Announcement — Introducing the New and Improved Idaptive UI

CyberArk is committed to ensuring that every customer and user has a great experience using the Idaptive platform. That’s why we are dedicated to finding ways to continually improve the experience for our users with every product release. Today, we are excited to announce the upcoming launch of our brand-new Idaptive User Interface (UI) that is designed to maximize user productivity, enable intuitive platform administration, and ensure that user experience is consistent across all CyberArk products.

First, we’ve updated the look and feel of the entire platform with a new font, icons, and styles. These new styles are not only pleasing to the eye but are designed to be consistent with other CyberArk products and make it easier and more efficient to navigate the Idaptive solution. For example, the headers of each section are now easier to read, new fonts draw the eye to the data that matters most, and new button styles and colors intuitively highlight the next step a user should take to advance their workflow.

New Idaptive UI – with new stying and fonts

New Navigation Menu

Next, we’ve streamlined the Admin and User Portal navigation menus by standardizing the navigation location, adding the portal switcher toggle icon at the top, and the online help shortcut at the bottom of the menu. In the classic UI, some of these functions were not placed in consistent locations or were hidden in sub-menus. For example, the User Portal navigation menu was at the top of the screen while the Admin Portal menu was on the left. In addition, the option to toggle between Admin, User, and Analytics portals was hidden in one of the drop-down menus. We found through user research that most of the users with admin privileges preferred to standardize the navigation menu location across all portals, and some found the location of help options and portal switch toggle confusing. So we placed them prominently on the left side of the screen. This is one example of a principle you’ll see applied throughout the new UI – simplifying the experience and navigation for every user.

New Idaptive UI – navigation menu, online help, and portal switcher

All of these enhancements will be available in the 20.4 Idaptive product release, scheduled for the end of September. Existing customers, as well as new customers, will land in the new user interface by default upon logging in after the product update. We’ll continue to make additional UI enhancements to the Idaptive product in the upcoming releases.

As always, we’re eager to hear what you think. If you have feedback on these enhancements or ideas for additional enhancements you’d like to see, please submit them on our Tech Community page.

Thank you,

The CyberArk Idaptive Team

The post Announcement — Introducing the New and Improved Idaptive UI appeared first on Security Boulevard.

Read More

The post Announcement — Introducing the New and Improved Idaptive UI first appeared on Malware Devil.

https://box2142.temp.domains/~malware7/2020/09/01/announcement-introducing-the-new-and-improved-idaptive-ui/?utm_source=rss&utm_medium=rss&utm_campaign=announcement-introducing-the-new-and-improved-idaptive-ui

Effortlessly Extend Okta Identities to JumpCloud

Extend your current Okta identities to JumpCloud and give access to resources such as RADIUS and LDAP. JumpCloud is an approved OIN application.

The post Effortlessly Extend Okta Identities to JumpCloud appeared first on JumpCloud.

The post Effortlessly Extend Okta Identities to JumpCloud appeared first on Security Boulevard.

Read More

The post Effortlessly Extend Okta Identities to JumpCloud first appeared on Malware Devil.

https://box2142.temp.domains/~malware7/2020/09/01/effortlessly-extend-okta-identities-to-jumpcloud/?utm_source=rss&utm_medium=rss&utm_campaign=effortlessly-extend-okta-identities-to-jumpcloud

Using assert() to Execute Malware in PHP 7 Environments

Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x, making it an incredibly popular scripting language — which is likely why attackers are creating malware to target environments which leverage it.

During a recent investigation, our team stumbled across some malicious code which is used to inject a .user.ini file into a PHP 7 environment and add zend.assertions = 1.

Continue reading Using assert() to Execute Malware in PHP 7 Environments at Sucuri Blog.

The post Using assert() to Execute Malware in PHP 7 Environments appeared first on Security Boulevard.

