Malware Devil

Monday, October 19, 2020

NSS Labs Shuttered

Register for Dark Reading Newsletters

Subscribe to Newsletters

White Papers

Video

Cartoon

Current Issue

imageSpecial Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
image

Flash Poll

How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
image

Twitter Feed

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-15256
PUBLISHED: 2020-10-19

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is used), which has to be explicitly enabled by creating a new instance of `object-path` and settin…

CVE-2020-15261
PUBLISHED: 2020-10-19

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don’t have administr…

CVE-2020-6084
PUBLISHED: 2020-10-19

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic…

CVE-2020-6085
PUBLISHED: 2020-10-19

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic…

CVE-2020-10746
PUBLISHED: 2020-10-19

A flaw was found in Infinispan version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server.

The post NSS Labs Shuttered appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/nss-labs-shuttered/?utm_source=rss&utm_medium=rss&utm_campaign=nss-labs-shuttered

Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns

US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks.

Six members of the pervasive yet elusive Russian military hacking operation behind some of the most destructive targeted cyberattacks in the world — the Ukraine power grid in 2015 and 2016, NotPetya, and the 2018 Winter Olympics — have been indicted by the US Department of Justice for these and other cybercrimes.

DoJ and FBI officials today unsealed an Oct. 15 indictment that names and charges officers in Russia’s Unit 74455 of the Russian Main Intelligence Directorate (GRU) — aka Sandworm, APT28, VooDoo Bear — in seven counts of conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

The wide-ranging indictment details alleged cybercrimes between November 2015 to October 2019 conducted at the behest of the Russian government, including the December 2015 and December 2016 attacks on Ukraine’s power grid, finance, and treasury departments using BlackEnergy, Industroyer, and KillDisk malware; attacks on the French elections in 2017 with malware and data leaks; the infamous June 2017 NotPetya attack that destroyed data under the guise of ransomware, including $1 billion in losses for three US organizations; and hacks of the 2018 Winter Olympics, including the Olympic Destroyer malware.

The charges also encompass spear-phishing attacks in April 2018 against organizations investigating the poisoning of Sergei Skripal and his daughter in the UK, and targeted attacks on a media company and government agencies in the nation of Georgia.

“As this case shows, no country has weaponized its cyber capabilities as maliciously and irresponsibly as Russia, wantonly causing unprecedented collateral damage to pursue small tactical advantages and fits of spite,” said Assistant Attorney General for National Security John Demers today in a DoJ press conference announcing the indictment.

The indictment names Yuriy Sergeyevich Andrienko, 32; Sergey Vladimirovich Detistov, 35; Pavel Valeryevich Frolov, 28; Anatoliy Sergeyevich Kovalev, 29; Artem Valeryevich Ochichenko, 27; and Petr Nikolayevich Pliskin, 32.

This isn’t the first time the GRU has been in the DoJ crosshairs: In October 2018, the DoJ indicted several members of its Military Unit 26165 for hacking and disinformation efforts against anti-doping and other efforts. Kovalev was named in that indictment for allegedly breaking into US state voter elections databases during the 2016 elections.

And according to the indictment, Kovalev allegedly was targeting Russian organizations as well, specifically real estate companies, auto dealers, and cryptocurrency vendors in his country. While the Russian government often looks the other way when cybercriminals it hires attack other nations’ interests, the country has been known to take legal action against hackers that attack Russian interests. It’s unclear whether Kovalev’s moonlighting was known to the GRU.

The Sandworm defendants are part of one of the most active and prolific nation-state hacking groups around. “They’ve got a rap sheet that includes many of the top 10 hits” of cyberattacks, says John Hultquist, senior director of analysis for Mandiant Threat Intelligence at FireEye. “What separates these guys from some other actors is they are carrying out these attacks beyond the pale: It’s not classic espionage. It’s disruption of systems.”

Hultquist points out that while US election-hacking isn’t part of the latest indictment, Sandworm ran the leak operation during the 2016 election-meddling efforts by Russia, and hacked into election infrastructure. “They should absolutely be on our radar for the upcoming elections,” he says.

