Connect with us

Cyber Security

New Orleans declares state of emergency following ransomware attack

Published

on

New Orleans declared a state of emergency and shut down its computers after a cyber security event, the latest in a string of city and state governments to be attacked by hackers.

Suspicious activity was spotted around 5 a.m. Friday morning. By 8 a.m., there was an uptick in that activity, which included evidence of phishing attempts and ransomware, Kim LaGrue, the city’s head of IT said in a press conference. Once the city confirmed it was under attack, servers and computers were shut down.

While ransomware was detected there are no requests made to the city of New Orleans at this time, but that is very much a part of our investigation, New Orleans Mayor LaToya Cantrell said during a press conference.

Numerous local and state governments have been plagued by ransomware, a file-encrypting malware that demands money for the decryption key. Pensacola, Florida and Jackson County, Georgia are just a few examples of the near-constant stream of ransomeware attacks over the past year. Louisiana state government was attacked in November, prompting officials to deactivate government websites and other digital services and causing the governor to declare a state of emergency. It was the state’s second declaration related to a ransomware attack in less than six months.

Governments and local authorities are particularly vulnerable as they’re often underfunded and unresourced, and unable to protect their systems from some of the major threats.

New Orleans, it appears was somewhat prepared, which officials said was the result of training and its ability to operate without internet. The investigation is in its early stages, but for now it appears that city employees didn’t interact with or provide credentials or any information to possible attackers, according to officials.

“If there is a positive about being a city that has been touched by disasters and essentially been brought down to zero in the past, is that our plans and activity from a public safety perspective reflect the fact that we can operate with internet, without city networking,” said Collin Arnold, director of Homeland Security, adding that they’ve gone back to pen and paper for now.

Police, fire and EMS are prepared to work outside of the city’s internet network. Emergency communications are not affected by the cybersecurity incident, according to city officials. However, other services such as scheduling building inspections are being handled manually.

New Orleans’s Real-Time Crime Center does work off the city network, however the cameras throughout the city record independently, so right now all of those cameras are still recording regardless of connectivity to the city’s network, Arnold added. 

Federal, state and local officials are now involved in an investigation into the security incident.

Read more: https://techcrunch.com/2019/12/14/new-orleans-declares-state-of-emergency-following-ransomware-attack/

Cyber Security

Threat Actors are Abusing Argo Workflows to Target Kubernetes

Published

on

According to a warning from security vendor Intezer, threat actors are leveraging Argo Workflows to target Kubernetes deployments and deploy crypto-miners.

The Intezer team discovered a number of unprotected instances run by companies in the IT, finance, and logistics industries that allowed anyone to deploy workflows. Malicious actors have used the nodes to deploy crypto-miners in some circumstances.

Argo Workflows is an open-source, Kubernetes-based workflow engine that allows customers to perform parallel operations from a single interface, minimising deployment complexity and reducing the risk of failures.

Argo works using YAML files to define the type of work to be done, with workflows being run either from a template or directly from the Argo console.

Threat actors might access an open Argo dashboard and deploy their workflow on the misconfigured servers, according to Intezer. The adversary used kannix/monero-miner, a known crypto-currency mining container that has been removed from Docker Hub, in one of the reported attacks.

Threat actors are abusing the container, which uses XMRig to mine for Monero and can be easily adjusted by simply altering the address of the crypto-wallet where the mined virtual coin should be deposited, to execute crypto-jacking activities.

Users can simply access the Argo Workflows dashboard from outside the corporate network, using an incognito browser, and without authentication, to see if their instances have been correctly configured.

“Another alternative is to query your instance’s API and look at the status code. Request information from [your.instance:port]/api/v1/info using HTTP GET. While an unauthenticated user, a returned HTTP status code of “401 Unauthorized” indicates a correctly configured instance, whereas a successful status code of “200 Success” could indicate that an unauthorised user is able to access the instance, according to Intezer.

Users should also verify their Argo instances for any strange behaviour and make sure that no workflows have been running for an extended period of time, since this could suggest the deployment of a crypto-miner in the cluster.


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/threat-actors-are-abusing-argo-workflows-to-target-kubernetes/

Continue Reading

Cyber Security

What Programming Language Should I Learn for CyberSecurity?

Published

on

What Programming Language Should I Learn for CyberSecurity?- There are approximately 250 popular computer programming languages in use today, with as many as 700 in use worldwide. That number drops to roughly 10-15 in cyberspace. Here are the top twelve programming languages for cyber security that you should learn before embarking on a new cyber job.

