From helpnetsecurity.com
Netacea announced results from a report that reveals the high price that businesses pay because of unwanted bot traffic. According to survey respondents, automated bots operated by malicious actors cost businesses an average of 3.6% of their annual revenue. For the 25% worst affected businesses, this equates to at least a $250 million every year.
From searchsecurity.techtarget.com
Microsoft disclosed a new Windows print spooler vulnerability Wednesday, weeks after the PrintNightmare flaw was first revealed, and this one doesn’t have a patch ready.
CVE-2021-36958 is a remote code execution (RCE) vulnerability in Windows print spooler software, which manages a device’s printing jobs, that occurs when the software “improperly performs privileged file operations,” according to Microsoft’s page dedicated to the vulnerability.
“An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” the advisory reads.
From securityaffairs.co
Microsoft revealed that a year-long spear-phishing campaign has targeted Office 365 customers in multiple attacks starting with July 2020.
The attackers used invoice-themed XLS.HTML attachments, Microsoft reported that they changed obfuscation and encryption mechanisms every 37 days on average, a circumstance that demonstrates high motivation and the threat actors’ abilities to constantly evade detection.
“The HTML attachment is divided into several segments, including the JavaScript files used to steal passwords, which are then encoded using various mechanisms. These attackers moved from using plaintext HTML code to employing multiple encoding techniques, including old and unusual encryption methods like Morse code, to hide these attack segments.” reads the report published by the Microsoft 365 Defender Threat Intelligence Team. “Some of these code segments are not even present in the attachment itself. Instead, they reside in various open directories and are called by encoded scripts.”
From itsecuritynews.info
Lack of awareness and gaps in knowledge are a weak link for cybersecurity leadership who are responsible for strategic planning of cybersecurity defenses, leaving organizations exposed to risks, a Ponemon survey reveals.
From theregister.com
A California-based IT consultancy has sued Huawei and its subsidiary in Pakistan alleging the Chinese telecom firm stole its trade secrets and failed to honor a contract to develop technology for Pakistani authorities.
The complaint [PDF], filed on Wednesday in the US District Court in Santa Ana, California, describes how Business Efficiency Solutions, LLC, (BES) began working with Huawei Technologies in 2016 to overhaul the IT systems available to the Punjab Police Integrated Command, Control and Communication Center (PPIC3) of Lahore, capital of the Punjab province of Pakistan.
The legal filing claims, among other things, that Huawei has used BES’s Data Exchange System “to create a backdoor and obtain data important to Pakistan’s national security and to spy on Pakistani citizens.”
From trendmicro.com
The agency also reported that attacks on the supply chain have grown in number and become more sophisticated. Sixty-two percent of the attacks were also done using malware, requiring enterprises to future-proof their security.
Cybersecurity experts have long been concerned about supply chain attacks because a single attack can wreak havoc and compromise a network of providers.
From malware.news
Google has open-sourced today a project named Allstar that can be used to secure GitHub projects by constantly watching and enforcing a set of security policies with the hope of preventing basic security misconfigurations.
Available as a GitHub app, Allstar can be installed on organizations and user accounts and allow it access to desired repositories.
Under the hood, Allstar works by reading a configuration file containing a set of user-defined rules—called security policies— and then constantly scanning and checking a project’s settings and recent events to ensure that no modifications are made to a project’s sensitive areas.