RSS Reader for Computer Security Articles
Credit to Author: Bob Violino, Valerie Potter| Date: Tue, 03 May 2022 03:00:00 -0700
Unified endpoint management (UEM) is a strategic IT approach that consolidates how enterprises secure and manage an array of deployed devices including phones, tablets, PCs, and even IoT devices.
To read this article in full, please click here
(Insider Story)
Read More
Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000
When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.
Read MoreCredit to Author: Katie McCafferty| Date: Tue, 26 Apr 2022 16:00:00 +0000
Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.
The post Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn appeared first on Microsoft Security Blog.
Read More
Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000
KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.
Read MoreCredit to Author: Christopher Boyd| Date: Thu, 21 Apr 2022 11:53:08 +0000
A US appeals court has ruled that scraping public data is legal. We look at some of the arguments for and against.
The post It’s legal to scrape public data—US appeals court appeared first on Malwarebytes Labs.
Read More
Credit to Author: BrianKrebs| Date: Mon, 18 Apr 2022 20:41:08 +0000
Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under the name “Ryuk.”
Read More
Credit to Author: Susan Bradley| Date: Mon, 18 Apr 2022 08:54:00 -0700
We often think vendors are perfect. They have backups. They have redundancy. They have experts that know exactly how to deploy solutions without fail. And then we see they aren’t any better than we are.
Let’s look at a few recent examples.
In the small to mid-sized business (SMB) space, StorageCraft has long been a trusted backup software vendor. One of the first to make image backups easy to do, it was used and recommended by many managed service providers. After StorageCraft was acquired by Arcserve in March 2021, there were no immediate major changes in how the company ran.
Credit to Author: Greg Lambert| Date: Fri, 15 Apr 2022 10:40:00 -0700
This week’s Patch Tuesday release was huge, diverse, risky, and urgent, with late update arrivals for Microsoft browsers (CVE-2022-1364) and two zero-day vulnerabilities affecting Windows (CVE-2022-26809 and CVE-2022-24500). Fortunately, Microsoft has not released any patches for Microsoft Exchange, but this month we do have to deal with more Adobe (PDF) printing related vulnerabilities and associated testing efforts. We have added the Windows and Adobe updates to our “Patch Now” schedule, and will be watching closely to see what happens with any further Microsoft Office updates.