Security News

Discuss the latest breaches and security news

  • 189 Topics
  • 183 Replies

189 Topics

Nic-Automox
Nic-AutomoxPro
posted in Security News

About the Security News category

Discuss the latest breaches and vulnerabilities

0
Nic-Automox
2 years ago
jaldeguer
jaldeguerRookie
asked in Security News

How does Automox mitigate supply chain attacks?

How do you prevent the downstream damage to my endpoints if you guys get hacked? What happened to Kaseya, where hackers exploited their VSA platform to deliver ransomware to MSP customers, was quite a nightmare event.  

1
B
7 hours ago
Afonso_Alves_31
Afonso_Alves_31Pro
asked in Security News

multiple Azure IdP subscriptions

Is there any article or internal guidance regarding multiple Azure IdP subscriptions?Is there a limit? What’s the best practice and the limit for connecting multiple IdP subscriptions?

1
K
6 days ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (April 5th, 2022)News

Happy Tuesday, everybody! While we all recover from another Monday that seemed to have too many hours somehow, let’s talk about a couple of security stories:State Department Announces Bureau of Cyberspace and Digital Policy -- Well, how do you do? This seems pretty important! From the article: “The new cybersecurity bureau reflects the growing importance of cybersecurity in national policy, economy, and defense. The CDP bureau includes three policy units: International Cyberspace Security, International Information and Communications Policy, and Digital Freedom, says the State Department.” I think this is a great step, since our previous “administration” did away with some high-ranking positions in cybersecurity.Germany takes down Hydra, world's largest darknet market -- I have to be honest here: on first glance, I figured this was something to do with “the Marvel universe”. In spite of that, I kept reading, as it was super interesting. From the article: “The servers of Hydra Market, t

170
A
1 month ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (March 29th, 2022)News

Hey, y’all - happy Tuesday! While we were all busy being distracted by ridiculous people on awards shows, there was a lot going on around us. Let’s check out a few stories from world of security news.. CISA warns of attacks targeting Internet-connected UPS devices -- Oh man, that’s an infuriating one. Stay out of my power supply, jerks! I guess some organizations use this for management of the device over the internet, but...it’s just a power supply. If that’s not necessary, go disconnect that thing’s network cable. From the article: “Recommended mitigation measures include finding all UPSs and other emergency power systems on orgs' networks and ensuring they're not reachable over the Internet.” Shutterfly discloses data breach after Conti ransomware attack -- Image provider Shutterfly disclosed this week a ransomware that led to a data breach back in December. That’s bad for folks who work there or use the service, so be sure to update your creds and keep an eye on your credit report/

110
A
1 month ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (March 22nd, 2022)News

Happy Tuesday, y’all - and now it’s over because we’re talking about Russia today! Mainly, because I think it’s important to get some eyebrows raised before it’s too late. (<--fun fact: that’s the scariest book I’ve ever read!) Hackers/APTs associated with Russian IPs/groups have already been scanning the networks of US-based companies in the energy, finance, and defense sectors, prompting President Biden to issue his recent warning to American businesses. PLEASE TAKE THIS SERIOUSLY. For a great perspective on all this (and a quick read), check out this blog from our Director of InfoSec/Research.Let’s get diligent, y’all!

140
A
1 month ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (March 15th, 2022)News

Happy Ides of March, y’all! I guess that’s a bit of an oxymoron, but it’s fine. While we were all eating sandwiches and pretending to work but looking at houses online, a lot of serious security stories broke. As you can suspect, a lot of them have to do with the Russia/Ukraine stuff.  Thousands of Secret Keys Found in Leaked Samsung Source CodeOOF. From the article: “The firm’s researchers have yet to determine how many of the exposed keys are valid. However, their analysis showed that 90% are likely associated with internal systems and “can be more challenging for an attacker to use.” On the other hand, the remaining keys — roughly 600 of them — can grant attackers access to a wide range of systems and services.” About 10% of those keys are for external services too, like GitHub and AWS. YikesGerman government advises against using Kaspersky antivirusWell, this is pretty similar to some former warnings about Kaspersky and it’s no surprise. Founder/CEO Eugene Kaspersky raised some ire

