Apple to Start Enforcing New App Privacy Notifications
Apple announced it will start enforcing a new privacy notification rule that digital advertising firms such as Facebook have warned will hurt their profits. According to a Reuters report, the notices will be mandatory when its iOS 14.5 operating system becomes available. The notices will require an app developer to ask a user's permission before the app can track activity across companies' apps and websites.
New Report Reveals Collaboration Platform Security Risks
According to a new report, communication platforms have allowed attackers to circumvent perimeter security controls and maximize infection capabilities. Over the past year, adversaries are increasingly relying on these platforms as part of the infection process.
Threat Actors Targeted Slack and Discord as the Pandemic Raged On
Researchers on Wednesday reported that as the pandemic continued this past year, threat actors adjusted to employee reliance on new communications technologies such as Slack and Discord and launched targeted malware attacks on those platforms.
Solarwinds Was A Dangerous Precedent – How Can the Supply Chain Be Secured?
Gregory Cardiet, our Sr. Director of security engineering, discusses how the latest SolarWinds incident has served as a wake up call for organizations to be vigilant against supply chain attacks.
Attackers Blowing Up Discord, Slack with Malware
Workflow and collaboration tools like Slack and Discord have been infiltrated by threat actors, who are abusing their legitimate functions to evade security and deliver info-stealers, remote-access trojans (RATs) and other malware.
Rethinking Cyberattack Response: Prevention & Preparedness
Our CEO, Hitesh Sheth, says that SolarWinds should be remembered as a trigger for companies to improve their security posture and be prepared for that inevitable breach. He believes that the current state of cybersecurity incident response needs to change from focusing on prevention to instead focus on preparedness.
Facebook User Data Exposed Again; 533 Million Accounts Affected
More than a half-billion Facebook users had their personal information leaked in the latest reported breach that has brought attention back to the social media giant's poor record of protecting users' data and privacy.
All Eyes on PCAP: The Gold Standard of Traffic Analysis
PCAP, or full packet data capture for analysis, does what it says – it captures the entirety of every packet that comprises the network traffic (both metadata and content). If something happens on the network, PCAP knows about it. Whether it is malware moving data around, or staff arranging a private party, it can be captured and then analyzed.
Leveraging usage patterns and behaviors to protect Office 365
Account takeover in Office365 is said to become the largest security threat in the cloud. Vectra acknowledges this and in an interview with Security MEA, Ammar Enaya, regional director – Middle East, Turkey & North Africa (METNA) at Vectra AI elaborates some of the key points related to cyber-attacks and Office 365.
CISA Releases Supplemental Direction On Emergency Directive for Microsoft Exchange Server
CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies to run newly developed tools —Microsoft’s Test-ProxyLogon.ps1 script and Safety Scanner MSER—to investigate whether their Microsoft Exchange Servers have been compromised.
CISA Orders Action Against Exchange Vulnerabilities
Underscoring the continued potential threat from the recently discovered exploitation of vulnerabilities in Microsoft Exchange Servers, the Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to take a number of actions to shore up security, including immediately scanning the servers for malware.
Enterprises Remain Riddled With Overprivileged Users -- and Attackers Know It
Recent breaches have underscored the dangers of overprivileged user accounts and software processes, highlighting the need for companies to discover and mitigate the privileged accounts that could be used by attackers to further compromise important systems and applications.
7 Security Strategies as Employees Return to the Office
More sooner than later, employees will be making their way back to the office. Here's how security pros can plan for the next new normal.
CISA Encourages Everyone to Follow Updated Guidance for Microsoft Exchange Fixes
CISA encourages all organizations to fix Microsoft Exchange vulnerabilities in the wake of massive exploitation campaigns targeting the software. Tim Wade from Vectra discusses how CISA has instructed organizations with insufficient cybersecurity expertise to fully disconnect their on-premises Exchange infrastructure instructions for rebuilding and reprovisioning are provided.
CISA Orders Agencies to Recheck for Exchange Compromises
The Cybersecurity and Infrastructure Security Agency is ordering federal executive branch agencies to rescan and recheck their networks by Monday for any signs of compromise related to unpatched vulnerabilities in on-premises Microsoft Exchange email servers. In addition, the agencies have until June 28 to implement CISA's recommended steps to harden their infrastructure against attacks.
SolarWinds Attackers Accessed DHS Emails, Report
Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary’s emails, among others. The SolarWinds cyberattackers compromised the head of the Department of Homeland Security (DHS) under former president Trump and other top-ranking members of the department’s cybersecurity staff, according to a report.
SolarWinds Attackers Accessed DHS Secretary’s Emails — Report
Suspected Russian hackers managed to access the emails of Donald Trump’s last Department of Homeland Security (DHS) chief, in an intelligence coup for the Kremlin, according to a new report. Email accounts belonging to then-acting secretary Chad Wolf were reportedly compromised by attackers during the months-long campaign, although it’s not clear what information was taken. Email accounts belonging to cybersecurity staff whose job it was to tackle foreign cyber-threats were also apparently affected.
SolarWinds Hackers Reportedly Gained Access to Emails of Top Homeland Security Officials
The latest confirmed victim in the now infamous SolarWinds Worldwide hack is reported to be the U.S. Department of Homeland Security, as email accounts belonging to the then-DHS head and cybersecurity staff were breached.
Pair of Apex Legends Players Banned for DDoS Server Attacks
Two high-ranked Apex Legends players have been banned from the platform for cheating by launching distributed denial-of-service (DDoS) attacks on an Xbox server. The players, who had achieved the rank of “Apex Predators” in the console version of the game haven’t been named, but the whole thing went down publicly on Reddit’s r/apexlegends forum over the weekend.
Suspected Russian Hackers Gained Access to US Homeland Security Emails
Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of homeland security (DHS) and members of cybersecurity staff whose jobs included hunting threats from foreign countries, the Associated Press (AP) has learned.
Cybersécurité : le piratage massif des boites email, une vraie «grenade dégoupillée»
Les failles de sécurité Proxylogon, qui touchent les serveurs de Microsoft Exchange, ont ouvert la voie à des cyberattaques ciblées, telles que le spear phishing ou le déploiement de rançongiciels, malgré le correctif de sécurité apporté en urgence. Entreprises et collectivités locales restent très vulnérables.
Slack Removes Message Invites in DM Feature Over Harassment Concerns
Slack rolled out a new cross-organizational direct messaging feature, and hours later disabled the option to send a message alongside an invite due to concerns that the feature could be used to send abusive messages or enable harassment. Our CTO, Oliver Tavakoli, shares his thoughts.
Slack Partially Rolls Back New Direct-Messaging Service Over Harassment Concerns
Messaging platform provider Slack Technologies Inc. has partially rolled back a new direct-message feature hours after launching it due to concerns that it could be used for harassment. Oliver Tavakoli, our CTO, shared that when a collaboration platform adds features which extend beyond a single organization’s boundary, a complex set of issues inevitably arises.
New Slack Connect DM Feature Raises Security Concerns
Business communications platform Slack rushed to take action on Wednesday after customers raised security-related concerns regarding a new feature that allows users to send direct messages to any other Slack user.
6 Tips for Limiting Damage from Third-Party Attacks
The ability to protect your organization from third-party attacks will become increasingly critical as attackers try to maximize the effectiveness of their malicious campaigns.