Archive for October, 2020

6 Ways Passwords Fail Basic Security Tests

New data shows humans still struggle with password creation and management.
Source: DarkReading
6 Ways Passwords Fail Basic Security Tests

Rethinking Security for the Next Normal — Under Pressure

By making a commitment to a unified approach to security, then doing what’s necessary to operationalize it, organizations can establish a better security model for the next normal.
Source: DarkReading
Rethinking Security for the Next Normal — Under Pressure

UK Recruiting Youths for "Digital Army"

UK Recruiting Youths for “Digital Army”

An urban regeneration project is seeking to train a “digital army” of young people to protect the United Kingdom’s businesses and organizations from cyber-attackers. 



The HALO project is seeking to recruit people aged 16-24 under its #RockStars program and train them “in the latest digital and cyber skills and techniques” from a new site in Kilmarnock, Scotland. 



Training will commence in May next year, and young people that complete the program will earn a HALO-accredited qualification to support future employment opportunities in the tech and cybersecurity industries.



On-site learning will take place at The HALO Kilmarnock’s Enterprise and Innovation Hub, which is currently being constructed on a 23-acre site that was formerly the home of internationally renowned Scotch whisky maker Johnnie Walker. Regeneration of the brownfield site came with a price tag of £63m.



A spokesperson for The HALO Kilmarnock said: “A 200-strong ‘digital army’ of young people will be established at The HALO Kilmarnock when it opens its doors in May 2021 following the commitment of £1.5 million of funding by the UK Government under its Kickstart Scheme.”



The decision to open the scheme to 200 people is a nod to 2020’s being the year that Johnnie Walker celebrates its 200th anniversary. 



The HALO has appointed Business Resilience International Management, founded by Mandy Haeburn-Little, former CEO of the Scottish Business Resilience Centre, to design the HALO cyber-course. 



Under the scheme, all the members of the “digital army” will be paid for a minimum of 25 hours per week. The plan is that after six months of e-learning and on-site training, the recruits will enter a six-month work placement. 



“These placements are expected to be with a range of different companies, from The HALO’s corporate partners, such as ScottishPower, Barclays PLC and Anderson Strathern, to start-up companies based at The HALO and beyond. It is hoped that these work placements will, in time, become full-time opportunities,” said a spokesperson for The HALO Kilmarnock.



Recruits may potentially be housed within a number of The HALO’s 210 net-zero-carbon-emission smart homes that will be built in the second phase of the Kilmarnock project’s development.


Source: Infosecurity
UK Recruiting Youths for “Digital Army”

CVE-2020-4782

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.
Source: NIST
CVE-2020-4782

CVE-2020-4767

IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.
Source: NIST
CVE-2020-4767

CVE-2020-16257

Winston 1.5.4 devices are vulnerable to command injection via the API.
Source: NIST
CVE-2020-16257

CVE-2020-15278

Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user’s control. By abusing this exploit, it is possible to perform destructive actions within the guild the user has high privileges in. This exploit has been fixed in version 3.4.1. As a workaround, unloading the Mod module with unload mod or, disabling the massban command with command disable global massban can render this exploit not accessible. We still highly recommend updating to 3.4.1 to completely patch this issue.
Source: NIST
CVE-2020-15278

Trump Campaign Website Defaced by Unknown Attackers

Individuals behind the brief Tuesday night incident posted anti-Trump sentiments and appeared to solicit cryptocurrency.
Source: DarkReading
Trump Campaign Website Defaced by Unknown Attackers

Tracking Down the Web Trackers

Third-party Web trackers might be following your website visitors’ every step. How can new tools like Blacklight help you stop them in their tracks?
Source: DarkReading
Tracking Down the Web Trackers

Scammers "Seize" Trump Campaign Site

Scammers “Seize” Trump Campaign Site

A cyber-attack has been carried out against the campaign website of President Donald Trump a week before America’s presidential election.



Malicious hackers defaced the site’s “About” page on Tuesday with a message that spoofed the domain seizure notices deployed by the United States Department of Justice. 



After displaying the logos of the Federal Bureau of Investigation and the DOJ, the attackers announced, “This site was seized.”



The attackers then claimed to have obtained classified information about America’s 45th president by compromising devices belonging to Trump and to members of his family. Among this data was information “proving that the trump-gov is involved in the origin of the corona virus,” according to the hackers.



Visitors to the site were then informed that the attackers “have evidence that completely discredits Mr Trump as a president, proving his criminal involvement with foreign actors manipulating the 2020 elections.”



The motivation for the attack appeared to be purely financial and not an attempt to defend democracy or expose an alleged crime.



After making claims about possessing evidence, the attackers invited visitors to the site to pay money into one of two Monero cryptocurrency accounts. One digital pot was titled “Yes, share the data,” while the other was named “No, do not share the data.”



No evidence was given to back up any of the claims made by the attackers. 



Trump campaign spokesperson Tim Murtaugh said in a statement that no data had been stolen in the attack, which lasted fewer than 30 minutes.



“Earlier this evening, the Trump campaign website was defaced, and we are working with law enforcement authorities to investigate the source of the attack,” said Murtaugh on Twitter on Tuesday. 



“There was no exposure to sensitive data because none of it is actually stored on the site. The website has been restored.”



News of the hack and money-making scams follows a warning issued by the FBI on October 22 that a Russian state-sponsored APT actor, known variously as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala in open-source reporting, has targeted dozens of SLTT government networks.


Source: Infosecurity
Scammers “Seize” Trump Campaign Site