Matt Olney, director of threat intelligence and interdiction at Cisco Talos, which assisted in the DoJ investigation that led to the indictments, says Sandworm is notoriously “quiet” and difficult to spot. “These guys operate very quietly for the most part. When you see them, I would argue that they choose for you to see them,” he says, like with their infamous destructive attacks detailed in the indictment.

The indictment isn’t likely to curb any cyber operations that Russia has launched against this US election, Hultquist notes. “If they’re doing anything election-wise, unfortunately, it’s probably already in the works,” and it’s likely Sandworm that would leak any pilfered information, he says.

“Greatest” Hits
Just before Christmas in 2015, the Sandworm attackers allegedly hacked into networks of three energy distribution companies in Ukraine and shut off electricity for some 225,000 Ukrainian customers. They kicked it up a notch one year later in December 2016, unleashing malware known as Industroyer that wiped out files on an electric company’s systems and knocked out power in Kiev for about an hour.

On June 27, 2017, the attackers allegedly dropped the NotPetya malware via a popular accounting program used in Ukraine, called M.E.Doc, by commandeering the update mechanism of the software and uploading their malware to users of the software. Disguised as ransomware, the malware was actually a wiper that destroyed the data on the infected machines. Among the US-based victims were Heritage Valley Health System in Pennsylvania; TNT Express B.V., a FedEx subsidiary; and a major pharmaceutical company, reportedly Merck, which in total suffered some $1 billion in losses from the attack.

Afterward, the suspects allegedly celebrated the attack, according to the indictment.

Sandworm launched a long-tail spear-phishing campaign from December 2017 to February 2018 in the runup to the 2018 Winter Olympics after Russian athletes were banned from the games because of doping violations. The attacks targeted South Korean citizens, officials, Olympic athletes, and International Olympic Committee officials, and culminated with the so-called Olympic Destroyer attacks on the Winter Games computers, a combination of distributed denial-of-service attacks and data-wiping attacks that disabled the Olympics IT systems, shutting down Wi-Fi, monitors, and the Olympics website such that ticket purchasers were unable to print their tickets. The destructive worm also hit several ski resorts near the Olympics, where it disabled gates and lifts.

The attackers took a new tack: creating a convincing forgery of malware associated with the North Korean nation-state Lazarus Group, fooling several experts who initially pinned the blame for the attacks on the DPRK.

What’s Next
While it’s unlikely the defendants will step foot on US soil or that of US-friendly countries, the hacking charges against the six GRU officers carry some hefty prison sentences, anywhere from five to 27 years for some of the charges. Even so, the indictments do put pressure on the defendants. “They are very young and these indictments reduce their opportunities in the future. It may [also] affect the GRU’s ability to recruit,” Hultquist says.

And something has to give, Cisco’s Olney notes. “Certain activities and actions and targets are just not acceptable from a nation-state. The first path of holding parties responsible by identifying their poor behavior has to be taken,” he says, such as indictments. “It’s up to the international community to see where we go from here.”

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise … View Full Bio

Recommended Reading:

Comment |

Email This |

Print |

RSS

More Insights

Webcasts
More Webcasts

The post Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/russian-military-officers-unmasked-indicted-for-high-profile-cyberattack-campaigns-2/?utm_source=rss&utm_medium=rss&utm_campaign=russian-military-officers-unmasked-indicted-for-high-profile-cyberattack-campaigns-2

Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns

US Department of Justice charges members of Sandworm/APT28 for BlackEnergy, NotPetya, Olympic Destroyer, and other major attacks.

Six members of the pervasive yet elusive Russian military hacking operation behind some of the most destructive targeted cyberattacks in the world — the Ukraine power grid in 2015 and 2016, NotPetya, and the 2018 Winter Olympics — have been indicted by the US Department of Justice for these and other cybercrimes.

DoJ and FBI officials today unsealed an Oct. 15 indictment that names and charges officers in Russia’s Unit 74455 of the Russian Main Intelligence Directorate (GRU) — aka Sandworm, APT28, VooDoo Bear — in seven counts of conspiracy, computer hacking, wire fraud, aggravated identity theft, and false registration of a domain name.

