Foundational cloud security with CIS Benchmarks.
Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.
Accessed on 16 December 2021, 1257 UTC.
Content provided by https://cyware.com.
Please click link or scroll down to read your selections.
Latest Cybersecurity News And Articles
Foundational cloud security with CIS Benchmarks
Cloud environments evolve and change, and CSPs are constantly adding new functional services that come with unique configuration and security tools to manage them effectively.
Recent Activity in Dragos Tracked Activity Groups
Dragos is currently developing three new Activity Groups this year and has also discovered activity across three existing activity groups: KAMACITE, WASSONITE, and STIBNITE.
New Fileless Malware Uses Windows Registry as Storage to Evade Detection by Antimalware Engines
The malware uses a resilient domain generation algorithm to identify its C2 infrastructure and utilizes the Windows Registry for all of its storage operations, thereby bypassing antimalware engines.
Have Money for a Latte? Then You Too Can Buy a Phish Kit
Phish kits are sets of files that contain all the code, graphics, and configuration files to be deployed to make a phishing page. These are designed to be easy to deploy as well as reusable.
FBI’s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine
An FBI investigation on a recent breach suffered by an Oregon healthcare firm lead to the accidental revelation that the HelloKitty ransomware gang (Five Hands) operates out of Ukraine.
UK Government Experts Issue Last Minute Seasonal Scam Warning
The UK’s National Cyber Security Centre (NCSC) has made one final plea to consumers ahead of the busiest shopping weekend before Christmas to be alert to fraud and data theft attempts.
Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges
Even more troublingly, researchers at Praetorian warned of a third separate security weakness in Log4j version 2.15.0 that can “allow for exfiltration of sensitive data in certain circumstances.”
US Senate passes $768 billion defense bill without cyber incident reporting provisions
The bill passed by the Senate includes a National Cyber Exercise program that will test the country’s cyber preparedness and a “CyberSentry” provision to monitor critical infrastructure.
Gumtree users’ locations were visible by pressing F12
The UK online used goods bazaar Gumtree exposed its users’ home addresses in the source code of its webpages, and then tried to squirm out of a bug bounty after infosec bods alerted it to the flaw.
Billions of Devices are at the Risk of Coexistence Attacks
Researchers have discovered that it is possible to manipulate traffic on a WiFi chip and extract passwords. They named the technique coexistence attacks. An attacker can even run malicious code on a compromised WiFi chip without it being connected to a wireless network and pilfer passwords. The rec … Read More
Cequence adds $60M Series C to improve API security
Menlo Ventures led the latest round with participation from Icon Ventures, Telstra Ventures, HarbourVest Partners, Shasta Ventures, Dell Technologies Capital, and T-Mobile Ventures.
Web App Attacks Surge 251% in Two Years
This is likely to be fuelling an increase in data breaches. Remote code execution and remote file inclusion attacks, often used to steal data and hijack websites, surged by 271% over the two years.
Seedworm Targeting Telecom, IT, and Utility firms in the Middle East and Asia
Symantec revealed that the Iranian MuddyWater group has been targeting telecom operators, IT firms, and a utility company in the Middle East and other parts of Asia. Researchers observed that the attackers made a deliberate attempt to target more and more organizations by mounting a supply-chain at … Read More
Significant Disconnect Between SOC Leaders and Staff
There is a significant disconnect between security operations center (SOC) leaders and staff, which is reducing the effectiveness of these teams, according to a new report by Devo Technologies.
Cylus raises $30M Series B to help protect trains and metros worldwide
The Series B funding round was led by Ibex Investors, with participation from Vertex Growth Fund, Strides International Business, Magma Venture Partners, Vertex Ventures Israel, and GlenRock Israel.
UK’s New Cyber Strategy Designed to Boost Position as ‘Global Cyber Power’
The UK government has published a new national cyber strategy to bolster the nation’s defensive and offensive capabilities amid rising attacks from criminal gangs and nation-state actors.
Hackers Steal $140 Million from Users of Crypto Gaming Company
The hackers stole the private keys to access 96 wallets, siphoning off 4.5 million PYR, which is VulcanForge’s token that can be used across its ecosystem, the company said in a series of tweets.
US government to offer up to $5,000 ‘bounty’ to hackers to identify cyber vulnerabilities
The DHS is launching a “bug bounty” program, potentially offering thousands of dollars to hackers who help the department identify cybersecurity vulnerabilities within its systems.
National cyber resilience requires closer integration of public and private efforts
Beyond intel sharing, the government and industry must boost sharing of best practices, and help each other implement these playbooks, especially for entities that support national critical functions.
Sysdig Raises $350 Million at $2.5 Billion Valuation
The latest funding round was led by Permira, with participation from Guggenheim Partners, Accel, Bain Capital Ventures, DFJ Growth, Glynn Capital, Goldman Sachs, Insight Partners, Next47, and others.
Iranian State-Sponsored Threat Group Targets Airline with Aclip Backdoor
In March 2021, IBM Security X-Force observed an attack on an Asian airline that we assess was likely compromised by a state-sponsored adversary using a new backdoor that utilizes Slack.
Cybersecurity startup Guardio raises its first funding
Guardio, which provides a browser extension to monitor malicious activity online, raised $47 million led by Tiger Global. Emerge, Vintage, Cerca Partners, Union, and Samsung Next also participated.
SAP Patches Log4Shell Vulnerability in 20 Applications
SAP identified a total of 32 applications affected by CVE-2021-44228, a critical vulnerability in the Apache Log4j Java-based logging tool, and has already shipped patches for 20 of them.