Expert Reaction On Office 365 Users Targeted In SurveyMonkey Phishing Attack

Researchers at Abnormal Security have uncovered attempts to steal Office 365 user credentials on the pretext of conducting surveys among employees. In the campaign, the victim receives an email from a genuine SurveyMonkey site, but the message contains a hidden link, which upon clicking, redirects the victim to a Microsoft form submission page. The user has to submit their Office 365 email and password to proceed. This way, the malicious actors steal the unsuspecting user’s Microsoft account security credentials.

Active Exploit Attempts Targeting Recent Citrix ADC Vulnerabilities CTX276688 , (Thu, Jul 9th)

I just can’t get away from vulnerabilities in perimeter security devices. In the last couple of days, I spent a lot of time with our F5 BigIP honeypot. But looks like I have to revive the Citrix honeypot again. As of today, my F5 honeypot is getting hit by attempts to exploit two of the Citrix vulnerabilities disclosed this week [1]. Details with proof of concept code snippets were released yesterday [2].

MariaDB raises $25M more to expand its SkySQL cloud database platform

Cloud services continue to be a key component of how organisations remain operational even as so much else — such as physically working in enclosed offices — is forced to change because of the COVID-19 health pandemic. Today, MariaDB Corporation, the company behind MariaDB SkySQL and one of the startups leading the charge on open source cloud databases, is announcing $25 million in funding to continue its growth.

8 Keys to Writing Safer Code

All too often, security in code is an afterthought. There’s a reason that bug bounties are so prevalent; as codebases get larger, testing gets harder. Add in the time constraints of a “move fast and break things” mentality and it’s no wonder so many security issues arise. The basics might be there, encrypted connections, hashed passwords, etc., but little thought is given to the possible vulnerabilities of the code behind it. In that vein, I have eight recommendations for writing secure code. I’ll be focusing on Python in this post, but these rules can generally apply to any language.

1. Testing, testing!

Ensure that tests exist for everything you code. To assist with this, there are some rules you can follow for code layout. More functions are better than fewer. Break your code up into the smallest chunks you can and make each of those a function. If the function comments are something like, “Do X, then Y,” see if you can break it in two. Ideally, write the test before the function. You know what it should do, so you should be able to write the test first. As you move forward with releases and fixes, every time you find a bug, write a test for it, that will help with regression later. And yes, this is general coding advice, but smaller functions are easier to read and follow and help to limit the number of security issues that could appear. Smaller functions can also save you time in tracking down the source of a security problem.

2. Make code readable

Along the lines of being easier to read, it’s common to want to save space and typing, but don’t do it to the detriment of readability.

Example 1:

Consider the following code:

for i in range(5): n = i * 2 m = 5 print(n + m)

Made shorter:

for i in range(5): n=i*2; m=5; print(n+m)

July 2020 Open Source Security Vulnerabilities Snapshot

Now that the sparkle and pop of the Fourth of July’s fireworks has subsided, it’s time for July’s open source vulnerabilities snapshot, your monthly overview of everything new in the always-evolving world of open source security. 

Once again, we’re here to give you an overview of what’s new and what’s stayed the same in the world of open source security vulnerabilities. WhiteSource’s hard-working research team dug into the data from our database, to give you the low-down on the open source security vulnerabilities published in June, and see what’s changed since our previous overview. The extensive WhiteSource database for open source vulnerabilities continuously collects information from several resources, including the well-known National Vulnerability Database (NVD) and multiple peer-reviewed security advisories, forums, and issue trackers in the open-source and security communities. 

Open Source Vulnerabilities in July: What’s New?

Over 800 new open source vulnerabilities were published in June. As open source usage becomes a common practice in software development organizations big and small and the open source community grows, the community is continuously increasing efforts to detect and remediate security issues in open source components. 

The result is this high number of new open source security vulnerabilities published in July,  nearly 50% of them with a fix already available. Considering the resources invested in open source security, the number of fixes will most probably rise in the upcoming weeks. 

June Open source Vulnerabilities Published with a Fix

Major spike in cyber threats during Covid-19 pandemic – insights from the Telco Security Alliance

The COVID-19 Threat Intelligence Insight report was provided by AT&T Cybersecurity and the Telco Security Alliance (TSA), which observed cyberthreat activity between January and June 2020. The TSA consists of a group including Singtel (Trustwave), and Telefónica (ElevenPaths), and aims to offer enterprises comprehensive cybersecurity insights to help them address the threat of cyberattacks and the evolving threat landscape.

Ali Baba and the forty cyberthreats

As we never tire of saying, fairy tales are thinly veiled reports on information security. And it wasn’t only the European storytellers who tried to warn their descendants about cyberthreats — they were equally prescient in the East. For example, Scheherazade, the protagonist of the classic 1001 Nights, kept what can only be described as a daily infosec blog with video podcasts. True, he had an ulterior motive for doing so …

Experts Insight On New Dark Web Audit Reveals 15 Billion Stolen Logins

A new report has revealed the true extent of stolen account logins to be found circulating on the dark web amongst cybercriminals. The Digital Shadows Photon Research team has spent 18 months auditing criminal forums and marketplaces across the dark web and found that the number of stolen usernames and passwords in circulation has increased by 300% since 2018. There are now more than 15 billion of these stolen credentials, from 100,000 data breaches, available to cybercrime actors. Of this number, some 5 billion are said to be unique, with no repeated credential pairs. The “From Exposure to Takeover” report warns that there’s a “treasure trove of account details” available in cybercrime markets. The 15 billion stolen account logins include credentials, usernames and password pairs, for online banking, social media accounts, and music streaming services. To put it another way, that’s the equivalent of two sets of account logins for every man, woman, and child on the planet.

eLection: 1 Vulnhub Walkthorugh

Today we are going to solve another boot2root challenge called “eLection: 1”. It’s available at Vulnhub for penetration testing. This is a mid-level lab based on the CMS “eLection”. There are several methods (easy and medium) to access the server.  The merit of doing this lab is Love’s. Let’s start and learn how to successfully break it down with an easy way first. 

Fifteen Billion Usernames and Passwords For Sale on Dark Web

According to a report by Digital Shadows Photon Research Team, there is at present 15 billion usernames and passwords for sale on the dark web. This is as a result of 100,000 different data breaches that have taken place over the course of the last two years; that is, a 300% increase in stolen credentials. Providing access to bank accounts, streaming as well as other internet services, these credentials are sometimes offered for free by bad actors or charge an average of $15.43.