The wide-ranging indictment details alleged cybercrimes between November 2015 to October 2019 conducted at the behest of the Russian government, including the December 2015 and December 2016 attacks on Ukraine’s power grid, finance, and treasury departments using BlackEnergy, Industroyer, and KillDisk malware; attacks on the French elections in 2017 with malware and data leaks; the infamous June 2017 NotPetya attack that destroyed data under the guise of ransomware, including $1 billion in losses for three US organizations; and hacks of the 2018 Winter Olympics, including the Olympic Destroyer malware.

The charges also encompass spear-phishing attacks in April 2018 against organizations investigating the poisoning of Sergei Skripal and his daughter in the UK, and targeted attacks on a media company and government agencies in the nation of Georgia.

“As this case shows, no country has weaponized its cyber capabilities as maliciously and irresponsibly as Russia, wantonly causing unprecedented collateral damage to pursue small tactical advantages and fits of spite,” said Assistant Attorney General for National Security John Demers today in a DoJ press conference announcing the indictment.

The indictment names Yuriy Sergeyevich Andrienko, 32; Sergey Vladimirovich Detistov, 35; Pavel Valeryevich Frolov, 28; Anatoliy Sergeyevich Kovalev, 29; Artem Valeryevich Ochichenko, 27; and Petr Nikolayevich Pliskin, 32.

This isn’t the first time the GRU has been in the DoJ crosshairs: In October 2018, the DoJ indicted several members of its Military Unit 26165 for hacking and disinformation efforts against anti-doping and other efforts. Kovalev was named in that indictment for allegedly breaking into US state voter elections databases during the 2016 elections.

And according to the indictment, Kovalev allegedly was targeting Russian organizations as well, specifically real estate companies, auto dealers, and cryptocurrency vendors in his country. While the Russian government often looks the other way when cybercriminals it hires attack other nations’ interests, the country has been known to take legal action against hackers that attack Russian interests. It’s unclear whether Kovalev’s moonlighting was known to the GRU.

The Sandworm defendants are part of one of the most active and prolific nation-state hacking groups around. “They’ve got a rap sheet that includes many of the top 10 hits” of cyberattacks, says John Hultquist, senior director of analysis for Mandiant Threat Intelligence at FireEye. “What separates these guys from some other actors is they are carrying out these attacks beyond the pale: It’s not classic espionage. It’s disruption of systems.”

Hultquist points out that while US election-hacking isn’t part of the latest indictment, Sandworm ran the leak operation during the 2016 election-meddling efforts by Russia, and hacked into election infrastructure. “They should absolutely be on our radar for the upcoming elections,” he says.

Matt Olney, director of threat intelligence and interdiction at Cisco Talos, which assisted in the DoJ investigation that led to the indictments, says Sandworm is notoriously “quiet” and difficult to spot. “These guys operate very quietly for the most part. When you see them, I would argue that they choose for you to see them,” he says, like with their infamous destructive attacks detailed in the indictment.

The indictment isn’t likely to curb any cyber operations that Russia has launched against this US election, Hultquist notes. “If they’re doing anything election-wise, unfortunately, it’s probably already in the works,” and it’s likely Sandworm that would leak any pilfered information, he says.

“Greatest” Hits
Just before Christmas in 2015, the Sandworm attackers allegedly hacked into networks of three energy distribution companies in Ukraine and shut off electricity for some 225,000 Ukrainian customers. They kicked it up a notch one year later in December 2016, unleashing malware known as Industroyer that wiped out files on an electric company’s systems and knocked out power in Kiev for about an hour.

On June 27, 2017, the attackers allegedly dropped the NotPetya malware via a popular accounting program used in Ukraine, called M.E.Doc, by commandeering the update mechanism of the software and uploading their malware to users of the software. Disguised as ransomware, the malware was actually a wiper that destroyed the data on the infected machines. Among the US-based victims were Heritage Valley Health System in Pennsylvania; TNT Express B.V., a FedEx subsidiary; and a major pharmaceutical company, reportedly Merck, which in total suffered some $1 billion in losses from the attack.

