Latest

Application Security

Can Evidence Collected by Cellebrite's Tools Be Trusted?

Anna Delaney  •  May 7, 2021

The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.

Endpoint Security

Intel, AMD Dispute Findings on Chip Vulnerabilities

Doug Olenick  •  May 6, 2021

Intel and AMD are disputing the findings of researchers from two universities who say they've discovered new attacks on Intel and AMD processors that can bypass most of the defenses put in place earlier for similar "Spectre" and "Meltdown" attacks.

Cloud Security

Mitigating the Risks of Malicious OAuth Apps

Prajeet Nair  •  May 6, 2021

Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint.

Governance & Risk Management

Exim Patches 21 Flaws in Message Transfer Agent

Akshaya Asokan  •  May 6, 2021

Exim, one of the most-used message transfer agents, has issued patches for 21 flaws that could put thousands of users at risk of attacks, researchers at security firm Qualys say.

Governance & Risk Management

PHP Composer Flaw That Could Affect Millions of Sites Patched

Prajeet Nair  •  May 5, 2021

A patch has been issued for a serious vulnerability that affects PHP Composer - a tool used to manage and install software dependencies in the PHP ecosystem. Security researchers at SonarSource say the flaw could put millions of websites at risk.

Fraud Management & Cybercrime

Ransomware Hits Australian Telecom Provider Telstra’s Partner

Akshaya Asokan  •  May 5, 2021

A ransomware gang claims to have stolen SIM card data and banking information in an attack on Schepisi Communications, a service provider to Australian telecommunications company Telstra, a local news outlet reports.

►

Business Continuity Management / Disaster Recovery

Ransomware: Reducing the Risk to Universities

Anna Delaney  •  May 4, 2021

In light of the surge in ransomware attacks against universities, institutions need to make asset management a much higher priority, removing obsolete systems and upgrading essential systems to the latest version to avoid exploits of unpatched vulnerabilities, says Matthew Trump of the University of London.

Governance & Risk Management

Pulse Secure VPN Zero-Day Flaw Patched

Scott Ferguson  •  May 3, 2021

Ivanti, parent company of Pulse Secure, published a permanent fix Monday for a zero-day vulnerability in Pulse Connect Secure VPN products that has been exploited to target U.S. government agencies, critical infrastructure providers and other companies over the last several weeks.

►

Fraud Management & Cybercrime

Vulnerability Management: Essential Components

Suparna Goswami  •  May 3, 2021

Effective vulnerability management requires more frequent scanning of infrastructure, says Steve Yurich, CISO at Penn National Insurance, who explains his organization's approach.

Fraud Management & Cybercrime

Buer Dropper Malware Updated Using Rust

Doug Olenick  •  May 3, 2021

Attackers are using a freshly updated variant of the Buer first-stage malware loader rewritten in the Rust programming language to help evade detection, Proofpoint reports.

3rd Party Risk Management

NSA Offers OT Security Guidance in Wake of SolarWinds Attack

Akshaya Asokan  •  May 1, 2021

The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.

►

Fraud Management & Cybercrime

ISMG Editors’ Panel: Cyber Extortion and More

Anna Delaney  •  April 30, 2021

Four editors at Information Security Media Group discuss timely issues, including how the zero-day attacks against Accellion File Transfer Appliance users have rewritten the rules of the cyber extortion game and former federal CISO Gregory Touhill taking on an important new role.