Read More

The post Using assert() to Execute Malware in PHP 7 Environments first appeared on Malware Devil.

https://box2142.temp.domains/~malware7/2020/09/01/using-assert-to-execute-malware-in-php-7-environments/?utm_source=rss&utm_medium=rss&utm_campaign=using-assert-to-execute-malware-in-php-7-environments

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws

Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites.
Read More

The post Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/magento-sites-vulnerable-to-rce-stemming-from-magmi-plugin-flaws/?utm_source=rss&utm_medium=rss&utm_campaign=magento-sites-vulnerable-to-rce-stemming-from-magmi-plugin-flaws

Responding to Cloud Misconfigurations with Security Automation and Common-Sense Tips

Few things can boil the blood of a security professional quite like the unforced error. It is a common term…

The post Responding to Cloud Misconfigurations with Security Automation and Common-Sense Tips appeared first on Siemplify.

The post Responding to Cloud Misconfigurations with Security Automation and Common-Sense Tips appeared first on Security Boulevard.

Read More

The post Responding to Cloud Misconfigurations with Security Automation and Common-Sense Tips first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/responding-to-cloud-misconfigurations-with-security-automation-and-common-sense-tips/?utm_source=rss&utm_medium=rss&utm_campaign=responding-to-cloud-misconfigurations-with-security-automation-and-common-sense-tips

Using assert() to Execute Malware in PHP 7 Environments

Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x, making it an incredibly popular scripting language — which is likely why attackers are creating malware to target environments which leverage it.

During a recent investigation, our team stumbled across some malicious code which is used to inject a .user.ini file into a PHP 7 environment and add zend.assertions = 1.

Continue reading Using assert() to Execute Malware in PHP 7 Environments at Sucuri Blog.

The post Using assert() to Execute Malware in PHP 7 Environments appeared first on Security Boulevard.

Read More

The post Using assert() to Execute Malware in PHP 7 Environments first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/using-assert-to-execute-malware-in-php-7-environments/?utm_source=rss&utm_medium=rss&utm_campaign=using-assert-to-execute-malware-in-php-7-environments

Cyber Security Roundup for September 2020

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, August 2020.

Taking security training courses and passing certification exams are common ingredients in the makeup of the vast majority of accomplished cybersecurity and information security professionals. As such, two security incidents last month raised more than just a surprising eyebrow or two within the UK security industry. 

The first involved the renown and well respected United States security training company, The SANS Institue, announcing that a successful email phishing attack against one of its employees resulted in 28,000 personal records being stolen. SANS classified this compromise as “consent phishing”, namely where an employee is tricked into providing malicious Microsoft Office 365 OAuth applications access to their O365 accounts. In June 2020, Microsoft warned ‘consent phishing’ scams were targeting remote workers and their cloud services.

The second incident involved British cybersecurity firm NCC Group, after The Register reported NCC marked CREST penetration testing certification exam ‘cheat cheats’ were posted on Github. El Reg stated the leaked NCC marked document “offered step-by-step guides and walkthroughs of information about the Crest exams.  With those who posted the documents claiming that the documents contained a clone of the Crest CRT exam app that helped users to pass the CRT exam in the first attempt.”  CREST, a globally recognised provider of penetration testing accreditations, conducted their own investigation into the Github post and then suspended their Certified Infrastructure Tester (CCF Inf) and Certified Web Application Tester (CCT App) exams.

Reuters reported British trade minister Liam Fox email account was compromised by Russian hackers through a spear-phishing attack. This led to leaks of sensitive US-UK  trade documents in a disinformation campaign designed to influence the outcome of the UK general election in late 2019.

UK foreign exchange firm Travelex is still revelling from the double 2020 whammy of major ransomware outbreak followed by the impact COVID-19, and has managed to stay in business thanks a bailout arranged by their business administrators PWC. 

Uber’s former Cheif Security Officer has been charged with obstruction of justice in the United States, accused of covering up a massive 57 million record data breach in 2016. Uber eventually admitted paying a hacking group $100,000 (£75,000) ransom to delete the data they had stolen.

The British Dental Association advised its dentist members that their bank account details and correspondence with them were stolen by hackers.  A BDA spokeswoman told BBC News it was possible that information about patients was also exposed, but remained vague about the potential context. The cyber breach was likely caused by a hack of the BDA website given it was taken offline for a considerable amount of time after reporting the breach.

