CVE-2022-3261

Read Time:9 Second

A flaw was found in OpenStack. Multiple components show plain-text passwords in /var/log/messages during the OpenStack overcloud update run, leading to a disclosure of sensitive information problem.

Read More

Staying Safe While Working Remotely

Read Time:7 Minute, 18 Second

In the shadow of the COVID-19 pandemic, workplaces worldwide have undergone a seismic shift towards remote working. This adjustment involves much more than just allowing employees to access work resources from various locations. It necessitates the update of remote working policies and heightened cybersecurity security awareness.

Cybercriminals and potential nation-states are reportedly exploiting the global health crisis for their own gain. Hackers have targeted an array of sectors, including healthcare, employing COVID-19-related baits to manipulate user behavior. This article aims to provide a comprehensive guide on how you, as an employee, can augment your cybersecurity measures and stay safe when working remotely.

Understanding the Threat Landscape

It has been reported that criminals are using COVID-19 as bait in phishing emails, domains, malware, and more. While the exploitation of this global crisis is disheartening, it is unsurprising as criminals habitually leverage large events to their advantage. That said, it’s crucial to identify potential targets, particularly in certain geographic regions.

The data so far reveals a broad geographic dispersion of ‘targets,’ with many countries that are typical phishing targets being hit. However, there are anomalies such as Panama, Taiwan, and Japan, suggesting possible campaigns targeting specific countries. The landscape is continuously evolving as more threats are identified, necessitating vigilant monitoring on your part to stay safe.

→ Dig Deeper: McAfee Labs Report Reveals Latest COVID-19 Threats and Malware Surges

Contextualizing Working from Home Threats

The abrupt shift to remote work has left many employees unprepared, with some needing to operate from personal devices. These personal devices, if lacking appropriate security measures, can expose both you and your company or employer to various potential attacks.

Over the last few years, there has been a surge in targeted ransomware attacks, particularly through “commodity malware.” This malware type is often directed at consumers. Consequently, accessing work networks from potentially infected personal devices without appropriate security measures significantly increases the risk. Both employees and employers are left vulnerable to breaches and ransomware lockdowns.

Know the Risks of Online Connectivity and Collaboration

Office closures and working-from-home mandates due to COVID-19 permanently changed the way we look at workplace connectivity. A recent Fenwick poll among HR, privacy, and security professionals across industries noted that approximately 90% of employees now handle intellectual property, confidential, and personal information on their in-home Wi-Fi as opposed to in-office networks. Additionally, many are accessing this information on personal and mobile devices that often do not have the same protections as company-owned devices. The elevated number of unprotected devices connected to unsecured networks creates weak areas in a company’s infrastructure, making it harder to protect against hackers.

One technology your organization should be especially diligent about is video conferencing software. Hackers can infiltrate video conferencing software to eavesdrop on private discussions and steal vital information. Many disrupt video calls via brute force, where they scan a list of possible meeting IDs to try and connect to a meeting. Others seek more complex infiltration methods through vulnerabilities in the actual software. Up until recently, Agora’s video conferencing software exhibited these same vulnerabilities.

Hackers will usually try to gain access to these network vulnerabilities by targeting unsuspecting employees through phishing scams which can lead to even greater consequences if they manage to insert malware or hold your data for ransom. Without proper training on how to avoid these threats, many employees wouldn’t know how to handle the impact should they become the target.

Remote Working: Best Practices

If you’re an employee working remotely, it is essential to comprehend and adhere to best security practices. Here are some guidelines you could follow:

Remote Working Policy Guidance: Understand clearly what the remote working expectations of your company are, especially with respect to security practices.
Asset Classification: With added security, make previously inaccessible information available for remote use.
Strong Authentication: Secure access to key assets using two-factor authentication.
Awareness: Be informed about the potential risks of connecting remotely and the need to exercise caution while accessing authorized shared services and handling targeted phishing emails.
VPN Access: Use virtual private networks (VPNs) for a secure connection from untrusted networks.
Regular Software Updates: Ensure that your operating system, software applications, and security tools are regularly updated with the latest patches and updates. Cybercriminals often target known vulnerabilities in outdated software.
Firewall Protection: Activate and maintain a firewall on your remote device to block unauthorized access and protect your system from malicious traffic.
Safe Online Behavior: Exercise caution when clicking on links, downloading files, or opening email attachments, even if they appear to be from trusted sources. Verify the authenticity of such content to avoid falling victim to phishing attempts.
Physical Security: Ensure that your remote work area is secure. Lock up any physical documents or devices containing sensitive information when they are not in use.
Secure Mobile Device Usage: If you use a mobile device for work, ensure it is protected with a strong passcode or biometric authentication. Install security apps to remotely wipe the device if it is lost or stolen.
Collaboration Etiquette: When collaborating with colleagues remotely, be mindful of data-sharing practices and adhere to your organization’s collaboration guidelines to maintain security.
Separate personal and business devices: We may have brought work home with us, but nonetheless, we must strive to maintain a work/life balance and set boundaries between our personal and work life. Setting these boundaries makes it easier to separate the technology we use in our lives as well. Avoid sharing your company’s devices with family members who are not aware of the best security practices, especially children. Also, keep personal accounts separate from company accounts to prevent sharing information through personal channels.