80
A
2 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (March 8th, 2022)News

Hi, everybody - and Happy International Women’s Day! As someone who was #RaisedByLadies, this one’s near and dear to my heart. I think Adam “MCA” Yauch said it best, way back when I was in high school: “I want to say a little something that's long overdueThe disrespect to women has got to be throughTo all the mothers and the sisters and the wives and friendsI want to offer my love and respect to the end”  - “Sure Shot”, 1994  On to some security news!Zero-Click Flaws in Widely Used UPS Devices Threaten Critical InfrastructureFrom the article: “Three critical security vulnerabilities in widely used smart uninterruptible power supply (UPS) devices could allow for remote takeover, meaning that malicious actors could cause business disruptions, data loss and even physical harm to critical infrastructure, researchers have found.” The words “critical infrastructure” are sadly gonna be the summer hit of 2022, I’ve got $5 on it.Google: Chinese hackers target Gmail users affiliated with US govt

40
A
2 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (March 1st, 2022)News

Wait, it’s already March!?Happy Tuesday, y’all. As I type this, there is a lot going on that we could talk about, obviously. But let’s keep it “light” and just talk about a few stories that were in the news this week. Yes, we’ll have to mention Russia. But the good news is, I’ve been given approval by the Automox Party Department® to allow you all to start a drinking game based around those mentions. If it’s past noon and you see me mention “Russia”, do what you will. :)NVIDIA confirms data was stolen in recent cyberattackGraphics card giant NVIDIA has confirmed “a cybersecurity incident which impacted IT resources.”, from back in November. The threat actor compromised the NVIDIA network and stole employee credentials/proprietary information. The company noted that the incident isn’t expected to disrupt its business.Microsoft Accounts Targeted by Russian-Themed Credential HarvestingHey, everyone take a drink! Anyways, phishing emails to MS users warning of Russian-led account hacking h

160
A
2 months ago
A
Anonymous
published in Security News

AX Weekly Security Wrap-Up (February 22nd, 2022)News

It’s Twosday!Hooooooo-wee! Now that the internet is back, I guess we’ll just talk about this AWS/Slack/etc. outage today, huh? Is it a coincidence that it’s happening on Tuesday, 2/22/22?? The conspiracy theorist in me sure doesn’t think so, but the numerologist in me is finishing up a sandwich and can’t currently be bothered. Either way, pretty rough morning for some folks out there.Our own AX Systems team shared a handy graphic with us earlier, showing various sites/services that were likely impacted. Check it out: Woof.It sounds like more CDN issues, but that’s not much comfort because you know what everybody loves? Content. So if you’re currently waiting for the cloud to come back before you can shop at Walmart or ride your stationary bike, I’d just like to ask you to pause and take a look at the future you’re living in right now. Regardless of what you see on the news, it can be pretty amazing. Now go get on your real bike and start pedaling for Walmart. We’ll get back to our regu

40
A
2 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (February 15th, 2022)News

Happy Tuesday, folks! This week we’ll bite the bullet and finally have to discuss Russia vs. Ukraine, as some new things have like, come to light, man. But first...I refuse to be denied the opportunity to type “squirrelwaffle” on the internet, so let’s start there: Squirrelwaffle, Microsoft Exchange Server vulnerabilities exploited for financial fraudFinancial fraud is [almost] never a laughing matter, and leaving servers unpatched for years is even worse, and this story has both. “Squirrelwaffle” is basically just a malicious document (“MalDoc”) that gets downloaded and runs a script that just downloads payloads in a loop. From the article, “The combination of Squirrelwaffle, ProxyLogon, and ProxyShell against Microsoft Exchange Servers is being used to conduct financial fraud through email hijacking.” IF ONLY THERE WERE SOME WAY TO AUTOMATE PATCHING. Ukrainian military agencies, banks hit by DDoS attacks, defacementsWelp...here it comes. From the article: “Starting from the afternoon

