Cloud-based permissions management startup Entitle debuted Wednesday with the launch of its namesake SaaS-based application, designed to automate access requests and solve the problem of what it calls the “entitlement sprawl” faced by corporations.

Enterprise security teams are confronted with an overwhelming amount of permission requests, the Israel-based company said.

“We saw that permission management is becoming a big issue and interviewed heads of security about the challenges with governance and relevance of access,” said Ron Nissam, co-founder and CEO of Entitle. “We quickly realized that many of the challenges that security teams are facing in governance of access actually originated upstream in the IT and devops departments and how employees got permissions to begin with.”  

To read this article in full, please click here

Read More

The hackers appear to have a possible interest in industries connected with COVID-19 treatments

Read More

The malicious packages were reportedly created using automated processes

Read More

Here’s a story about a hacker who reprogrammed a device called “Flipper Zero” to mimic Opticom transmitters—to turn traffic lights in his path green.

As mentioned earlier, the Flipper Zero has a built-in sub-GHz radio that lets the device receive data (or transmit it, with the right firmware in approved regions) on the same wireless frequencies as keyfobs and other devices. Most traffic preemption devices intended for emergency traffic redirection don’t actually transmit signals over RF. Instead, they use optical technology to beam infrared light from vehicles to static receivers mounted on traffic light poles.

Perhaps the most well-known branding for these types of devices is called Opticom. Essentially, the tech works by detecting a specific pattern of infrared light emitted by the Mobile Infrared Transmitter (MIRT) installed in a police car, fire truck, or ambulance when the MIRT is switched on. When the receiver detects the light, the traffic system then initiates a signal change as the emergency vehicle approaches an intersection, safely redirecting the traffic flow so that the emergency vehicle can pass through the intersection as if it were regular traffic and potentially avoid a collision.

This seems easy to do, but it’s also very illegal. It’s called “impersonating an emergency vehicle,” and it comes with hefty penalties if you’re caught.

Read More

Deployment of backdoors on networks was the top action attackers made in almost a quarter of all incidents remediated in 2022. A spike in the use of the multi-purpose Emotet malware early in the year was the main culprit of this increase, accounting for 47% of backdoors deployed throughout the year, according to IBM Security X-Force Threat Intelligence Index.

“Increased backdoor deployment may also be due to the amount of money this kind of access can generate on the dark web. Compromised corporate network access from an initial access broker typically sells for several thousands of US dollars,” stated the report.

To read this article in full, please click here

Read More

A ransomware outfit is advising its victims to secretly tell them how much insurance they have, so their extortion demands will be met.

Read more in my article on the Tripwire State of Security blog.

Read More