Afterward, the suspects allegedly celebrated the attack, according to the indictment.

Sandworm launched a long-tail spear-phishing campaign from December 2017 to February 2018 in the runup to the 2018 Winter Olympics after Russian athletes were banned from the games because of doping violations. The attacks targeted South Korean citizens, officials, Olympic athletes, and International Olympic Committee officials, and culminated with the so-called Olympic Destroyer attacks on the Winter Games computers, a combination of distributed denial-of-service attacks and data-wiping attacks that disabled the Olympics IT systems, shutting down Wi-Fi, monitors, and the Olympics website such that ticket purchasers were unable to print their tickets. The destructive worm also hit several ski resorts near the Olympics, where it disabled gates and lifts.

The attackers took a new tack: creating a convincing forgery of malware associated with the North Korean nation-state Lazarus Group, fooling several experts who initially pinned the blame for the attacks on the DPRK.

What’s Next
While it’s unlikely the defendants will step foot on US soil or that of US-friendly countries, the hacking charges against the six GRU officers carry some hefty prison sentences, anywhere from five to 27 years for some of the charges. Even so, the indictments do put pressure on the defendants. “They are very young and these indictments reduce their opportunities in the future. It may [also] affect the GRU’s ability to recruit,” Hultquist says.

And something has to give, Cisco’s Olney notes. “Certain activities and actions and targets are just not acceptable from a nation-state. The first path of holding parties responsible by identifying their poor behavior has to be taken,” he says, such as indictments. “It’s up to the international community to see where we go from here.”

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise … View Full Bio

Recommended Reading:

Comment |

Email This |

Print |

RSS

More Insights

The post Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/russian-military-officers-unmasked-indicted-for-high-profile-cyberattack-campaigns/?utm_source=rss&utm_medium=rss&utm_campaign=russian-military-officers-unmasked-indicted-for-high-profile-cyberattack-campaigns

GravityRAT Spyware Targets Android & MacOS in India

Register for Dark Reading Newsletters

Subscribe to Newsletters

White Papers

Video

Cartoon

Current Issue

imageSpecial Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
image

Flash Poll

How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
image

Twitter Feed

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-15256
PUBLISHED: 2020-10-19

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is used), which has to be explicitly enabled by creating a new instance of `object-path` and settin…

CVE-2020-15261
PUBLISHED: 2020-10-19

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don’t have administr…

CVE-2020-6084
PUBLISHED: 2020-10-19

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic…

CVE-2020-6085
PUBLISHED: 2020-10-19

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic…

CVE-2020-10746
PUBLISHED: 2020-10-19

A flaw was found in Infinispan version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server.

The post GravityRAT Spyware Targets Android & MacOS in India appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/gravityrat-spyware-targets-android-macos-in-india-2/?utm_source=rss&utm_medium=rss&utm_campaign=gravityrat-spyware-targets-android-macos-in-india-2

IoT Vulnerability Disclosure Platform Launched

Register for Dark Reading Newsletters

Subscribe to Newsletters

White Papers

Video

Cartoon

Current Issue

imageSpecial Report: Computing’s New NormalThis special report examines how IT security organizations have adapted to the “new normal” of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
image

Flash Poll

How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world — and enterprise computing — on end. Here’s a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
image

Twitter Feed

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2020-15256
PUBLISHED: 2020-10-19

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is used), which has to be explicitly enabled by creating a new instance of `object-path` and settin…

CVE-2020-15261
PUBLISHED: 2020-10-19

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don’t have administr…

CVE-2020-6084
PUBLISHED: 2020-10-19

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic…

CVE-2020-6085
PUBLISHED: 2020-10-19

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic…

CVE-2020-10746
PUBLISHED: 2020-10-19

A flaw was found in Infinispan version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server.

The post IoT Vulnerability Disclosure Platform Launched appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/iot-vulnerability-disclosure-platform-launched-2/?utm_source=rss&utm_medium=rss&utm_campaign=iot-vulnerability-disclosure-platform-launched-2

Beyond good ol’ Run key, Part 130

Yet another short one, courtesy of @tiraniddo who pointed me to this Microsoft article describing SERVICE_FAILURE_ACTIONSW structure. In essence, you use it to tell service controller what to do when your service breaks. I have seen this technique abused by malware over 10 years ago, but completely forgot about it.

