FinSpy: the ultimate spying tool
www.kaspersky.com/blog/finspy-for-windows-macos-linux/42383/ FinSpy spyware targets Android, iOS, macOS, Windows, and Linux users. Heres what it can do and how to stay protected. At Kasperskys recent Security Analyst Summit, our experts presented a detailed report on FinSpy (aka FinFisher) spyware and its distribution methods, including some previously unknown ones. You can read more about their findings in Securelists post. In this article, meanwhile, we explore what kind of malware FinSpy is and how you can protect yourself from it.
Tips for DFIR Analysts, pt III
windowsir.blogspot.com/2021/10/tips-for-dfir-analysts-pt-iii.html Learn to think critically. Don’t take what someone says as gospel, just because they say it. Support findings with data, and clearly communicate the value or significance of something. Be sure to validate your findings, and never rest your findings on a single artifact. Find an entry for a file in the AmCache? Great. But does that mean it was executed on the system? No, it does not…you need to validate execution with other artifacts in the constellation (EDR telemetry, host-based effects such as an application prefetch file, Registry modifications, etc.).
Cox Media Group confirms ransomware attack that took down broadcasts
www.bleepingcomputer.com/news/security/cox-media-group-confirms-ransomware-attack-that-took-down-broadcasts/ American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. The company acknowledged the attack in data breach notification letters sent today via U.S. Mail to over 800 impacted individuals believed to have had their personal information exposed in the attack. The group first informed potentially affected individuals of the incident via email on July 30.
Hardware Bolsters Medical Device Security
www.darkreading.com/vulnerabilities-threats/hardware-bolsters-medical-device-security The medical device industry has transformed over the last decade, driven by an explosion in the Internet of Mobile Things and increased connectivity. As complexity around the technology, supply chains, and management of these devices grows, so have security concerns. Traditionally benefiting from no connectivity, or security through obscurity, today’s medical devices are complex systems with multiple layers of commodity-based hardware and software. As a result, medical devices today are more vulnerable to generic threats that target mainstream software libraries and operating systems like Windows and Linux.
Demo: A Guide to Virtual Machine App Security
www.trendmicro.com/en_us/devops/21/j/virtual-machine-security-guidelines.html It may seem like containers are the go-to method for cloud building, however 95% applications run on traditional infrastructure deployments like dedicated servers, shared hosting, and virtual machines (VMs). While Gartner has predicted that by 2022 15% of organizations will be using containers, that still leaves 85% continuing to run many applications and services as server-based deployments. Servers dont seem to be going anywhere anytime soon.. Enterprises have run legacy architectures for more than a decade while serving their growing customer base. During this time, theyve addressed capacity constraint challenges with cloud platforms.
ESET researchers have discovered a previously unknown malware family that utilizes custom and well-designed modules, targeting systems running Linux
www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/ Modules used by this malware family, which we dubbed FontOnLake, are constantly under development and provide remote access to the operators, collect credentials, and serve as a proxy server. In this blogpost, we summarize the findings published in full in our white paper.
Google Confirms Powerful Password Shield Heading For 150 Million Chosen Ones
www.forbes.com/sites/daveywinder/2021/10/09/googles-powerful-password-shield-heads-for-150-million-automatically-opted-in-users/ Google has confirmed that it will be pushing forward, on an ‘automatic enrollment’ basis, with a bold security update for some 150 million users before the year-end. I am sure you are wondering if you will be among the chosen ones who get opted into using this powerful password shield and, if so, what exactly does this mean?. The confirmation from Google came by way of an official safety and security blog posting this week. The announcement by Google’s Chrome group product manager, AbdelKarim Mardini and director of Google account security and safety, Guemmy Kim, reinforces the password security switch message I wrote about back in May.
Vastaamon entiset potilaat vaativat jopa 10 000 euron korvauksia tietomurrosta konkurssipesä pitää 2 500:aa euroa ylärajana
yle.fi/uutiset/3-12134525 Psykoterapiakeskus Vastaamon konkurssipesä on ensimmäistä kertaa arvioinut asiakkaille maksettavien vahingonkorvauksien enimmäismäärää. Konkurssipesän mukaan yksityishenkilöt voisivat saada korvauksia enimmillään 2 500 euroa. Arvio selviää tiedotteesta, jonka pesänhoitaja on lähettänyt velkojille. Summa ei kuitenkaan tarkoita sitä, että vahingonkorvauksia vaativat saisivat tuon rahamäärän.