Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
Daily Archives: March 16, 2022
openvpn-2.5.6-1.fc35
FEDORA-2022-a9bd17092d
Packages in this update:
openvpn-2.5.6-1.fc35
Update description:
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.
NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.
openvpn-2.5.6-1.fc34
FEDORA-2022-7d46acce7c
Packages in this update:
openvpn-2.5.6-1.fc34
Update description:
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.
NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.
openvpn-2.5.6-1.fc36
FEDORA-2022-cb4c1146dc
Packages in this update:
openvpn-2.5.6-1.fc36
Update description:
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.
NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.
New ransomware LokiLocker bundles destructive wiping component
A new ransomware operation dubbed LokiLocker has slowly been gaining traction since August among cybercriminals, researchers warn. The malicious program uses a relatively rare code obfuscation technique and includes a file wiper component that attackers could use against non-compliant victims.
“LokiLocker is a relatively new ransomware family targeting English-speaking victims and Windows PCs. The threat was first seen in the wild in mid-August 2021,” researchers from BlackBerry’s Research & Intelligence Team said in a new report. “It shouldn’t be confused with an older ransomware family called Locky, which was notorious in 2016, or LokiBot, which is an infostealer. It shares some similarities with the LockBit ransomware (registry values, ransom note filename), but it doesn’t seem to be its direct descendant.”
Cloudflare unveils email security tools, free WAF ruleset, and API gateway
Cloudflare is bolstering its suite of web infrastructure and security offerings with a free WAF (web application firewall) managed ruleset service, a new API management gateway, and — once it closes its recently announced acquisition of Area 1 Security — a set of email tools designed to thwart phishing and malware attacks.
Cloudflare announced at the end of February that it would pay $162 million to acquire Area 1, which has developed a cloud-native security platform designed to use machine learning to detect and block phishing and malware attacks. The deal is expected to close at the beginning of the second quarter.
USN-5331-1: tcpdump vulnerabilities
It was discovered that tcpdump incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2018-16301)
It was discovered that tcpdump incorrectly handled certain captured data.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8037)
Identity Protection Service: The Best Solution to a Growing Problem
I’m about to tell you an extraordinary fact about cybercrime. Some of the most significant data breaches in internet history weren’t after bank account numbers, cryptocurrency, or even credit card numbers. They were, in fact, after YOU. That’s right, the most valuable data on the internet is the data that comprises your identity. Let’s take a look at what that data is, how it gets leveraged by cybercriminals, and how you can get the online identity monitoring you deserve.
Identity exposure in the news
1 billion is a big number. In the case of a recent CVS database leak, that’s how many user records were accidentally released online, including details like email addresses and even searches about Covid vaccines. This is just one of the dozens of breaches that have occurred recently and will continue to happen as personally, identifiable information becomes more valuable to cybercriminals. Just as remarkable as the huge volume of user data being exposed online is the speed with which compromised data is used by hackers online. Cybersecurity researchers recently discovered that cybercriminals access leaked or stolen credentials within 12 hours to exploit them as soon as possible. These circumstances beg the question, why has your personally identifiable information has become so valuable lately?
Why your Personally Identifiable Information is worth so much to criminals online
While the value of some information, like a credit card number, is obvious, you may think your name and date of birth aren’t that big of a deal. After all, it wasn’t so long ago that you could find all that information in a phone book. In fact, personally identifiable information (PII), also known as data used to identify a specific individual, is what many data breaches are after.
Armed with just a mailing address, a phone number, and a date of birth, a cybercriminal can begin constructing a fake identity to take out loans and disguise many kinds of criminal activities. With a social security number and a few personal details from a social media account, they could take over a bank account. When it comes to your PII, any information is as good as gold to cybercriminals.
Your PII may not be as safe as you think.
If our PII were treated like actual gold and held in a safe location like Fort Knox, I wouldn’t be writing this post. But in fact, it’s the currency we use to obtain many services in our connected lives. Social media sites are massive repositories of PII, and their access to our most personal details and the ability to sell it to marketers is the reason the service remains free. Free email services are the same. Now consider all the other accounts we may have created to, say, try out a streaming service for free, or even old accounts we no longer use. From that perspective, you can see how much of your data is being used by companies, may not be very well protected, and is a tempting target for cybercriminals. Fortunately, there are many things you can do to keep your identity safer online.
