Researchers warned that threat actors could potentially exploit Elastic IP transfer and compromise an IP address

Read More

Businesses are as much at risk from human error as from threat actors. Typos, configuration errors, and other human errors can lead to disaster on the same scale as any modern cyberthreat. Great technology defenses can only get you so far with managing risk.

It is generally agreed upon that Zero Trust principles are a more effective approach to securing your organization than defense in depth (though they aren’t mutually exclusive). This approach entails defining exactly what user or application has access to what resource, using a validation identity control, and continually validating that the behavior is acceptable. Nearly every organization has a progressive plan for deploying elements that achieve this depending on where they are on their adoption path. However, the technology side of the equation is discrete and primarily solvable. The challenge lies with the keyboard to monitor interface — the human.

To read this article in full, please click here

Read More

Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system:

Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System installers. The trojanized ISOs were hosted on Ukrainian- and Russian-language torrent file sharing sites. Upon installation of the compromised software, the malware gathers information on the compromised system and exfiltrates it. At a subset of victims, additional tools are deployed to enable further intelligence gathering. In some instances, we discovered additional payloads that were likely deployed following initial reconnaissance including the STOWAWAY, BEACON, and SPAREPART backdoors.

One obvious solution would be for Microsoft to give the Ukrainians Windows licenses, so they don’t have to get their software from sketchy torrent sites.

Read More

ICO publishes detailed list of complaints and investigations

Read More

Event logs register information about software and hardware events that occur in a system, and they are a key weapon in the arsenal of computer security teams. Windows Server has offered Windows Event Forwarding (WEF) for aggregating system event logs from disparate systems to a central event log server for several versions now.

High end security information and event management (SIEM) or security, orchestration, automation, and response (SOAR) systems are the ideal in an enterprise environment because of their ability to not only collect and correlate log event data, but also to add context, perform deep analysis, and even to initiate incident response.

To read this article in full, please click here

Read More

FTC reveals gaming firm’s privacy violations and design tricks

Read More

Phishing campaign spotted by CERT-UA

Read More