Expert(s):
CSO feature_status*/ ?>
Outpost24

Comments Dotted : 42
January 19, 2021

Experts Insight On Hackers Exploiting The Windows Finger Feature
The technique as such is called LOTL.

The important bit to understand is that there are hundreds of ways to download code on a windows system, of which finger is just one in the lot. The technique as such is called LOTL, or Living Of The Land, essentially attackers have minimal code that attempts to use as many tools and features as possible when attacking a system to evade detection. The use of finger, or any other such existing binary, is not the cause of the initial infection, or a vulnerability, the code execution occurs when

.....Read More

The important bit to understand is that there are hundreds of ways to download code on a windows system, of which finger is just one in the lot. The technique as such is called LOTL, or Living Of The Land, essentially attackers have minimal code that attempts to use as many tools and features as possible when attacking a system to evade detection. The use of finger, or any other such existing binary, is not the cause of the initial infection, or a vulnerability, the code execution occurs when the victim opens that initial document and approves it to run a macro.

 

Neither the malware, nor the downloader or propagation are new or novel techniques, and the risk as well as solution remain the same – never run active content in files received from external entities.

  Read Less
January 15, 2021

Ring Is Testing End-To-End Encrypted Videos For Their Smart Doorbells
It’s still great to see something that had potential but also substantial challenges rise to take a very serious positioning in regards to security.

When we researched Ring equipment when they hit the market, they carried all the hallmarks of IoT technology rushed to market, including undocumented possibilities to extract the Wi-Fi passwords from the devices and a range of other risks privately disclosed to Ring at the time. It is good to see that those issues are long gone and that the vendor is pushing forwards to increase the control over information it offers to its users. It should be noted however that adding encryption for the feeds

.....Read More

When we researched Ring equipment when they hit the market, they carried all the hallmarks of IoT technology rushed to market, including undocumented possibilities to extract the Wi-Fi passwords from the devices and a range of other risks privately disclosed to Ring at the time. It is good to see that those issues are long gone and that the vendor is pushing forwards to increase the control over information it offers to its users. It should be noted however that adding encryption for the feeds as such relies entirely on the vendor, which is already what is safeguarding the information today – the initiative is good, but the primary risk, the vendor or an entity accessing information via the vendor, still remain. Completely regardless of this, it’s still great to see something that had potential but also substantial challenges rise to take a very serious positioning in regards to security.

  Read Less
January 12, 2021

Experts Insight On UN’s Environmental Program Breach-100K+ Employee Records Leaked
Those are flaws in usage, not flaws in software.

Usually when you talk about hacking, you talk about vulnerabilities, which are flaws in software, and we talk about configurations or the human element. In this case, the flaws we see are all related to users configuring those servers leaving files exposed and software misconfigured. Those are flaws in usage, not flaws in software. It is in parts further concerning as those systems were internet exposed, and in turn, held credentials for other systems. With access to some of the indicated

.....Read More

Usually when you talk about hacking, you talk about vulnerabilities, which are flaws in software, and we talk about configurations or the human element. In this case, the flaws we see are all related to users configuring those servers leaving files exposed and software misconfigured. Those are flaws in usage, not flaws in software. It is in parts further concerning as those systems were internet exposed, and in turn, held credentials for other systems. With access to some of the indicated information and the simplicity of the breach, attackers may well have access to this information. It is one of the basic controls any experienced analyst performs against a system they are auditing, yet it is still surprisingly often a rewarding path to take provided the attack surface is sufficiently large, such as a full organization.

  Read Less
January 07, 2021

Security Experts Insight On Nissan Source Code Leaked
It is not the first time the successful implementation of good plans and strategies has not reached all the way to execution in the large organization

It is a basic security control to change the vendor default passwords whenever a system is deployed. From the nature of the content, this should be a production system and reviewed prior to having the source code uploaded. This basic control forms part of most organizations ISMS standards, i.e. ISO27001 policies and regulations internally. As Nissan Japan had their 9001 certificate revoked in 2017 by authorities it is not the first time the successful implementation of good plans and strategies

.....Read More

It is a basic security control to change the vendor default passwords whenever a system is deployed. From the nature of the content, this should be a production system and reviewed prior to having the source code uploaded. This basic control forms part of most organizations ISMS standards, i.e. ISO27001 policies and regulations internally. As Nissan Japan had their 9001 certificate revoked in 2017 by authorities it is not the first time the successful implementation of good plans and strategies has not reached all the way to execution in the large organization.

