Cyber Crime, Cyber Intelligence, Cyber Security, Cyber War, Information Security

CSO Security News

Date: September 26, 2021Author: Russ Roberts

Exchange Autodiscovery feature can cause Outlook to leak credentials.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 26 September 2021, 1301 UTC.

Source:

https://www.csoonline.com/news/

Please scroll down to read your selections.

News

Software cybersecurity labels face practical, cost challenges

The federal government wants consumer software to have cybersecurity labels; experts question the feasibility of the mandate.

Biden sanctions Suex cryptocurrency exchange to stifle ransomware payments

In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments.

APT actors exploit flaw in ManageEngine single sign-on solution

US government agencies urge immediate action to look for indicators of compromise and, if found, take recommended steps to mitigate.

How APTs become long-term lurkers: Tools and techniques of a targeted attack

A new McAfee report details the tools and techniques an APT group used to go undetected on a client network for over a year.

3 former US intel officers turned cyber mercenaries plead guilty: An insider threat case study

Three U.S. nationals, working as cyber mercenaries on behalf of the United Arab Emirates, have pleaded guilty to exploiting U.S. entities using U.S.-controlled technologies.

Federal agencies face new zero-trust cybersecurity requirements

The OMB and CISA issue guidance to move all federal agencies to a shared zero-trust maturity model for FY22-24. The catch: No new funding.

Critical flaw in Atlassian Confluence actively exploited

The remote code execution vulnerability was recently patched for affected versions of Atlassian Confluence Server and Data Center; users are advised to apply the patch or upgrade.

Cosmos DB users advised to regenerate their keys following serious vulnerability

The Azure vulnerability, which affects only those using the Jupyter Notebook feature, gives attackers access to data in databases.

LockFile ransomware uses intermittent encryption to evade detection

This newly discovered ransomware works fast, has multiple ways to avoid detection, and preys on Windows systems with known vulnerabilities.

China’s PIPL privacy law imposes new data handling requirements

The Personal Information Protection Law will force global companies doing business in China to be more careful with cross-border flow of personal information.

Tech giants pledge at least $30 billion to improve cybersecurity following White House meeting

Technology, financial, and education leaders commit to a wide range of initiatives to enhance the nation’s cybersecurity posture in collaboration with the Biden Administration.

New US CISO appointments, August 2021

Keep up with news of CSO, CISO, and other senior security executive appointments.

Security blind spots persist as companies cross-breed security with devops

As devops matures into devsecops, cultural obstacles continue to exert drag.

OnePercent ransomware group hits companies via IceID banking Trojan

This new, aggressive ransomware group also uses Cobalt Strike to move laterally across the network.

4 most dangerous emerging ransomware threat groups to watch

New research identifies four emerging ransomware groups currently affecting organizations and that show signs of becoming bigger threats in the future.

Amazon Sidewalk highlights network security visibility risks consumer services pose

Research warns consumer-grade services can undermine risk assessment of corporate networks amid remote working as Houdini malware spoofs devices to exfiltrate data.

IoT devices have serious security deficiencies due to bad random number generation

It’s not the IoT vendors’ fault. Lack of a cryptographically secure pseudo-random number generator subsystem for the internet of things devices will be vulnerable.

Wave of native IIS malware hits Windows servers

IIS malware presents diverse, persistent, and growing threats from old and new threat actors.

For the latest cybersecurity, cybercrime, cyberwar, and information security news, please check the blog sidebar, links, and twitter posts. Thanks for joining us today.

Russ Roberts

https://atomic-temporary-195915488.wpcomstaging.com.

Cyber Attack Halts Production at Ag Equipment Maker AGCO Fendt
A cyber attack has disrupted the operations of AGCO/Fendt, a major manufacturer of agricultural equipment, the company has ackhttps://feeds.feedblitz.com/-/41936664/0/thesecurityledgerwledged. The post Cyber Attack Halts Production at Ag Equipment Maker AGCO Fendt appeared first on The Security Ledger with Paul F. Roberts. Related StoriesFeel Good Ukraine Tractor Story Highlights Ag Cyber RiskDEF CON: Security Holes in […]
Paul Roberts
Feel Good Ukraine Tractor Story Highlights Ag Cyber Risk
The good news? John Deere bricked expensive farm equipment taken by thieving Russian troops. The bad news: those same remote access features could be used to launch crippling, large scale attacks on US farms. The post Feel Good Ukraine Tractor Story Highlights Ag Cyber Risk appeared first on The Security Ledger with Paul F. Roberts. […]
Paul Roberts
Episode 237: Jacked on the Beanstalk – DeFi’s Security Debt Runs Wide, Deep
The hack of Beanstalk is just the latest major compromise of a decentralized finance (DeFi) platform. In this podcast, Jennifer Fernick of NCC Group joins me to talk about why DeFi’s security woes are much bigger than Beanstalk. The post Episode 237: Jacked on the Beanstalk – DeFi’s Security Debt Runs Wide, Deep appeared first […]
Paul Roberts