Author: nlqip
Ross Anderson Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can’t remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. (Okay,…
Read More
Video Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a result 29 Mar 2024 Remote Desktop Protocol (RDP) turned out to be a lifeline for organizations around the world during the mass shift to remote…
Read More
In a digital era where cyber threats lurk behind every click, Endpoint Detection and Response (EDR) has become the guardian of enterprise security perimeters. As businesses increasingly rely on technology, the need for robust endpoint security measures grows exponentially. This comprehensive overview will delve into the intricate world of EDR, offering clarity on a topic…
Read More
Mar 30, 2024NewsroomMalware / Cryptocurrency Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims’ Macs, but operate with the end goal of stealing sensitive data, Jamf…
Read More
Mar 30, 2024NewsroomLinux / Supply Chain Attack RedHat on Friday released an “urgent security alert” warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-033 DATE(S) ISSUED: 03/29/2024 OVERVIEW: A vulnerability has been discovered in XZ Utils that could allow for remote code execution. XZ is a general-purpose data compression format present in nearly every Linux distribution, both community projects and commercial product distributions. Successful exploitation of this vulnerability could allow for remote code execution in…
Read MoreFriday Squid Blogging: The Geopolitics of Eating Squid New York Times op-ed on the Chinese dominance of the squid industry: China’s domination in seafood has raised deep concerns among American fishermen, policymakers and human rights activists. They warn that China is expanding its maritime reach in ways that are putting domestic fishermen around the world…
Read MoreCISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems. CISA recommends developers and users…
Read More
Mar 29, 2024NewsroomReverse Engineering / RFID Security Security vulnerabilities discovered in Dormakaba’s Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana.…
Read More
Mar 29, 2024NewsroomNetwork Security / IoT Security A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless. “TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries…
Read More