Table of Contents

The Best Programming Languages for Cybersecurity

Python

Python has been a dominating language in cyber security for numerous years. Because it’s a server-side scripting language, the final script doesn’t need to be compiled by programmers. It’s a general-purpose phrase that’s employed in a lot of cyber security situations, if not all of them.

Python allows you to automate processes and do malware analysis. Furthermore, a large third-party library of scripts is readily available, implying that assistance is just a click away. Some of the features that make it popular are code readability, straightforward and simple syntax, and a large variety of libraries.

Python is a crucial programming language for cyber security specialists since it can be used to identify malware, do penetration testing, scan for dangers, and analyse them. Being a SOC support expert makes a lot of sense if you know Python.

To safeguard web pages from security risks, you’ll need to create tools and scripts in this role. You can also use data, logs, and artefacts to investigate the source of the problems.

As a side aside, the graph above depicts the relative popularity of a language based on the number of GitHub pulls that language receives each year. This and the following charts are based on data from GitHut 2.0, which was generated by littleark.

Golang

Most malware is designed to enter target systems undetected, which makes Golang ideal for this.

A single source code can be written in Golang for all major operating systems.

The virus written in GoLang is quite huge. Because big files cannot be analysed by most antivirus software, this allows them to enter systems undetected.

This language also comes with a large set of libraries that make creating malware a breeze.

For security pros, Go has gained a lot of traction. Because of its application in server and cloud services, flexibility and ease of use, and data analysis capabilities, it’s an excellent choice for cyber programmers.

JavaScript

JavaScript is the most widely used programming language, with 95 percent of all websites using it.

It’s one of the most powerful programming languages for cyber security.

If you want to grab cookies, abuse event handlers, and perform cross-site scripting, JavaScript is the way to go.

JavaScript libraries include NodeJS, ReactJS, and jQuery.

This also indicates that, because to the language’s broad use, applications and systems that use it are prime targets.

JavaScript allows programmers to utilise any code while consumers are on a website, enhancing the usefulness of that site. On the other hand, it could provide dangerous functionality that the visitor is unaware of. Malicious coding could be used to start a programme if the website is hacked.

If you know JavaScript, you can make any website secure enough to prevent or even eliminate Cross-Site Scripting (XSS) assaults.

Front-end developers, full-stack developers, back-end developers, and others use JavaScript. It is both the most adaptable and the most widely spoken language on the planet.

C

Because cyber security experts can dismantle malware to investigate its design, propagation, and repercussions using C language in reverse engineering, it makes it easier to develop antivirus solutions.

For developers who QA code integrity, the C programming language is also necessary.

Before launching an attack, cyber adversaries may utilise the language to detect exploitable holes in the network.

Because it is a low-level programming language with basic syntax, it can be learned in a few months. When writing a programme, programmers go above and above to ensure that it is bug-free. Hackers, on the other hand, can utilise it to uncover flaws.

Lint is a code analysis tool for programmes written in the C programming language. Since its inception, other variations have arisen. Lint can be used by both cyber security specialists and hackers to uncover programming faults and defects that compromise computer network security.

C++

C++ is based on the C programming language, however it has a few differences.

C++, unlike C, supports objects and classes.

C++ is a quicker and more efficient programming language than C.

Despite its utility, it is used by less than 0.1 percent of all websites.

A C++ developer creates desktop and mobile apps, whereas coding experts find and fix problems and vulnerabilities.

Cyber security experts benefit from studying C++ since it allows them to quickly identify vulnerabilities and security flaws. Cyber professionals may quickly identify security issues in code using a scanning tool like Flawfinder, which searches C++. Using an integrated database that covers the language function’s probable hazards, these tools describe current vulnerabilities, their severity, and their effects on an application.

SQL

The SQL (Structured Query Language) programming language is a domain-specific language. It’s a common tool for parsing data in huge databases. SQL is the most used database management programming language as businesses become more data-driven.

Most websites, such as Relational Database Administration System, employ SQL for data management (RDBS).

It works with a variety of database systems.

As a result, it is widely regarded as the most user-friendly language for database management.

SQL queries are written by database administrators, programmers, and end users to retrieve, insert, modify, and delete data from database tables. This language is frequently used by attackers to steal confidential information, compromise data repositories, and carry out a variety of web-based attacks.

If you wish to understand the attacker’s activities and avoid SQL injection and other database-related assaults, you’ll need at least a rudimentary understanding of SQL.

Assembly

Any low-level language that aids in the analysis and understanding of malware is known as an assembly language.

Understanding assembly is simple, especially if you are already familiar with a high-level programming language.