70
A
3 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (February 8th, 2022)News

Happy Patch Tuesday, y’all! Don’t forget to head over to the AX Patch Tuesday Rapid Response Center for everything you need to stay up to date. This month is pretty light, but as soon as I typed that, there were onehunnerdbillion* infections due to unpatched systems.*Possible exaggeration IRS to End Use of Facial Recognition to Identify TaxpayersIt’s about d*ng time, y’all! I’m tired of constantly getting asked to pay Kevin Smith’s taxes. All joking aside, an IRS commissioner is quoting in the article as saying, “Everyone should feel comfortable with how their personal information is secured, and we are quickly pursuing short-term options that do not involve facial recognition.” [CLAPPING.GIF] ExpressVPN offering $100,000 to first person who hacks its serversWhoa. Welp, as secure as TrustedServer is, this is a pretty big flag to plant in the ground. From the article, “The bug bounty program is run through BugCrowd, which offers a safe harbor for researchers who attempt to breach Expres

130
A
3 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (February 1st, 2022)News

Domo arigato, I’m using Roboto!Hi, y’all! Another Tuesday is upon us, and I can’t help but feel adrift in a sea of scary cyber security stories and sibilant “s”s. What? There’s a lot of stories to cover this week, but we’re not going to talk about Ukraine vs. Russia, so that should free up a ton of space. Here’s a couple of good ones:FBI urges temporary phones for Olympic athletesWell...yeah. Look, there’s really no way to talk about China and cybersecurity and/or the Olympics without it turning political. In lieu of that, let’s focus on the tech: everyone attending the Olympics in China will be required to download the Olympics app for COVID tracking, apparently among other things. You can imagine the security risks of running that app on your device, but don’t worry, because “China dismissed the concerns.” 277,000 routers exposed to Eternal Silence attacks via UPnP Dang, y’all! If you’re not familiar with Universal Plug and Play, you’re better off: “UPnP is a connectivity protocol op

90
A
3 months ago
A
Anonymous
asked in Security News

QUESTION: How do you find out about the most relevant security news?

Politely, though!Hi, y’all - Chad here. We thought we’d take a minute today to throw out a question. Every week, we post our Security News Wrap-Up from sources we know and trust, but there’s a lot going on in the CyberWorld and we no doubt could miss stories here and there. While we rely on a few tried and true various publications, the more sources we can well, source, the better! Let us know - unless the “source” you trust is just your friend Shawn down in Florida who “works on computers” - let’s keep this sophisticated. So we’d like to ask: where do you get your security news?

0
A
3 months ago
A
Anonymous
published in Security News

Security Wrap-Up (January 25th, 2022)News

Happy Tuesday, y’all! While we’ve all been busy this week debating the merit of single-possession overtime in organized ball sports (the correct answer is: “it’s stupid; fix it”), quite a few interesting things have been going on in the security world. I guess that’s becoming standard, but there were reports of some pretty newsworthy stories that I didn’t see on either the 7am, 10am, Noon, 4pm, 5pm, 6pm, or 10pm news - and as a middle-aged white dude, I watch them all!So here are a few stories that seemed worthy of mention this week, at least by me:Google Drive now warns you of suspicious phishing, malware docsToday in “Lol, it’s about time”-news...Google has announced that Drive will finally start showing warnings about malicious files that are shared with your account. From the article: "Google will automatically evaluate any files that are shared with you from outside of your organization for phishing or malware. If detected, Google will block your access to the file in order to pro

90
A
3 months ago
A
Anonymous
published in Security News

Security Wrap-Up (January 18th, 2022)News

Happy Tuesday, folks! It’s Tuesday, right? We had a long weekend in recognition of MLK Day here in the states, so I’m a little out of sorts. There are plenty of security stories to talk about this week, from the more-than-mildly-annoying to the downright scary. But we’re focusing on one story this week, because of its ability to be both annoying and terrifying. Yeehaw, Tuesdays!  How Brainjacking Became a New Cybersecurity Risk in Health Care How about no, Science!? I know you’re currently screaming internally “What the h*ck is brainjacking anyway!?”, so from the article: “Brainjacking is a kind of cyberattack in which a hacker obtains unauthorized access to neural implants in a human body.” That’s pretty bonkers. And cool. And terrifying. But, research has shown the possibility/feasibility of it, in scientific ways! A recent article titled Brainjacking: Implant Security Issues in Invasive Neuromodulation has such scary initiatives as “...illustrate the potential severity of this risk,