James not only provided the link, but also suggested that you could register a service which you’ll know crashes if you get it bad input on command line but what you really want is it to fail so that it runs the backup command. And you can delay the command for a long time to disconnect between the failure and the command execution.

Thanks James!

Read More

The post Beyond good ol’ Run key, Part 130 appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/beyond-good-ol-run-key-part-130/?utm_source=rss&utm_medium=rss&utm_campaign=beyond-good-ol-run-key-part-130

Security Money – BSW #192

This week we update you on the Security Weekly 25 Index… Here’s the companies we’re tracking:

Symbol Company Name
SCWX Secureworks Corp
PANW Palo Alto Networks Inc
CHKP Check Point Software Technologies Ltd.
SPLK Splunk Inc
NLOK NortonLifeLock Inc
FTNT Fortinet Inc
AKAM Akamai Technologies, Inc.
FFIV F5 Networks, Inc.
ZS Zscaler Inc
PFPT Proofpoint Inc
FEYE FireEye Inc
QLYS Qualys Inc
VRNT Verint Systems Inc.
CYBR Cyberark Software Ltd
TENB Tenable Holdings Inc
SAIL Sailpoint Technologies Holdings Inc
MIME Mimecast Ltd
NET Cloudflare Inc
CRWD Crowdstrike Holdings Inc
NTCT NetScout Systems, Inc.
VRNS Varonis Systems Inc
RPD Rapid7 Inc
SUMO Sumo Logic Inc
RDWR Radware Ltd.
PING Ping Identity Holding Corp
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw192

The post Security Money – BSW #192 appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/security-money-bsw-192-2/?utm_source=rss&utm_medium=rss&utm_campaign=security-money-bsw-192-2

Security Money – BSW #192

This week we update you on the Security Weekly 25 Index… Here’s the companies we’re tracking:

Symbol Company Name
SCWX Secureworks Corp
PANW Palo Alto Networks Inc
CHKP Check Point Software Technologies Ltd.
SPLK Splunk Inc
NLOK NortonLifeLock Inc
FTNT Fortinet Inc
AKAM Akamai Technologies, Inc.
FFIV F5 Networks, Inc.
ZS Zscaler Inc
PFPT Proofpoint Inc
FEYE FireEye Inc
QLYS Qualys Inc
VRNT Verint Systems Inc.
CYBR Cyberark Software Ltd
TENB Tenable Holdings Inc
SAIL Sailpoint Technologies Holdings Inc
MIME Mimecast Ltd
NET Cloudflare Inc
CRWD Crowdstrike Holdings Inc
NTCT NetScout Systems, Inc.
VRNS Varonis Systems Inc
RPD Rapid7 Inc
SUMO Sumo Logic Inc
RDWR Radware Ltd.
PING Ping Identity Holding Corp
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Show Notes: https://securityweekly.com/bsw192

The post Security Money – BSW #192 appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/security-money-bsw-192/?utm_source=rss&utm_medium=rss&utm_campaign=security-money-bsw-192

Children, smartphones and the surveillance economy

For many children, smartphones are a gateway to greater independence and a more fulfilling social life. But smartphones can also open up a child’s life to the intrusive tracking, profiling and targeting that are table stakes for life in our digital world, potentially in ways that go beyond just advertising. Here, I’ll explore how smartphones are used by companies to legally surveil minors and what can be done to help children stay protected from the excesses of the surveillance economy.

The post Children, smartphones and the surveillance economy appeared first on Security Boulevard.

Read More

The post Children, smartphones and the surveillance economy appeared first on Malware Devil.



https://malwaredevil.com/2020/10/19/children-smartphones-and-the-surveillance-economy/?utm_source=rss&utm_medium=rss&utm_campaign=children-smartphones-and-the-surveillance-economy

Barbary Pirates and Russian Cybercrime

In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...