Security Solutions and Tools

Considering the rise of remote working, it is more crucial than ever for employees, especially those working remotely, to invest in secure solutions and tools. However, as end-users, it’s also wisest to take extra steps like installing comprehensive security software to ward off cyber threats. These software have features that collectively provide a holistic approach to security, detecting vulnerabilities, and minimizing the chance of an attack.

We recommend McAfee+ and McAfee Total Protection if you want an all-inclusive security solution. With a powerful combination of real-time threat detection, antivirus, and malware protection, secure browsing, identity theft prevention, and privacy safeguards, McAfee+ and McAfee Total Protection ensure that your devices and personal information remain secure and your online experience is worry-free. 

McAfee Pro Tip: Gauge your security protection and assess your security needs before you get a comprehensive security plan. This proactive approach is the foundation for establishing robust cybersecurity measures tailored to your specific requirements and potential vulnerabilities. Learn more about our award-winning security products award-winning security products

Tailored Security Education for Employees

In the current digital age, employees must be aware of their crucial role in maintaining organizational security. As such, you should consider engaging in tailored security education and training programs that help employees identify and avoid potential threats such as phishing and malicious downloads. Regular training and updates can be beneficial as employees are often the first line of defense and can significantly help mitigate potential security breaches.

To ensure effective acquisition of knowledge, engage in security training that is designed in an engaging, easy-to-understand manner and utilizes practical examples that you can relate to. Successful training programs often incorporate interactive modules, quizzes, and even games to instill important security concepts. 

Enhancing Communication and Collaboration

Effective communication and collaboration are paramount in a remote working environment. Employees need to share information and collaborate on projects effectively while ensuring that sensitive information remains secure. Use and participate in platforms that enable secure communication and collaboration. Tools such as secure messaging apps, encrypted email services, secure file sharing, and collaboration platforms will ensure information protection while allowing seamless collaboration.

Make sure that you’re provided with detailed guidelines and training on the proper use of these tools and their security features. This will help prevent data leaks and other security issues that can arise from misuse or misunderstanding.

→ Dig Deeper: Five Tips from McAfee’s Remote Workers

Conclusion

The transition to a remote working environment brings with it various cybersecurity challenges. Prioritizing secure communication and collaboration tools, coupled with ongoing education and adherence to best practices, can help you navigate these challenges with confidence, ultimately reaping the benefits of a flexible and efficient remote work environment while safeguarding critical data and information. McAfee can help you with that and more, so choose the best combination of features that fits your remote work setup. 

The post Staying Safe While Working Remotely appeared first on McAfee Blog.

Read More

LLM Summary of My Book Beyond Fear

Read Time:3 Minute, 34 Second

Claude (Anthropic’s LLM) was given this prompt: Please summarize the themes and arguments of Bruce Schneier’s book Beyond Fear. I’m particularly interested in a taxonomy of his ethical arguments—please expand on that. Then lay out the most salient criticisms of the book.

Claude’s reply:

Here’s a brief summary of the key themes and arguments made in security expert Bruce Schneier’s book Beyond Fear: Thinking Sensibly About Security in an Uncertain World:

Central Themes:

Effective security requires realistic risk assessment, not fear-driven responses. We need to rationally determine actual threats versus perceived ones.
Security trade-offs need to be carefully balanced against costs to other values like privacy, freedom, and social/economic impacts.
Human psychology and biases lead to exaggerated fears that politicians/marketers can exploit, resulting in wasteful and theatrical “security theater.”
Security is a process that requires ongoing flexibility, not total prevention. We can’t anticipate every threat but can build resilience.

Key Arguments:

Analyze risks empirically using evidence, statistics, and probability rather than intuition. Avoid underestimating everyday risks while overestimating novel or sensational ones.
Reject the temptation to implement oppressive security restrictions after tragic but unlikely events. Focus only on proportional responses.
Where possible, favor openness and transparency over aggressive data collection or restrictions which erode civil liberties.
Seek security policies and technologies that enhance society broadly rather than benefit special interests.

Schneier argues for rational, ethical approaches to security aimed at genuine protection while avoiding violations of human rights in the name of safety.