140
A
3 months ago
DavidRies
DavidRiesRookie
posted in Security News

Log4Shell / Log4J Detection Scripts

Hi Everyone,Some of my Arctic Wolf customers and colleagues asked me to post here and share our Log4Shell vulnerability detections scripts with the Automox community:GitHub: https://github.com/rtkwlf/wolf-tools/tree/main/log4shell Windows PowerShell: https://github.com/rtkwlf/wolf-tools/blob/main/log4shell/log4shell_deep_scan.ps1 Linux/macOS sh: https://github.com/rtkwlf/wolf-tools/blob/main/log4shell/log4shell_deep_scan.shThe Arctic Wolf Log4Shell Deep Scan is designed to detect Java application packages subject to CVE-2021-44228 and CVE-2021-45046. The scripts search the system for Java applications that contain the Log4J class JndiLookup.class which is the source of the Log4Shell vulnerabilities. If this class is found within an application, the script looks for updates to Log4J that indicate the application has been updated to use Log4J 2.16+ or Log4J 2.12.2+. If the application contains JndiLookup.class but does not appear to have been updated, the application is vulnerable. If yo

2
A
3 months ago
A
Anonymous
published in Security News

Security Wrap-Up (January 11th, 2022)News

 Hi, everybody! On this Wednesday after #PatchTuesday, I thought we’d cover a few stories that have been swirling around the weblogosphere this week. Here we are, what - twelve days into 2022 and we’re already seeing warnings from the gov’t, mass outages, and I just finished up Ted Lasso but now….what, I just have to wait for more episodes to get made?? This is not the future I signed up for, y’all. Let’s check out some stories: Europol Ordered to Delete Data of Individuals With No Proven Links to CrimesI think the headline there tells the story, but yup - pretty awesome win for personal privacy in the EU! From the article: “Datasets older than six months that have not undergone this Data Subject Categorisation must be erased," the European Data Protection Supervisor said in a press statement. "This means that Europol will no longer be permitted to retain data about people who have not been linked to a crime or a criminal activity for long periods with no set deadline.” I hope you’re p

100
A
4 months ago
EricF-Automox
EricF-AutomoxAutomox Employee
posted in Security News

Video: Apache Log4j and the Log4Shell Vulnerability

Interested in learning more about Apache Log4j and the Log4Shell vulnerability? Automox just posted a video where we review Log4j and how it is used, and the timeline of events of the Log4Shell vulnerability and how it works. We also, of course, provide detailed instructions on how to remediate the vulnerability.Apache Log4j and the Log4Shell Vulnerability 

0
EricF-Automox
4 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (January 5th, 2022)News

Happy midweek, y’all! I’m just getting back from my first week off in about a decade, and I may have forgotten how to use 2/3 of the apps we use every day here at AX. Has anyone seen my Post-It® full of passwords? Sigh, this is a disaster. Speaking of disasters…Unfortunately, the cybersecurity world didn’t stop being scary in my absence. Rather than try to go back to everything I missed, let’s just talk about a couple of this week’s big stories.  The jerk store called... Okay, as offensive as that attack was, I don’t have time to rant about it. Instead:iOS malware can fake iPhone shut downs to snoop on camera, microphoneI’m already pretty paranoid about mobile devices and there are some specific tools that I use on every device I own. That being said, there’s just really no end to the layers required for good cyber-hygiene these days. While you shouldn’t assume your mic and camera aren’t already spying on you, this is a pretty nasty piece of malware. All you iOS users who download apps

