Researchers at Abnormal Security have uncovered attempts to steal Office 365 user credentials on the pretext of conducting surveys among employees. In the campaign, the victim receives an email from a genuine SurveyMonkey site, but the message contains a hidden link, which upon clicking, redirects the victim to a Microsoft form submission page. The user has to submit their Office 365 email and password to proceed. This way, the malicious actors steal the unsuspecting user’s Microsoft account security credentials.
I just can’t get away from vulnerabilities in perimeter security devices. In the last couple of days, I spent a lot of time with our F5 BigIP honeypot. But looks like I have to revive the Citrix honeypot again. As of today, my F5 honeypot is getting hit by attempts to exploit two of the Citrix vulnerabilities disclosed this week . Details with proof of concept code snippets were released yesterday .
Fang Yu is CTO of fraud detection platform DataVisor. She is also a prolific writer and conference presenter and has filed over 20 patents. Fang spoke with Infosec‘s Cyber Work podcast about her work developing algorithms and building systems for identifying malicious traffic such as worms, spam, bots, fake queries and account hijacking.
Everywhere you go, you are being followed. Not by some creep in a raincoat, but by the advertisers wanting to sell you things.
Cloud services continue to be a key component of how organisations remain operational even as so much else — such as physically working in enclosed offices — is forced to change because of the COVID-19 health pandemic. Today, MariaDB Corporation, the company behind MariaDB SkySQL and one of the startups leading the charge on open source cloud databases, is announcing $25 million in funding to continue its growth.
Things just got serious.
Business Email Compromise is no longer solely the province of chancers and opportunistic Nigerian actors such as the Yahoo Boys. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it.
All too often, security in code is an afterthought. There’s a reason that bug bounties are so prevalent; as codebases get larger, testing gets harder. Add in the time constraints of a “move fast and break things” mentality and it’s no wonder so many security issues arise. The basics might be there, encrypted connections, hashed passwords, etc., but little thought is given to the possible vulnerabilities of the code behind it. In that vein, I have eight recommendations for writing secure code. I’ll be focusing on Python in this post, but these rules can generally apply to any language.
1. Testing, testing!
Ensure that tests exist for everything you code. To assist with this, there are some rules you can follow for code layout. More functions are better than fewer. Break your code up into the smallest chunks you can and make each of those a function. If the function comments are something like, “Do X, then Y,” see if you can break it in two. Ideally, write the test before the function. You know what it should do, so you should be able to write the test first. As you move forward with releases and fixes, every time you find a bug, write a test for it, that will help with regression later. And yes, this is general coding advice, but smaller functions are easier to read and follow and help to limit the number of security issues that could appear. Smaller functions can also save you time in tracking down the source of a security problem.
2. Make code readable
Along the lines of being easier to read, it’s common to want to save space and typing, but don’t do it to the detriment of readability.
Consider the following code:
for i in range(5): n = i * 2 m = 5 print(n + m)
for i in range(5): n=i*2; m=5; print(n+m)
Facebook’s top executives, CEO Mark Zuckerberg and chief operating officer Sheryl Sandberg, had a meeting on Tuesday with a coalition of civil rights groups that have organized a major advertising boycott of the company over its handling of hate speech.
Now that the sparkle and pop of the Fourth of July’s fireworks has subsided, it’s time for July’s open source vulnerabilities snapshot, your monthly overview of everything new in the always-evolving world of open source security.
Once again, we’re here to give you an overview of what’s new and what’s stayed the same in the world of open source security vulnerabilities. WhiteSource’s hard-working research team dug into the data from our database, to give you the low-down on the open source security vulnerabilities published in June, and see what’s changed since our previous overview. The extensive WhiteSource database for open source vulnerabilities continuously collects information from several resources, including the well-known National Vulnerability Database (NVD) and multiple peer-reviewed security advisories, forums, and issue trackers in the open-source and security communities.
Open Source Vulnerabilities in July: What’s New?
Over 800 new open source vulnerabilities were published in June. As open source usage becomes a common practice in software development organizations big and small and the open source community grows, the community is continuously increasing efforts to detect and remediate security issues in open source components.
The result is this high number of new open source security vulnerabilities published in July, nearly 50% of them with a fix already available. Considering the resources invested in open source security, the number of fixes will most probably rise in the upcoming weeks.
June Open source Vulnerabilities Published with a Fix
The COVID-19 Threat Intelligence Insight report was provided by AT&T Cybersecurity and the Telco Security Alliance (TSA), which observed cyberthreat activity between January and June 2020. The TSA consists of a group including Singtel (Trustwave), and Telefónica (ElevenPaths), and aims to offer enterprises comprehensive cybersecurity insights to help them address the threat of cyberattacks and the evolving threat landscape.
As we never tire of saying, fairy tales are thinly veiled reports on information security. And it wasn’t only the European storytellers who tried to warn their descendants about cyberthreats — they were equally prescient in the East. For example, Scheherazade, the protagonist of the classic 1001 Nights, kept what can only be described as a daily infosec blog with video podcasts. True, he had an ulterior motive for doing so …
Cloudy with a probability of a breach
Wed, 07/08/2020 – 11:16
A new report has revealed the true extent of stolen account logins to be found circulating on the dark web amongst cybercriminals. The Digital Shadows Photon Research team has spent 18 months auditing criminal forums and marketplaces across the dark web and found that the number of stolen usernames and passwords in circulation has increased by 300% since 2018. There are now more than 15 billion of these stolen credentials, from 100,000 data breaches, available to cybercrime actors. Of this number, some 5 billion are said to be unique, with no repeated credential pairs. The “From Exposure to Takeover” report warns that there’s a “treasure trove of account details” available in cybercrime markets. The 15 billion stolen account logins include credentials, usernames and password pairs, for online banking, social media accounts, and music streaming services. To put it another way, that’s the equivalent of two sets of account logins for every man, woman, and child on the planet.
2020 Cool Vendor Plans Expansion of Cloud Security Posture Management Solutions
Today we are going to solve another boot2root challenge called “eLection: 1”. It’s available at Vulnhub for penetration testing. This is a mid-level lab based on the CMS “eLection”. There are several methods (easy and medium) to access the server. The merit of doing this lab is Love’s. Let’s start and learn how to successfully break it down with an easy way first.
According to a report by Digital Shadows Photon Research Team, there is at present 15 billion usernames and passwords for sale on the dark web. This is as a result of 100,000 different data breaches that have taken place over the course of the last two years; that is, a 300% increase in stolen credentials. Providing access to bank accounts, streaming as well as other internet services, these credentials are sometimes offered for free by bad actors or charge an average of $15.43.
Global Managed Detection and Response (MDR) Service Market Revenue Analysis by 2025. Post author By anita … Arctic Wolf Networks Booz Allen …
Trustwave, an MSSP focused on threat detection and response, has … resale, referrals or integration into the partner's own service offerings,” she said.