Its seems that every month I report a huge cloud misconfiguration data beach, typically found by researchers looking for publicity, and caused by businesses not adequately securing their cloud services.  This month it was the turn of cosmetics giant Avon after researchers ‘SafetyDetectives” found 19 million records were accessible online due to the misconfiguration of a cloud server.  Accurics separately reported misconfigured cloud services accounted for 93% of 200 breaches it has seen in the past two years, exposing more than 30 billion records. Also predicting cloud services data breaches are likely to increase in both velocity and scale, I am inclined to agree.

Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global

Finally, I was invited to review a pre-release of Geoff White’s new book, “Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global”. I posted a book review upon its release in August, I thoroughly recommend it. The book is superbly researched and written, the author’s storytelling investigative journalist style not only lifts the lid on the murky underground world of cybercrime but shines a light on the ingenuity, persistence and ever-increasing global scale of sophisticated cybercriminal enterprises. While this book is an easily digestible read for non-cyber security experts, the book provides cybersecurity professionals working on the frontline in defending organisations and citizens against cyber-attacks, with valuable insights and lessons to be learnt about their cyber adversaries and their techniques, particularly in understanding the motivations behind today’s common cyberattacks.

Stay safe and secure.

BLOG

• Beating the Emotet Malware with SSL Interception
• Countering Cybercrime in the Next Normal
• Book Review: Crime Dot Com, From Viruses to Vote Rigging, How Hacking Went Global
• Cyber Security Roundup for August 2020
• Securing the COVID-19 ‘New Normal’ of Homeworking

NEWS

• Security Training Firm SANS Institute Data Breach after an employee fell for ‘Consent Phishing’ 
• Travelex Strikes Rescue deal but 1,300 UK jobs go following the impact of Ransomware Attack & COVID 19
• Uber Ex-Security Boss Accused of Covering up Hack Attack
• Suspected Russian Hackers Stole UK Trade Minister’s Personal Emails
• Cosmetics Giant Avon Leaks 19 Million Records due to Misconfigured Cloud Server
• British Dental Association members targeted by Hackers
• Internal NCC Training Data and CREST Exam Questions Leaked on Github
• Regulators levy $80 Million Fine on Capital One for Massive Breach
• Stricken Electronics Firms Weigh Reward and Cost of Paying Cyber Ransoms 
• New Zealand Stock Exchange Halted by DDoS Cyber-Attack
• Hacker Leaks Passwords For 900+ Enterprise Pulse Secure VPN Servers
• Insecure satellite Internet is Threatening Ship and Plane Safety
• Tea at the Ritz Soured by Credit Card Scammers
• NCSC departing Boss reflects on China, Russia and Trust in Tech
• British Army ‘could drop tanks in favour of Cyber Capabilities’, says report
• GCHQ Cyberspies Foil Get-Rich-Quick Scams

VULNERABILITIES AND SECURITY UPDATES

• Microsoft Patches 120 Vulnerabilities
• Adobe eliminates 11 Critical Bugs in Acrobat Reader

AWARENESS, EDUCATION AND THREAT INTELLIGENCE

• Five Ways to Stop the Meow Bot
• Emotet Return Brings New Tactics & Evasion Techniques
• Accurics State of DevSec Ops Report: Misconfigured Cloud Services Account for 93% of 200 Breaches

The post Cyber Security Roundup for September 2020 appeared first on Security Boulevard.

Read More

The post Cyber Security Roundup for September 2020 first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/cyber-security-roundup-for-september-2020/?utm_source=rss&utm_medium=rss&utm_campaign=cyber-security-roundup-for-september-2020

Slack RCE, Charming Kitten, & KryptoCibule Malware – SWN #61

This week, Dr. Doug talks Tesla, Slack, Charming Kitten returns, KryptoCibule, and Tweets from the great beyond! In the Expert Commentary, we welcome Ian McShane,VP, Product Marketing at CrowdStrike, to discuss remote work/return to office, and the challenges therein!

