures, including password length, phone number input, and biometric checks, are mostly regulated by industry standards, the NIST SP 800-63 Digital Identity Guidelines being among the most significant.
- The recent update addresses security and privacy requirements of the guidelines and covers a possible distributed (federated) approach.
- It defines three Authentication Assurance Levels (AALs), and allows single-factor authentication only at the least restrictive level–AAL1 out of AAL3.
- Compromised passwords must be forgotten and reset immediately. The new NIST guidelines prohibit the imposition of password composition requirements.
- It’s suggested that all access levels implement MFA, but it’s mandatory for AAL2 and only phishing-resistant MFA methods are acceptable for AAL3.
- To ensure resistance to phishing, authentication must be tied to the communication channel (channel binding) or verifier service name (verifier name binding).
- The standard puts limits on biometric input rates and the number of unsuccessful attempts.
- Biometric checks may serve as an authentication factor combined with proof of possession, but are prohibited for identification.
- Biometric equipment algorithms must be resistant to presentation attacks, which attempt to use photos or videos.
Read Full Article
10 Likes
Schneier
1w
133
Image Credit: Schneier
IoT Devices in Password-Spraying Botnet
- Microsoft warns Azure cloud users about a Chinese-controlled botnet engaged in password spraying.
- The botnet, known as CovertNetwork-1658, uses highly evasive techniques for password guessing attacks.
- The botnet's use of compromised SOHO IP addresses and a rotating set of IP addresses makes detection difficult.
- The low-volume password spray process makes it challenging to detect multiple failed sign-in attempts from one IP address or account.
Read Full Article
8 Likes
Securityaffairs
1w
33
Image Credit: Securityaffairs
Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices
- Synology has fixed a critical vulnerability affecting DiskStation and BeePhotos NAS devices.
- The vulnerability, named RISK:STATION, allows remote code execution.
- The flaw was demonstrated by a security researcher at the Pwn2Own Ireland 2024 hacking contest.
- Synology released a patch within 48 hours and urges users to update their devices immediately.
Read Full Article
2 Likes
Securityaffairs
1w
58
Image Credit: Securityaffairs
ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy
- The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions.
- ToxicPanda has infected thousands of devices across Italy, Portugal, Spain, and Latin America, targeting 16 banks.
- The malware uses On-Device Fraud (ODF) techniques to bypass bank security measures and initiate account takeovers.
- Experts speculate that Chinese-speaking individuals may be behind the malware campaign, indicating a potential shift or expansion in their operational focus.
Read Full Article
3 Likes
Qualys
1w
159
Image Credit: Qualys
Qualys Web Application Scanning (WAS) Recognized as a Leader in 2024 GigaOm Radar Report for Application Security Testing (AST)
- Qualys Web Application Scanning (WAS) has been recognized as a Leader in the 2024 GigaOm Radar Report for Application Security Testing (AST).
- Web applications are prime targets for cyberattacks, including SQL injection, cross-site scripting (XSS), and various zero-day vulnerabilities.
- API traffic now represents over 80% of all web traffic, making API security a top priority for enterprises.
- Qualys delivers a comprehensive, scalable, and highly effective platform for application security to help organizations protect their critical web applications and APIs against the latest security threats.
- Qualys WAS stands out as industry leaders in several key areas that are critical for modern web and API security, making it a trusted resource for evaluating application security solutions.
- Qualys offers AI-driven risk prioritization that helps security teams prioritize the most critical risks based on their potential impact.
- Qualys was recognized for its continued innovation and ability to meet the evolving security needs of modern enterprises in the 2024 GigaOm Radar for Application Security Testing.
- By leveraging Qualys WAS and API Security, organizations can achieve continuous visibility into their web and API security posture, reduce the risk of data breaches and unauthorized access, and enhance collaboration between security and development teams through seamless CI/CD integration.
- Qualys offers scalability that meets the needs of modern application infrastructures, ensuring that security remains consistent, regardless of the size and complexity of your application ecosystem.
- Qualys turns risk data into actionable insights so organizations can make better-informed decisions to support their security strategy.
Read Full Article
9 Likes
Amazon
1w
163
Image Credit: Amazon
Amazon Inspector suppression rules best practices for AWS Organizations
- Amazon Inspector is a vulnerability management service that continuously scans your Amazon Web Services (AWS) workloads for software vulnerabilities and unintended network exposure.
- To prioritize vulnerabilities, AWS recommends using risk-based prioritization and proper resource tagging.
- Best practices for managing vulnerabilities include suppressing findings based on Amazon Inspector score and using tags to enable risk-based prioritization.
- You can create suppression rules in Amazon Inspector to suppress findings that are less critical, so that you can focus on higher-priority findings.
- Member accounts in an organization cannot create or manage suppression rules. Only standalone accounts and Amazon Inspector delegated administrators can create and manage suppression rules.
- You can integrate Amazon Inspector with AWS Security Hub to send findings from Amazon Inspector to Security Hub, and Security Hub can include these findings in its analysis of your security posture.
- It’s important to maintain a careful, measured approach when applying suppression rules. Maintaining visibility into the true risk profile for each finding is essential for proactive, comprehensive vulnerability management.
- Vulnerability management includes performing a risk assessment to determine which vulnerabilities pose the greatest risk and assessing the relevant regulatory requirements.
- Amazon Inspector is a regional service, meaning you must designate a delegated administrator, add member accounts, and activate scan types in each AWS Region you want to use Amazon Inspector in.
- Best practices for vulnerability management in AWS Organizations include setting up a delegated admin to manage vulnerability scanning for multiple AWS accounts in an organization.