Here are some of the key ethical arguments Bruce Schneier makes in Beyond Fear regarding security policy and practices:

Utilitarian Ethics – Security measures should aim to provide the greatest societal benefit and well-being for the most people, not just special interests.
Individual Autonomy – Restrictions should be minimized to avoid excessive infringements on civil liberties and individual freedoms. Surveillance creep risks violating autonomy.
Privacy Rights – Pervasive monitoring and data collection erode privacy rights and dignity. Citizens are entitled to some degree of opacity.
Proportional Responses – Reactive policies should weigh costs versus statistically likely benefits. Draconian rules beyond proportionality are unethical.
Justice and Fairness – Security should not create racial, religious or other profiling biases that punish groups rather than conduct.
Accountability and Transparency – Ethical security requires checks against excessive power and oversight for responsibility. Secrecy enables abuses.
Honest Representation – Officials and pundits have an ethical duty not to stoke disproportionate public fears. Security theater manufactures consent.
Integrity and Character – Leaders should have the wisdom and courage to make difficult trade-offs rather than exploit fears for authority and control.

Overall Schneier argues security policies grounded in ethics rather than fear promote human well-being while recognizing inherent trade-offs. Prudence, transparency, and proportionality are essential.

Here are some of the most salient criticisms made against the arguments put forth in Bruce Schneier’s book Beyond Fear:

Downplays real threats – Some argue Schneier dangerously downplays serious risks like terrorism and cybercrime by calling fears overblown.
Too theoretical – His risk analysis approach may rely too much on statistics versus real-world uncertainties that defy probabilistic reasoning.
No easy answers – While citing misguided policies, critics say Schneier provides few actionable solutions or concrete policy guidance.
Conflicting values – His balancing of security, privacy and liberty involves inherent trade-offs and tough choices he gives little direction on.
Politically naive – Suggesting special interests drive policy may under-appreciate legitimate national security concerns of elected officials.
Hindsight bias – Assessing past overreactions easier than predicting future threats that justify caution today.
No accounting for psychology – Factoring human irrationality into policy is essential, not dismissed as “security theater.”
Technical focus – Focuses narrowly on certain technologies while ignoring broader organizational and sociological dimensions.

In summary, critics argue Schneier’s risk analysis orientation is too clinical, abstract, and devoid of political and human realities to transform concrete policy in the ways he intends. His framework may therefore lack sufficient nuance or guidance.

It’s interesting. The summary is pretty accurate, and so are the criticisms. The book was a product of my thinking twenty years ago, and my own thinking has evolved to address those criticisms.

Of course, this only works with older books that the LLM has ingested, and probably works better with books that have been written about.

Read More

CVE-2022-38636

Read Time:9 Second

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Read More

CVE-2022-3466

Read Time:33 Second

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. This issue could allow an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. For more details, see https://access.redhat.com/security/cve/CVE-2022-27652.

Read More

roundcubemail-1.6.3-1.fc39

Read Time:1 Minute, 6 Second

FEDORA-2023-217194e950

Packages in this update:

roundcubemail-1.6.3-1.fc39

Update description:

Release 1.6.3

Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051)
Update jQuery-UI to version 1.13.2 (#9041)
Fix regression that broke use_secure_urls feature (#9052)
Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953)
Fix bug where a duplicate <title> tag in HTML email could cause some parts being cut off (#9029)
Fix bug where a list of folders could have been sorted incorrectly (#9057)
Fix regression where LDAP addressbook ‘filter’ option was ignored (#9061)
Fix wrong order of a multi-folder search result when sorting by size (#9065)
Fix so install/update scripts do not require PEAR (#9037)
Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096)
Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097)
Fix PHP8 deprecation warning in the reconnect plugin (#9083)
Fix “Show source” on mobile with x_frame_options = deny (#9084)
Fix various PHP warnings (#9098)
Fix deprecated use of ldap_connect() in password’s ldap_simple driver (#9060)
Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages

Read More

roundcubemail-1.6.3-1.fc38

Read Time:1 Minute, 6 Second

FEDORA-2023-b2e5612471

Packages in this update:

roundcubemail-1.6.3-1.fc38

Update description:

Release 1.6.3

Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051)
Update jQuery-UI to version 1.13.2 (#9041)
Fix regression that broke use_secure_urls feature (#9052)
Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953)
Fix bug where a duplicate <title> tag in HTML email could cause some parts being cut off (#9029)
Fix bug where a list of folders could have been sorted incorrectly (#9057)
Fix regression where LDAP addressbook ‘filter’ option was ignored (#9061)
Fix wrong order of a multi-folder search result when sorting by size (#9065)
Fix so install/update scripts do not require PEAR (#9037)
Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096)
Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097)
Fix PHP8 deprecation warning in the reconnect plugin (#9083)
Fix “Show source” on mobile with x_frame_options = deny (#9084)
Fix various PHP warnings (#9098)
Fix deprecated use of ldap_connect() in password’s ldap_simple driver (#9060)
Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages

Read More