Slammer, a trojan based on assembly, caused havoc and hindered web traffic in 2003 by inflicting service neglect on a large number of webmasters. The malware took advantage of a protection overflow flaw in Microsoft’s SQL server. Although the issue did not occur suddenly — several months before a patch was provided – several businesses failed to apply it, allowing the flaw to spread.

Assembly is an important programming language because it can be used by cyber security specialists to decipher malware and understand how it works. Cyber security workers are always defending against conventional and modern malware, therefore it’s critical to understand how malware works.

PowerShell

PowerShell is a more versatile command-line interface that combines the advantages of the traditional Command Prompt (CMD) with a powerful scripting environment that may be used to gain access to a machine’s inner core, including access to Windows APIs.

PowerShell is a useful tool for administrators to automate tedious processes, but its capabilities have unfortunately been exploited by malevolent actors.

Hackers can now use PowerShell to obtain sensitive domain information and load malicious executables instead of relying on traditional malware (also known as fileless malware).

Many attackers favour PowerShell since it is installed by default on all PCs from Windows 7 to Windows Server 2019.

Ruby

Ruby is a high-level programming language established and developed in Japan by Yukihiro Matsumoto. It has since grown in popularity to become one of the most widely used programming languages on the planet.

The syntax of Ruby is nearly identical to that of Perl and Python.

It was written in the C programming language.

It is popular among developers because of its ease of use and natural capacity to manage large code projects.

Airbnb, Hulu, Kickstarter, and Github are just a few of the sites that employ Ruby.

Ruby is a programming language that manages a lot of a machine’s complex information, making it easier to write programmes and using less code.

Java

Many important operating systems, such as Solaris, Linux, macOS, and Microsoft Windows, were designed using Java as one of the earliest languages. It is widely used in various industries because it powers both new and legacy web servers.

The Java programming language has numerous applications in the field of information security.

For example, cyber adversaries utilise it to reverse-engineer proprietary software programmes in order to find and exploit security flaws.

Penetration testers frequently use Java to organise the high-scaling servers that they utilise to deliver payloads.

Pen testing is an important part of a cyber security specialist’s job, and knowing Java makes it easier.

Java programming is used by experienced ethical hackers to construct and develop sophisticated, ethical programmes.

Java is popular among cyber specialists because it is more dynamic than languages like C++.

Ethical hackers can use Java to construct vulnerability testing applications that can run on a variety of systems.

PHP

PHP is a computer language that is used to create webpages on the server side. PHP is the most powerful server-side language available, with 80 percent of the top 10 million domains using it. For this reason alone, it is self-evident that knowing PHP will assist you in defending against attackers.

RIPS is a common tool for automated security analysis in PHP applications.

RIPS investigates data flow from input parameters to important operations in an application.

If you’re a PHP developer dealing with security flaws, RIPS could be useful.

You can write server-side web application logic as a PHP security developer.

PHP can be used to manage back-end resources and data sharing between servers and their customers.

You can also utilise your PHP skills to find and fix any flaws in your code.

It’s also worth noting that PHP is a server-side language that works with HTML and aids the proper functioning of websites. Web designers use PHP to connect databases to web pages to make website upgrades easier.

Shell scripting

Shell scripting combines numerous commands that you may already be familiar with through your operating system’s terminal sessions to allow developers to create automated scripts for a variety of tasks.

Do you need to set up accounts rapidly and provide enough access? Are you looking for a quick way to automate a system configuration security lockdown? Shell scripting is useful in this situation.

If you’re using Linux or macOS, you’ll want to learn certain Linux scripting languages like Bash. Immerse yourself in PowerShell if you’re a Windows expert.

What’s the First Cyber Security Language I Should Learn?

Python is a good place to start. The syntax is simple, and there are numerous libraries available to make your coding life easier.

Python is used in cyber security to do several tasks such as malware scanning and analysis. Python is also a good starting point for more advanced programming languages. It has a high level of web readability and is utilised by some of the world’s most well-known digital companies, including as Google, Reddit, and NASA. After you’ve mastered Python, you can progress to higher-level programming languages.


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/what-programming-language-should-i-learn-for-cybersecurity/

Continue Reading

Crowdfunding

[Stellar Cyber in Help Net Security] Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks

Published

on

Stellar Cyber introduced a realistic XDR Kill Chain to serve as a new model, addressing the current realities of cyberattacks and focus efforts to stop an attack early and quickly. The new version builds on the MITRE ATT&CK framework to reflect the iterative approach of attackers and the likelihood of attacking any point or multiple points of an organization’s attack surface.