Read Full Article
9 Likes
Veracode
1w
394
Image Credit: Veracode
Revolutionizing Risk Management in Application Security
- Software applications are vulnerable to cyber threats and data leaks.
- Scanning alone is not enough to manage risk in application security.
- Enhancing application security involves prioritizing and remediating vulnerabilities.
- The challenge lies in identifying the most critical flaws and their root causes.
Read Full Article
23 Likes
TechCrunch
1w
339
Image Credit: TechCrunch
Canadian authorities say they arrested hacker linked to Snowflake data breaches
- Canadian authorities have arrested a hacker connected to Snowflake data breaches.
- The hacker, known as Alexander Moucka or Connor Moucka, was apprehended based on a provisional arrest warrant requested by the United States.
- The hacker targeted various companies, including AT&T, Ticketmaster, and Advanced Auto Parts, stealing sensitive corporate data stored in Snowflake.
- Moucka appeared in court on October 30, and his case was adjourned to November 5, 2024. Potential extradition to the United States is unclear.
Read Full Article
20 Likes
Securityintelligence
1w
285
Image Credit: Securityintelligence
Skills shortage directly tied to financial loss in data breaches
- The cybersecurity skills gap continues to widen, with severe consequences for organizations worldwide.
- More than half of breached organizations face severe security staffing shortages, leading to an average of $1.76 million in additional breach costs.
- Skills in cloud security, threat intelligence analysis, incident response, data analysis, risk management, and compliance expertise are in high demand.
- Organizations are combatting the skills shortage with strategies such as expanding internal training programs, leveraging AI to augment human capabilities, and focusing on a mix of technical and soft skills.
Read Full Article
17 Likes
Socprime
1w
268
Image Credit: Socprime
Stealthy Strela Stealer Detection: Info-Stealing Malware Resurfaces with Enhanced Capabilities to Target Central and Southwestern Europe
- Security researchers have discovered a stealthy campaign targeting users in Central and Southwestern Europe with a credential stealer called Strela.
- The malware, deployed via phishing emails, uses obfuscated JavaScript and WebDAV to evade detection.
- Strela Stealer has enhanced its capabilities over the past two years, enabling it to covertly steal sensitive data from unsuspecting users.
- Mitigation measures include strict access controls on WebDAV servers and restricted execution of PowerShell and other scripts.
Read Full Article
16 Likes
Securityaffairs
1w
403
Image Credit: Securityaffairs
U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog
- U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog
- PTZOptics PT30X-SDI/NDI camera vulnerabilities CVE-2024-8956 and CVE-2024-8957 added
- Threat actors attempting to exploit the zero-day vulnerabilities
- Vulnerabilities allow attackers to execute arbitrary commands and bypass authentication
Read Full Article
24 Likes
Securityaffairs
1w
319
Image Credit: Securityaffairs
Canadian authorities arrested alleged Snowflake hacker
- Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year.
- The suspect, Alexander 'Connor' Moucka, was arrested on October 30, 2024, on a US provisional arrest warrant.
- He is accused of being responsible for a series of attacks involving as many as 165 customers of Snowflake Inc.
- The attacks involved stolen credentials, data theft, extortion attempts, and selling stolen data on criminal forums.
Read Full Article
19 Likes
Kaspersky
1w
226
Image Credit: Kaspersky
Security and privacy settings in ASICS Runkeeper | Kaspersky official blog
- ASICS Runkeeper, the popular running tracking app, has privacy settings that need to be properly configured.
- To access the privacy settings in ASICS Runkeeper, go to Me → Settings → Privacy Settings.
- Turn off the switch next to Public Account to ensure your account is not public.
- Adjust notifications and email preferences in the settings to suit your preferences.
Read Full Article
13 Likes
TechBullion
1w
117
Image Credit: TechBullion
The Impact of Silicon Valley on Privacy and Data Security
- Silicon Valley in California is the home of large global tech firms including Apple, Facebook, Google and Amazon, which collect user data to run their businesses.
- Three common ways these companies use personal data include personalised ads, product improvements, and to personal suggestions (or AI-driven).
- Silicon Valley companies also have access to substantial data, which raises privacy concerns and leads people to query who can see the information and how it’s being used.
- Worries include sharing data, constant tracking, data breaches and lack of transparency.
- To counter such concerns, some Silicon Valley firms are prioritising data security through encryption, AI-powered security blockers, and educating users on protection.
- Governments and the public are pushing for more data privacy, imposing regulations like GDPR in Europe and the CCPA in California.
- Apple, for example, has made privacy a core feature uder control so that users can regulate which apps can track them.
- However, privacy can be harder to regulate for many Silicon Valley firms that rely on advertising revenue.
- Innovations have enhanced our everyday lives in Silicon Valley, yet user data raises requirements for personal privacy and security.
- Stakeholders including companies and users must prioritise transparency, knowledge, and data safety for sustainable progress in privacy and security in the digital world.
Read Full Article
7 Likes
Securityaffairs
1w
303
Image Credit: Securityaffairs
July 2024 ransomware attack on the City of Columbus impacted 500,000 people
- The July 2024 ransomware attack on the City of Columbus, Ohio, impacted 500,000 individuals.
- The attack was successfully thwarted, and no systems were encrypted.
- The Rhysida ransomware gang claimed responsibility for the attack and demanded 30 Bitcoin ($1.9 million) for stolen data.
- The City of Columbus determined that the attack compromised personal and financial information of the affected individuals.
Read Full Article
18 Likes
For uninterrupted reading, download the app