Monday 4/15
CyberArk Named Top Security Solution for Government Agencies
CyberArk is recognized as the premier cybersecurity solution for government agencies and organizations to protect against the exploitation of privileged accounts, credentials and secrets across every environment – including on the endpoint and across on-premises, hybrid cloud and DevOps environments.
http://bit.ly/2UXTu1j
‘Exodus’ spyware posed as a legit iOS app
Once installed, Exodus could access photos, videos, device IDs, audio recordings, and contacts on target devices, while also potentially tracking a victim's location and listening to their conversations through the iPhone or iPad's microphone.
http://bit.ly/2GmWZX4
Microsoft discloses security breach that impacted some Outlook accounts
According to Microsoft, between January 1, 2019, and March 29, 2019, a hacker, or group of hackers, compromised the account of a Microsoft support agent, one of the company's customer support representatives that handles technical complaints.
https://zd.net/2UE23ig
Wednesday 4/17
VPN Applications insecurely store session cookies
Multiple Virtual Private Network (VPN) applications store the authentication and/or session cookies insecurely in memory and/or log files. If an attacker has persistent access to a VPN user's endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods.
http://bit.ly/2UIxMPC
Cloudy with a Chance of Security Breach
Information on private networks hosted in a public cloud is not safe. This is because private networks, even without access to the Internet, are still able to communicate with it via DNS. Most of the time, no specific configuration is required to get full DNS access from the workloads pushed onto public cloud infrastructures. As a result, DNS tunneling, DNS file systems, and data exfiltration are possible on most public cloud providers by default.
https://ubm.io/2UIydte
Citrix Introduces SD-WAN for Google Cloud Platform
If you’ve decided to use Google Cloud Platform (GCP), Citrix has good news for you. Providing more freedom in cloud choice than ever before, we’re now offering an easy on-ramp to GCP with our virtual SD-WAN appliance, available in the GCP Marketplace. This delivers all the advantages of Citrix SD-WAN and enables you to confidently extend your network to the cloud.
http://bit.ly/2IpcNdj
Thursday 4/18
Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images
A bug in a 30-year-old standard used for the exchange and storage of medical images has been uncovered; it allows an adversary to embed fully-functioning executable code into the image files captured by medical devices such as CT and MRI machines.
http://bit.ly/2V36mDq
Cisco warns over critical router flaw
Cisco has disclosed 29 new vulnerabilities and is warning customers using its ASR 9000 Series Aggregation Services Routers to install an update to address a critical flaw that can be exploited remotely without user credentials.
https://zd.net/2Pj865X
How to Defend Your Organization Against Fileless Malware Attacks
The general thrust of how to combat fileless malware begins with making sure your Windows computers are patched and up to date. Since one of the first tenets of threat actors is taking advantage of unpatched, older systems, to delay patch management is to introduce a vulnerability into your network.
https://ibm.co/2ZlG8ve
Malvertising campaign abuses Chrome for iOS bug to target iPhone users
The bug allows malicious code hidden in online ads to break out of sandboxed iframes (a technology often used to load ad slots) and redirect the user to another site, or show an intrusive popup on top of a legitimate site.
https://zd.net/2VPuOVL
Friday 4/19
Facebook admits to storing plaintext passwords for millions of Instagram users
Facebook admitted today to storing the passwords of millions of Instagram users in plaintext format in internal server logs. Facebook states an internal investigation revealed that none of these plaintext passwords were abused by employees.
https://zd.net/2Djj2M7
New Baldr information stealer could target businesses
Information stealer is a type of malware that typically operates in a grab-and-go mode. It gathers data from a victim computer to send it to the attacker and typically targets credentials used in online banking services, social media sites, emails or FTP accounts, according to Malwarebytes.
http://bit.ly/2GqP21G
Arctic Wolf Networks Achieves ISO 27001 Certification
The scope of the ISO/IEC 27001:2013 certification includes Arctic Wolf Networks’ Information Security Management System (ISMS) and encompasses the in-scope applications, systems, people, and processes that support AWN CyberSOC. The AWN CyberSOC service demonstrates Arctic Wolf’s commitment to properly managing information to ensure customers are able to meet compliance standards through the combination of human expertise and machine intelligence, in order to effectively combat cyber threats.
http://bit.ly/2IIFYbb