The National Security Agency (NSA) published an advisory that addresses the risks behind Transport Layer Security Inspection (TLSI) and provides mitigation measures for weakened security in organizations that use TLSI products. TLSI (aka TLS break and inspect) is the process through which enterprises can inspect encrypted traffic with the help of a dedicated product such as a proxy device, a firewall, intrusion detection or prevention systems (IDS/IPS) that can decrypt and re-encrypt traffic encrypted with TLS.
ISBuzz Team
A misconfigured Amazon Web Server is to blame for the exposure of information from tens of thousands of customers from PayMyTab, a company that works with restaurants to provide mobile and card terminals. The exposure was discovered after security researchers received a tip and verified the that the information was exposed on the Internet.
According to Netlab researchers, a cybercrime group is enslaving Linux servers running vulnerable Webmin apps into a new botnet that they have named “Roboto.” Its appearance dates back to summer and is linked to the disclosure of a major security flaw in a web app installed on more than 215,000 servers. https://twitter.com/enchantech/status/1197454731997663233
It has been reported that one of Iran’s most active hacker groups appears to have shifted focus. Rather than just standard IT networks, they’re targeting the physical control systems used in electric utilities, manufacturing, and oil refineries. At the CyberwarCon conference today, a Microsoft security researcher plans to present new findings that show this shift in the activity of the Iranian hacker group APT33, also known by the names Holmium, Refined Kitten, or Elfin. https://twitter.com/a_greenberg/status/1197142508175802376
You may have already spotted, but a ransomware attack has hit a French hospital crippling 6,000 computers; reminiscent of WannaCry, which hit the NHS in 2017. To prevent the infection spreading, the IT team opted to close down the systems and operate in ‘degraded mode’. It is predicted it will take much of this week to restore systems to standard functionality and the French National Agency for Information Systems Security is assisting the hospital IT team.
Responsible for running and keeping the .UK internet infrastructure secure, Nominet has today published its update on .UK domains suspended for criminal activity over the 12 months to October 2019. Nominet suspends domains following notification from the police or other law enforcement agencies that the domain is being used for criminal activity. The statistics: The criminality report shows that the number of .UK domains suspended between 1 November 2018 and 31 October 2019 has seen a small reduction year on year at 28,937 – down from 32,813. This represents around 0.22% of the more than 13 million .UK domains currently registered. Nominet collaborates…
Organizations today face a tsunami of data and have turned to advanced digital solutions for real-time visibility across their entire value chain of assets and operations. An example of this technology is the digital twin, which has been augmented by rapid advances in the Internet of Things (IoT) and is one of the fastest growing applications of industrial IoT. Simply put, a digital twin is a digital reflection of a person, place or thing that correlates all information – including historical data, current operations and environmental conditions – related to that person, place or thing. An industrial example of a…
A new vulnerability has been found in the Camera apps for millions, if not hundreds of millions, of Android devices that could allow other apps to record video, take pictures, and extract GPS data from media without having the required permissions. Commenting on the discovery are the following security professionals:
It has been reported that the Louisiana state government computers were knocked out following a ransomware attack. Many state agencies had their servers taken down in response to the attack, Governor John Bel Edwards said in a series of messages posted to Twitter. He said the agencies were coming back online but that full restoration could take “several days.” A person familiar with the matter identified the particular breed of ransomware that struck Louisiana as Ryuk, a variant that cybersecurity firms first identified in August of last year.
Microsoft revealed plans to integrate native support for DNS over HTTPS in the company’s Windows 10 operating system in November 2019. The announcement was made on Microsoft’s Networking blog on November 17, 2019. DNS over HTTPS is designed to improve privacy, security, and reliability by encrypting DNS queries that are handled in plaintext currently. DNS over HTTPS has been on the rise lately. Mozilla, Google, Opera as well as several public DNS providers announced support for the standard. Support in programs, e.g. a web browser, means that the DNS queries that originate from that program are encrypted. Other queries, e.g. from another browser that does not…