Learn to spot a breach and to keep your identity safer
When it comes to protecting your PII, knowledge is power. Let’s start by identifying if you’ve been the target of a data breach. Here are a few tell-tale signs:
You receive a bill for a credit card account that, though in your name, is not yours. This probably means a thief opened the account in your name.
Unfamiliar purchases on your credit card, even tiny ones (crooks often start out with small purchases, and then escalate). Challenge even a $4 purchase.
You receive a credit card or store card without having applied for one. If this happens, immediately contact the company.
Your credit report has suspicious information, like inquiries for credit that you didn’t make.
Collectors are calling you to collect payments you owe, but you owe nothing.
Be stingy when it comes to PII
Okay, now that you know the signs of a data breach, let’s look at how you can take action to protect yourself. The best way to avoid being the victim of identity theft is by limiting the amount of PII you provide. There are some easy ways to do this.
1. Avoid giving out your social security number whenever possible
Only a few types of organizations legitimately need your social security number. These include employers or when contracting with a business, group health insurance, financial and real estate transactions, applying for credit cards, car loans, and so forth.
2. Stay away from online quizzes
Quizzes, social media games, and other kinds of interactive clickbait are often grifting pieces of your PII in a seemingly playful way. While you’re not giving up your SSN, you may be giving up things like your birthday, your pet’s name, your first car … things that people often use to compose their passwords or use as answers to common security questions on banking and financial sites.
3. Watch out for phishing scams
A phishing email poses as a real email from known or trusted brands and financial institutions. These emails attempt to trick you into sharing important information like your logins, account numbers, credit card numbers, and so on under the guise of providing customer service. Here are some more ways to spot a phishing email.
4. Free yourself from PII worries with a new kind of identity protection
Clearly, we’re in a new era when it comes to securing our identities online. In response, McAfee has created a new kind of identity monitoring.
We knew from the outset Identity monitoring had to be proactive, holistic, and accessible. We also wanted it to follow the timeline for how cybercrime actually affects your identity. When it comes to PII, the breach is just the first step for cybercriminals. The 10 months following a breach is when cybercriminals will use your PII to commit fraudulent acts using your data.
To address this, your identity monitoring looks after more personally identifiable information than other leading competitors. It will also alert you of stolen personal info an average of 10 months ahead of other monitoring services. And it’s accessible anywhere via mobile app, browser, and the web.
In practice, McAfee’s identity monitoring protects all your online accounts by doing the following:
Monitors your PII
If detected, alerts you
Offers quick and guided help to neutralize the threat
Provides educational content to help prevent future issues
Offers insurance and agent-assisted remediation, available for select plans
Enjoy your life online again with a holistic approach to security
As we spend more of our lives online, we need an approach to security that reflects this new reality. Identity monitoring is part of it. VPN is part of it. Antivirus is part of it. They are all pieces of a puzzle that we solve with products like McAfee Total Protection. Our premier security service is comprehensive, affordable, and, with identity monitoring, an indispensable part of your life online.
The post Identity Protection Service: The Best Solution to a Growing Problem appeared first on McAfee Blog.
Germany’s BSI warns against Kaspersky AV over spying concerns
Germany’s Federal Office for Information Security (BSI) has warned businesses against using Kaspersky virus protection products amid concerns of Russian technology being coerced by Russian government agents and forced to attack target systems against its will or spied on. The BSI did not raise any concrete allegations against Kaspersky products but recommended replacing them with alternatives due to the Russian-Ukraine conflict. The Russian vendor responded in an official statement suggesting the BSI’s actions have been made on political rather than technological grounds.
The warning echoes earlier unconfirmed claims by U.S. intelligence agencies about ties between Kaspersky and the Russian government. Those claims led to the removal of Kaspersky Lab products of approved vendors for U.S. federal agencies in 2017.