F1TYM1

The evidence from the closed investigation indicates that Kemp’s office mistook planned security tests and a warning about potential election security holes for malicious hacking.

Welcome back to This Week in Apps, the Extra Crunch series that recaps the latest OS news, the applications they support and the money that flows through it all.

• One Trump fundraising event in Dallas next month has a price tag of $580,600 per couple.

The Exim MTA vulnerability, initially reported by Qualys in May 2019, is currently being exploited in the wild. Recently, the US National Security Agency (NSA) announced that Sandworm actors (Russian hacker group) have been actively exploiting the Exim Mail Transfer Agent vulnerability.

Authored by Jacques Lopez and Tom Estonﾂ?

As a result of the current COVID-19 pandemic, most companies are operating remotely. This ???new normal??? has led to an increased demand for digital transformations and cloud migrations. But Verizon???s 2020 Data Breach Investigations Report recently noted that cyberattackers are taking advantage of the digital transformations, finding new ways to attack web applications. As Tami Erwin, CEO of Verizon Business, recently stated, ???As remote working surges in the face of the global pandemic, end-to-end security from the cloud to employee laptop becomes paramount.???

Governance & Risk Management , IT Risk Management , Patch Management

When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of day-to-day activity needed to support these enterprises is in fact mind-numbingly boring and tedious, and that highlighting this reality may be a far more effective way combat cybercrime and steer offenders toward a better path.

Researchers at the NCCGroup have been working on a 5-part explanation of a Windows kernel vulnerability, targeting the Kernel Transaction Manager (KTM). The vulnerability, CVE-2018-8611, is a local privilege escalation bug. There doesn’t seem to be a way to exploit this remotely, but it is an interesting bug, and NCCGroup’s work on it is outstanding.

An extra way to create leverage against victims of ransomware has been introduced by the developers of the Maze ransomware. If the victim is not convinced that she should pay the criminals because her files are encrypted, there could be an extra method of extortion. Over time, more organizations have found ways to keep safe copies of their important files or use some kind of rollback technology to restore their systems to the state they were in before the attack.

Written by Sean Lyngaas
May 29, 2020 | CYBERSCOOP

For GitHub, not all reports about malicious software on its platform are of equal importance.

Qualys is sponsoring the EU Cybersecurity Blogger Awards for 2020, representing a ‘who’s who’ of people that write and share their opinions around the security sector. Ahead of the winners being announced on the 2nd of June, we thought we’d ask some questions around what is taking place in security today, how to make the most of your teams, and what changes are required too.

Most breaches happen because organizations only have a vague understanding of their security posture. That said, getting an accurate and up-to-date view of your attack surface and posture is no easy feat. There are an overwhelming number of assets in today’s enterprises and 100s of ways in which you can get breached.

AWS Shield is a managed threat protection service that safeguards applications running on AWS against exploitation of application vulnerabilities, bad bots, and Distributed Denial of Service (DDoS) attacks. The AWS Shield Threat Landscape Report (TLR) provides you with a summary of threats detected by AWS Shield. This report is curated by the AWS Threat Response Team (TRT), who continually monitors and assesses the threat landscape to build protections on behalf of AWS customers. This includes rules and mitigations for services like AWS Managed Rules for AWS WAF and AWS Shield Advanced. You can use this information to expand your knowledge of external threats and improve the security of your applications running on AWS.

President Trump follows through on his threat to challenge the legal protections enjoyed by social media and internet companies, Magic Leap’s CEO is stepping down and China sees its biggest autonomous driving round yet.

Security and data protection must go beyond perimeter defenses. Two of the largest data breaches on record, Target and Home Depot, were the result of compromised network credentials. In both cases, hackers leveraged privileged accounts to gain access to sensitive data and millions of private records. These incidents illustrate the threat of unrestricted access.

=========================================================================
Ubuntu Security Notice USN-4359-2
May 28, 2020

Here’s a little preview of what you’ll find in Episode 6 of the Security Stories podcast.