50
A
4 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (December 14th, 2021)News

 Happy Tuesday, folks - Chad here. Yup, I’ll just shut up now, and we can start screaming about Log4j. There are obviously other stories in security news this week, but man...never mind those for today. Let’s get the obvious part for Admins out of the way:Sigh, yup!That pretty much sums up how most of my friends in Security feel this week. So now that we’re all laughing instead of crying, it’s alphabet soup time, I guess: WTAH*eck is Log4j? Well, if you haven’t read by now, here’s a TL;DR: Log4j is an open-source Java library from Apache. It’s been downloaded ~500k times from GitHub and is pretty widely-used for things like event logging in applications. Among other things. It’s already being exploited, and could get pretty wild if not widely remediated ASAFrigginP. @Brittany  recently posted a thread that contains a “quick fix” worklet, so be sure to check that out. “10 out of 10” is like, pretty bad, y’all. Even the government has taken quick action. I mean, read that last sentence a

300
A
5 months ago
A
Anonymous
published in Security News

Security Wrap-Up (December 7th, 2021)News

Hi, everybody - Chad here. Happy Wednesday morning! Well, unless you’ve recently been victimized by worldly, ultra-sophisticated cybercriminals. Couple of pretty scary stories in the news this week, especially if you still get all itchy in the scalp when you hear “SolarWinds”. Let’s go see.. SolarWinds Attackers Spotted Using New Tactics, MalwareWell, it’s been a year, so these jerks are back. But this time, they’re getting creative - one newtechnique researchers observed the group using in the attacks is the abuse of repeated MFA push notifications to gain access to corporate accounts, according to the article. Most MFA providers send users a push notification or a phone call where they then enter a code/press a key as a second factor to authenticate access to an account.From the article: “Using a valid username and password combination, the researchers said that the attackers issued multiple MFA requests to an end user’s legitimate device until the target accepted the authentication.

110
A
5 months ago
EricF-Automox
EricF-AutomoxAutomox Employee
posted in Security News

New Blog: Who’s Minding the Store? How to Protect Against Cybersecurity Threats This Holiday Season

We are into the 2021 Holiday Season. Beginning with Thanksgiving, millions of people take time off from their jobs and schools to spend time with relatives, eat lots of good food, watch "Miracle on 34th Street" on repeat, and shop Black Friday deals.Unfortunately, the holidays have become a magical time for hackers and cybercriminals, too.Be sure to read our blog “Who’s Minding the Store? How to Protect Against Cybersecurity Threats This Holiday Season.” Included is a list of best practices and recommendations for organizations to follow to help address the risk posed by all cyber threats, including ransomware during the holidays. 

0
EricF-Automox
5 months ago
EricF-Automox
EricF-AutomoxAutomox Employee
posted in Security News

The Best Practices in Out-of-Band Patch Management

Want to lean about best practices for managing out-of-band vulnerabilities through cloud-native patch management and endpoint management? Be sure to join Marina Liang, Senior Security Engineer from Automox as she gives you all the details in this informative video. The Best Practices in Out-of-Band Patch Management - YouTube

0
EricF-Automox
5 months ago
A
Anonymous
published in Security News

Weekly Security Wrap-Up (December 1st, 2021)News

Fancy graphics with captions!Happy Wednesday, y’all - Chad here. I hope everyone had a good Thanksgiving and enjoyed the break. We’re trying to get back on schedule with our regular posts, so in that vein, here’s your weekly Security Wrap-up. There were too many stories to post this week (yay Holidays!), so here’s a couple to check out.  IKEA Hit by Email Reply-Chain CyberattackA Black Friday, indeed! According to the story, “The phishing emails were coming from internal IKEA email addresses, as well as from the systems compromised at the company’s suppliers and partners.” Stop thinking about Liz and Criss failing the IKEA test for just a second and put yourself in their employees’ shoes: valid emails from real coworkers and external contacts were suddenly malicious! I’m not sure how you could ever trust your email again. This one’s frustrating because email’s just such a good invention, you know? I’m sure some of you don’t know a life without it, but I sure do. Here’s a quick selfie o

130
A
5 months ago

Badge winners

  • Conversation Starter
    sparrowhawkhas earned the badge Conversation Starter
  • Conversation Starter
    jaldeguerhas earned the badge Conversation Starter
  • Conversation Starter
    nansarihas earned the badge Conversation Starter
  • Conversation Starter
    SW1has earned the badge Conversation Starter
  • Conversation Starter
    ValB-Automoxhas earned the badge Conversation Starter
Show all badges
Terms & ConditionsCookie settings