This segment is sponsored by CrowdStrike.

Visit https://securityweekly.com/crowdstrike to learn more about them!

Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/swn61

The post Slack RCE, Charming Kitten, & KryptoCibule Malware - SWN #61 first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/slack-rce-charming-kitten-kryptocibule-malware-swn-61/?utm_source=rss&utm_medium=rss&utm_campaign=slack-rce-charming-kitten-kryptocibule-malware-swn-61

Uber Indictments, Part 2 – Priya Chaudhry – SCW #41

Recent criminal charges against the CSO and CEO of Uber.
Visit https://www.securityweekly.com/scw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/scw41

The post Uber Indictments, Part 2 - Priya Chaudhry - SCW #41 first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/uber-indictments-part-2-priya-chaudhry-scw-41/?utm_source=rss&utm_medium=rss&utm_campaign=uber-indictments-part-2-priya-chaudhry-scw-41

CactusPete APT group takes aim at military and financial targets

The China-based APT group known as CactusPete has re-appeared with a new campaign aimed at military and financial targets in Eastern Europe.
Read More

The post CactusPete APT group takes aim at military and financial targets first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/cactuspete-apt-group-takes-aim-at-military-and-financial-targets/?utm_source=rss&utm_medium=rss&utm_campaign=cactuspete-apt-group-takes-aim-at-military-and-financial-targets

The importance of choice: How to deploy your vendor access management software

Not all software deployments are created equally! When it comes to purchasing and deploying new software, we know that not every organization will have the same wants or needs. Companies will differ with their infrastructure, resources, bandwidth, regulatory environments, or implementation timeframes. In order to meet those different requirements, we offer three different ways to […]

The post The importance of choice: How to deploy your vendor access management software appeared first on SecureLink.

The post The importance of choice: How to deploy your vendor access management software appeared first on Security Boulevard.

Read More

The post The importance of choice: How to deploy your vendor access management software first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/the-importance-of-choice-how-to-deploy-your-vendor-access-management-software/?utm_source=rss&utm_medium=rss&utm_campaign=the-importance-of-choice-how-to-deploy-your-vendor-access-management-software

Researchers discover new malware family

A new trojan malware family has been identified by researchers that targets cryptocurrency. ESET named the threat KryptoCibule, and it primarily targets users in the Czech Republic and Slovakia.
Read More

The post Researchers discover new malware family first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/researchers-discover-new-malware-family/?utm_source=rss&utm_medium=rss&utm_campaign=researchers-discover-new-malware-family

Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild

Cisco has warned of an active zero-day vulnerability in its router software that’s being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks.
Read More

The post Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/cisco-issues-warning-over-ios-xr-zero-day-flaw-being-targeted-in-the-wild/?utm_source=rss&utm_medium=rss&utm_campaign=cisco-issues-warning-over-ios-xr-zero-day-flaw-being-targeted-in-the-wild

The most popular brand websites that hackers use for typosquatting campaigns

The most imitated websites that financially-motivated hackers have resorted to mimicking include Wells Fargo, Netflix, Facebook, and Microsoft, according to new Palo Alto Networks research.
Read More

The post The most popular brand websites that hackers use for typosquatting campaigns first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/the-most-popular-brand-websites-that-hackers-use-for-typosquatting-campaigns/?utm_source=rss&utm_medium=rss&utm_campaign=the-most-popular-brand-websites-that-hackers-use-for-typosquatting-campaigns

The Many Faces of Bad Bots

Bad bots and malicious automation are one of the few technology challenges that can materially impact on every business team inside an organization. With up to 50% of Internet traffic generated by bots, organizations are awash in a sea of automated visitors. Some bots are benign, others aren’t. Those that aren’t can interfere with customer acquisition. They steal data and intellectual property. They erode application performance. They directly defraud businesses.

The post The Many Faces of Bad Bots appeared first on Security Boulevard.

