News – Page 481

Microservices architecture: maintaining the customer experience

Posted on 31 August 2021

From itproportal.com

It is likely that all large companies are already utilizing microservices as part of their business strategies. But microservices — small, loosely coupled services that make up a larger application — are essential for businesses of all sizes.

Unlike monolithic architectures, which contain all functionality and code within a large and complex application, microservices are discreet pieces of code that autonomously deliver on the various components of an application.

Richard Menear, CEO of cyber security specialists, Burning Tree, talks about how microservices are essential for businesses of all sizes and how this architecture is fast becoming a valuable way for organizations to scale their technology and make it more agile.

Stocks Info browser hijacker (virus) – Chrome, Firefox, IE, Edge

Posted on 31 August 2021

From 2-spyware.com

Stocks Info shows up on a computer as a browser extension on Google Chrome, MS Edge, or Mozilla Firefox. Judging by the name alone, the app is meant to provide information about stock market prices. This might seem like a useful feature, as most extensions are developed to provide some type of benefit for the users. However, this is rarely true for browser hijackers, as their main goal is to alter web browser settings to expose users to as much commercial content as possible.

In order to do that, Stocks Info would change the homepage and new tab address to its own and redirect all searches to a different provider (likely, Yahoo, although this might differ depending on your location). At the top of search results, the app would insert various links that otherwise would not be present if the default search provider would be used.

CISA: Don’t use single-factor auth on Internet-exposed systems

Posted on 31 August 2021

From bleepingcomputer.com

CISA: Don’t use single-factor authentication on Internet-exposed systems

Single-factor authentication (SFA) has been added today by the US Cybersecurity and Infrastructure Security Agency (CISA) to a very short list of cybersecurity bad practices it advises against.

CISA’s Bad Practices catalog includes practices the federal agency has deemed “exceptionally risky” and not to be used by organizations in the government and the private sector as it exposes them to an unnecessary risk of having their systems compromised by threat actors.

They are exceptionally dangerous for orgs that support Critical Infrastructure or National Critical Functions (NCFs) responsible for national security and economic stability, as well as the public’s safety.

Furthermore, these dangerous practices are “especially egregious” on Internet-exposed systems that threat actors could target and compromise remotely.

In Microsoft’s world, cloud email still often requires on-premises Exchange. Why?

Posted on 31 August 2021

From theregister.com

Microsoft customers who use Exchange Online for all their email still often have to run on-premises Exchange to be supported – and that is a burden they could do without as new vulnerabilities appear.

“This past week, security researchers discussed several ProxyShell vulnerabilities, including those which might be exploited on unpatched Exchange servers to deploy ransomware or conduct other post-exploitation activities,” warned Microsoft’s Exchange team yesterday. “It is critical to keep your Exchange servers updated with latest available Cumulative Update (CU) and Security Update (SU).”

It’s good advice, but many affected organisations would rather not run Exchange on-premises at all. They do so because Microsoft insists on it – even when all their mail is handled by Exchange Online.

LockFile Ransomware Circumvents Protection Using Intermittent File Encryption

Posted on 31 August 2021

From ehackingnews.com

A new ransomware threat known as LockFile has been affecting organizations all around the world since July. It surfaced with its own set of tactics for getting beyond ransomware security by using a sophisticated approach known as “intermittent encryption.”
The operators of ransomware, called LockFile, have been found exploiting recently disclosed vulnerabilities like ProxyShell and PetitPotam to attack Windows servers and install file-encrypting malware that scrambles just every alternate 16 bytes of a file, allowing it to circumvent ransomware defenses.

Obfuscation Detection: IDA plugin to pinpoint obfuscated code

Posted on 30 August 2021

From securityonline.info

Automatically detect obfuscated code and other state machines

Scripts to automatically detect obfuscated code and state machines in binaries.

Implementation is based on IDA 7.4+ (Python3). Check out the following blog posts for more information on the Binary Ninja implementation:

Failing to Meet Cybersecurity Standards Can Have Legal Consequences for Companies

Posted on 30 August 2021

From tripwire.com

Failing-to-Meet-Cybersecurity-Standards-Can-Have-Legal-Consequences-for-Companies

Cybercrime is one of the most significant threats facing companies today. With the average cost of a data breach reaching an all-time high of $4.24 million, the business case for cybersecurity has never been stronger. Still, some businesses seem to misunderstand the urgency of meeting current cybersecurity standards.

It may help to consider the legal consequences of poor cybersecurity. While the United States has no comprehensive nationwide cybersecurity law, American companies can still face legal trouble if they fail to meet certain standards. Various state, industry, and international regulations still apply to many businesses.

Understanding how cybersecurity standards affect companies’ legal standing can help encourage tighter security. In that spirit, here’s a glimpse at how failure to meet various regulations can result in legal consequences.