The discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with "minimal user interaction"; it subsequently allows attackers to gain root-level code execution on the host. Scary, to be sure. Scarier, however, is that the minimal user interaction was made easier by...

Tripwire's February 2019 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft's Browser and Scripting Engine. These patches resolve 23 vulnerabilities, including fixes for Memory Corruption, Elevation of Privilege, Spoofing, Security Feature...

This Thursday, March 7, 2019, I’ll be facilitating a Learning Lab titled Fine Tuning Your Cyber-Defense Technologies with the ATT&CK Framework at the 2019 RSA Conference in San Francisco, CA. This will be my fourth time speaking at RSA, and this will be my second time facilitating a learning lab, which I'm happy about. I really enjoy the learning labs...

TikTok has agreed to pay a penalty of $5.7 million in order to settle allegations that it illegally collected children's personal data. The penalty effectively settles a complaint submitted by the U.S. Federal Trade Commission against TikTok alleging that the video social networking app had...

If you think back to last year, Coinhive was everywhere. The service offered any website an arguably legitimate way of generating income that didn't rely upon online adverts. And plenty of well-known sites, such as Showtime, Salon.com and The Pirate Bay, were happy to give it a go. Rather than making money through ads that might irritate you or...

Ring Doorbell has patched a flaw that allowed attackers to spy on and inject their own application footage, thereby undermining users' home security. Researchers at Dojo, Bullguard's Internet of Things (IoT) security team, discovered the vulnerability while performing an independent security assessment of the smart doorbell. They began their...

Researchers have uncovered a new family of malware called "Farseer" that's designed to conduct surveillance against Windows users. Discovered by Palo Alto Networks, Farseer works by using a technique known as "DLL sideloading" to drop legitimate, signed binaries to the host. These binaries usually consist of trusted applications that don't raise...

With connectivity to the outside world growing, cyber attacks on industrial computers constitute an extremely dangerous threat, as these types of incidents can cause material losses and production downtime for a whole system. Moreover, industrial enterprises knocked out of service can seriously undermine a region’s social welfare, ecology and...

A couple of phishing schemes are currently targeting contractors who do business with two U.S. federal government agencies. Anomali Labs uncovered a malicious server hosting the two schemes in late February 2019. The first scheme begins when users visit transportation[.]gov[.]bidsync[.]kela[.]pw, a suspicious-looking subdomain which contains the...

For various reasons, many executives and senior team members with privileged status on the network and/or access to financial assets oftentimes need to access corporate IT systems from a public place outside the office. What is very common in these types of places is that they’re covered with security cameras. Such devices are a must-have for...

By now, everyone should have heard about the telephone scams involving a caller claiming to be from the CRA (Canada Revenue Agency) or the IRS (Internal Revenue Service). These tax agency scams generally receive the most coverage, but some don’t get much attention. Recently, people have also received calls from individuals claiming to be from their ...

Sandbox environments are a common feature of many cybersecurity solutions in their fight against advanced malware. Firewalls, endpoint protection, and even next-generation machine learning systems use sandboxes as one of their lines of defense. However, not all sandboxes are created equal. Sandboxes can take different approaches towards malware...

A new bill would strengthen California's data breach notification law by expanding businesses' obligations to inform their customers in the event of a security incident. On 21 February, California Attorney General Xavier Becerra and Assembly Member Marc Levine (D-San Rafael) revealed AB 1130. This...

Car maker Toyota admitted earlier today that it had suffered what appears to have been a malware attack at its facilities in Melbourne, Australia that knocked out its website and other communications. The first public sign of a problem appeared on Toyota Australia's website, which was offline for a period of time in the aftermath of the attack. The...

Web-based hosting service GitHub has decided to increase both the potential reward amounts and scope of its bug bounty program. On 19 February, GitHub announced its decision to raise its reward amounts. Security researchers can now expect to earn a minimum of $617 for reporting a low-severity vulnerability in the service's products. On the other end...

According to a hypothetical cyber risk scenario prepared by the Cyber Risk Management (CyRiM) project for risk management purposes, a ransomware strain that can disrupt more than 600,000 businesses worldwide within 24 hours would potentially lead to damages in the amount of billions of dollars. Cyber Risk Management (CyRiM) project is a collaborative...

The Separ infostealer is using what's known as "Living off the Land" tactics to target businesses as part of an ongoing attack campaign. Digital security company Deep Instinct detected the campaign and observed that an infection begins when an employee at a business organization receives a phishing email. The email comes with an attached PDF...

On 25 January 2019, the longest U.S. government shutdown in history came to an end. It’s unclear exactly what impact this closure had on the government’s digital security. A SecurityScorecard report found that the shutdown coincided with a rise of expired SSL certificates protecting .gov domains, thereby producing a slight dip in overall network...

In September of 2018, Amazon Web Services (AWS) announced the addition of the Session Manager to the AWS Systems Manager. The session manager enables shell or remote desktop level access to your AWS EC2 Windows and Linux instances, along with other benefits. This is a great new feature, but care should be taken when enabling this capability. While the...

In the original Star Trek episode “The Trouble with Tribbles,” an unscrupulous merchant, Cyrano Jones, gives a small furry animal called a Tribble to communications officer Uhura. Uhura takes the Tribble aboard the Starship Enterprise where the animal begins to quickly reproduce, thereby threatening to overrun the ship and cause significant damage....