Read More

The post The Many Faces of Bad Bots first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/the-many-faces-of-bad-bots/?utm_source=rss&utm_medium=rss&utm_campaign=the-many-faces-of-bad-bots

Extending Zero Trust to the Endpoint

What is Zero Trust? Zero trust is a security model based on maintaining strict access control. It has risen in popularity since Forrester coined the term in 2010.  Initially, Zero trust referred to an enterprise security architecture that relied on a trusted internal network protected by firewalls that enforce perimeter security. However, with enterprises adopting […]

The post Extending Zero Trust to the Endpoint appeared first on Hysolate.

The post Extending Zero Trust to the Endpoint appeared first on Security Boulevard.

Read More

The post Extending Zero Trust to the Endpoint first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/extending-zero-trust-to-the-endpoint/?utm_source=rss&utm_medium=rss&utm_campaign=extending-zero-trust-to-the-endpoint

Norway’s Parliament Hit by Cyber Attack

The Norwegian parliament has been hit by a cyber attack, and the e-mail accounts of several elected members were hacked, the national assembly said in a statement on Tuesday.
Read More

The post Norway's Parliament Hit by Cyber Attack first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/norways-parliament-hit-by-cyber-attack/?utm_source=rss&utm_medium=rss&utm_campaign=norways-parliament-hit-by-cyber-attack

MY TAKE: Lessons learned from the summer of script kiddies hacking Twitter, TikTok

Graham Ivan Clark, Onel de Guzman and Michael Calce. These three names will go down in the history of internet commerce, right alongside Jack Dorsey, Mark Zuckerberg and Jeff Bezos.

Related: How ‘Zero Trust’ is compatible with agile computing

We’re … (more…)

The post MY TAKE: Lessons learned from the summer of script kiddies hacking Twitter, TikTok appeared first on Security Boulevard.

Read More

The post MY TAKE: Lessons learned from the summer of script kiddies hacking Twitter, TikTok first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/my-take-lessons-learned-from-the-summer-of-script-kiddies-hacking-twitter-tiktok/?utm_source=rss&utm_medium=rss&utm_campaign=my-take-lessons-learned-from-the-summer-of-script-kiddies-hacking-twitter-tiktok

FireMon Secures $40 Million Debt Financing with Silicon Valley Bank

Network Security Policy Management Leader Deemed Critical to US National Security, Secures Additional Funding to Accelerate Growth DALLAS – September 1st, 2020 – FireMon, the leading network security policy management company that brings visibility, control, agility and automation to enterprise cloud and hybrid network infrastructure, today announced it has secured a debt financing of $40..

The post FireMon Secures $40 Million Debt Financing with Silicon Valley Bank appeared first on Security Boulevard.

Read More

The post FireMon Secures Million Debt Financing with Silicon Valley Bank first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/firemon-secures-40-million-debt-financing-with-silicon-valley-bank/?utm_source=rss&utm_medium=rss&utm_campaign=firemon-secures-40-million-debt-financing-with-silicon-valley-bank

Security Researcher Discovers Over 50,000 Scanned Driver’s Licenses Exposed on Unsecured Amazon Server

A data leak containing 54,000 scanned New South Wales (NSW) driver’s licenses and various tolling notice statutory declarations were discovered by security researcher Bob Diachenko last week. “More than 50K scanned driver licenses (front+back) and toll notices exposed in a misconfigured S3 bucket. Most likely – part of NSW RMS infrastructure (Road and Maritime, New […]

The post Security Researcher Discovers Over 50,000 Scanned Driver’s Licenses Exposed on Unsecured Amazon Server appeared first on Security Boulevard.

Read More

The post Security Researcher Discovers Over 50,000 Scanned Driver’s Licenses Exposed on Unsecured Amazon Server first appeared on Malware Devil.

https://www.malwaredevil.com/2020/09/01/security-researcher-discovers-over-50000-scanned-drivers-licenses-exposed-on-unsecured-amazon-server/?utm_source=rss&utm_medium=rss&utm_campaign=security-researcher-discovers-over-50000-scanned-drivers-licenses-exposed-on-unsecured-amazon-server