  Read Less
November 27, 2020

Experts On NHS Patients Have Data Exposed After Human Mistake
We are seeing too many organisations taking a lax approach to data security and the consequences are showing.
While this incident is unfortunate, it cannot be traced to cybercriminal activity. Instead, this is simply an instance of human error and careless data security hygiene. This is all the more concerning when considering the similar issue that faced NHS England’s Test and Trace app. We are seeing too many organisations taking a lax approach to data security and the consequences are showing. No institution should be storing ultra-sensitive personal health information (PHI) or personally.....Read More
While this incident is unfortunate, it cannot be traced to cybercriminal activity. Instead, this is simply an instance of human error and careless data security hygiene. This is all the more concerning when considering the similar issue that faced NHS England’s Test and Trace app. We are seeing too many organisations taking a lax approach to data security and the consequences are showing. No institution should be storing ultra-sensitive personal health information (PHI) or personally identifiable information (PII) in plain text in a spreadsheet. While this event is being reported as a data breach, in reality, it is nothing more than a critical clerical issue. Fortunately, the data was not stolen or openly distributed, however, this is a lesson that organisations should take note of if they wish to avoid the headlines in the future.  Read Less
November 23, 2020

Expert Insights: Faith App Pray.com Exposes Millions Through Cloud Misconfiguration
The reason insecure cloud configurations are sailing up to gain attention.
The new twist here is the fact that the access was through the CDN and not directly to the object storage. The fact remains that in regards to data theft and insecure information sharing, most is never detected at all and hence do not enter into the statistics. The reason insecure cloud configurations are sailing up to gain attention is that while they are far from the most frequent, they are amongst the biggest incidents. Loss of confidentiality of a laptop or file versus a cloud-based.....Read More
The new twist here is the fact that the access was through the CDN and not directly to the object storage. The fact remains that in regards to data theft and insecure information sharing, most is never detected at all and hence do not enter into the statistics. The reason insecure cloud configurations are sailing up to gain attention is that while they are far from the most frequent, they are amongst the biggest incidents. Loss of confidentiality of a laptop or file versus a cloud-based database - It is to an extent the difference between losing your wallet or losing your bank account.  Read Less
November 16, 2020

Experts Reacted On The North Face Credential Stuffing Attack
Essentially credential stuffing attack works when password reuse is in play.
This is digital socialism, where the service provider has to somewhat inconvenience the many to protect the few who cannot be trusted to keep themselves safe. Essentially credential stuffing attack works when password reuse is in play, meaning those who were affected had already breached basic security advice. It is a good experience to see a vendor choosing to prioritize the security of those few, over the impact this potentially can have to revenue flows as some users may be dissuaded by the.....Read More
This is digital socialism, where the service provider has to somewhat inconvenience the many to protect the few who cannot be trusted to keep themselves safe. Essentially credential stuffing attack works when password reuse is in play, meaning those who were affected had already breached basic security advice. It is a good experience to see a vendor choosing to prioritize the security of those few, over the impact this potentially can have to revenue flows as some users may be dissuaded by the password change. Well managed.  Read Less
November 13, 2020

Animal Jam Kids’ Virtual World Hit By Data Breach, Impacting 46m Accounts: Expert Commentary
Please prioritize getting unique credentials setup per service.
The main risk we are facing here is that for anyone re-using credentials they may fall victim to credentials spraying where their logins in this system is used against other platforms. So if you know you are re-using credentials, be it that you have an account on this service or not, please prioritize getting unique credentials setup per service.
November 06, 2020

Expert Insight: Company That Runs US Illegal Immigration Detention Centers Discloses Ransomware Attack
Ransomware may be the lesser good compared to an attacker with persistent access and the ability to read and change information.
What we need to recall is if ransomware got in, the attackers could have stolen and manipulated all information the malware accessed. As before in this case, ransomware may be the lesser good compared to an attacker with persistent access and the ability to read and change information. As it’s a private entity the data breach disclosure comes so late that it would be illegal in Europe, but still, transparency is good.
October 05, 2020

Microsoft Excel spreadsheet error leads to major COVID UK stats mishap – cybersecurity experts have their say
To see that it’s still in use and has hit the limits of its capacity is more than embarrassing.
How storing information on medical information in excel files which are then circulated to a wide audience can be seen as anything apart from the outmost temporary solutions is surprising given the rather strict opinions on data privacy voiced within the European Union over the last few years. It is not strange if this was the solution day one, week one, month one, but to see that it’s still in use and has hit the limits of its capacity is more than embarrassing. And to see that the solution.....Read More
How storing information on medical information in excel files which are then circulated to a wide audience can be seen as anything apart from the outmost temporary solutions is surprising given the rather strict opinions on data privacy voiced within the European Union over the last few years. It is not strange if this was the solution day one, week one, month one, but to see that it’s still in use and has hit the limits of its capacity is more than embarrassing. And to see that the solution has been to “split the file in batches” rather than finding a proper solution to an actual problem even more so.  Read Less