Read more here

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://blog.ourcrowd.com/stellar-cyber-xdr-kill-chain-allows-security-analyst-teams-to-disrupt-cyberattacks/

Continue Reading

Cyber Security

Software Update Triggered a Glitch at Network Specialty Firm Akamai

Published

on

A software update at network speciality provider Akamai caused a glitch on Thursday, knocking websites offline for a short time.

Reports of internet outages from around the world exploded on the website Downdetector, with Akamai, based in the United States, claiming that some websites were down for up to an hour.

“A flaw in the DNS (domain name system) system, which leads browsers to websites, was caused by a software configuration update,” Akamai noted in a blog post. “As a result, the availability of several client websites was impacted.”

According to Akamai, who apologised for the inconvenience, rolling back the software update fixed the problem.

The outage, which impacted banks, airlines, and other online services, occurred just weeks after Akamai was blamed for a massive online outage that impacted bank and airline websites on both sides of the Pacific.

Around 500 of Akamai’s clients were briefly taken offline due to a fault with one of its online security solutions at the time.

The occurrences highlight the importance of online platforms’ reliability, as well as the critical role that a few little-known “CDN” (content delivery network) providers play in keeping the web up and running.

After a malfunction with cloud computing services provider Fastly in June, US media and government websites, including the White House, New York Times, Reddit, and Amazon, were temporarily down.

Fastly is a service that reduces the time it takes for a webpage to load.


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/software-update-triggered-a-glitch-at-network-specialty-firm-akamai/

Continue Reading
CNBC2 hours ago

NASA’s Ingenuity helicopter has flown a total of one mile on Mars

Aviation2 hours ago

Legendary F-14 Pilot Dale ‘Snort’ Snodgrass Dies In A Tragic Plane Crash

Cleantech2 hours ago

The Great Toyota Zero-Emissions Summer Olympics Debacle

SPAC Insiders3 hours ago

SPAC IPO Terms Tracker: More of the Same

Esports3 hours ago

Amazon Games’ New World is ‘Bricking’ Some NVIDIA GeForce RTX 3090 Graphics Cards

Gaming3 hours ago

Rainbow Six Siege Director Doesn’t Think a Sequel is Necessary

Cleantech3 hours ago

Solving Electric Pickup Trucks’ Achilles Heel: Towing & Range

Esports3 hours ago

Where to Construct a Wooden Hatchery in Fortnite

Esports3 hours ago

Where to Find Rivercress Stem in New World

Gaming3 hours ago

Windows 11 for Gaming – What Does It Mean For The Players?

Gaming3 hours ago

“Microsoft Actually Cares About the Indie Market” – Replaced Developer

Crowdfunding3 hours ago

European P2P Lender Bondora Reports that Originations Keep Rising for 6th Straight Month

Esports3 hours ago

Sources: Sprout consider removing denis

Gaming4 hours ago

11 Biggest Game Worlds in PlayStation Exclusives

Esports4 hours ago

Fortnite Parenting Books Locations: Where to Find Books in Holly Hatchery or Retail Row

Esports4 hours ago

Fortnite Record Locations: Where to Find Records at Pleasant Park and Craggy Cliffs

Gaming4 hours ago

10 Reasons To Look Forward To Twelve Minutes

Cleantech4 hours ago

Mercedes Teases EQXX With 1000 Kilometers Of Range

Crowdfunding4 hours ago

Continuous Monitoring Gives Crypto Compliance Teams “Peace of Mind” According to Chainalsysis Report

CNBC4 hours ago

Steam Deck can limit frame rates to give you longer battery life

Crowdfunding4 hours ago

Switzerland based Proptech Firm Properti Continues Expanding Operations, Hires Umut Sentürk as COO

Esports4 hours ago

VALORANT player accidentally teleports above map

Cleantech4 hours ago

Powering Rural Economic Development with Renewables

Gaming4 hours ago

Microsoft Flight Simulator Pilatus Porter Gets New Videos; Heraklion Airport Released

Ecommerce5 hours ago

Data-driven iteration helped China’s Genki Forest become a $6B beverage giant in 5 years

Crowdfunding5 hours ago

Real Estate Report: Northern Ireland was Best-Performing UK Region, with Scotland, West Midlands Housing Prices Also Rising

CNBC5 hours ago

Motorola’s next Edge flagship phone might drop the curved display

Esports5 hours ago

PUBG Mobile Global Championship (PMGC) 2021 unveiled with $6 million prize pool

Gaming5 hours ago

Watch Sheryl & Ranka Perform in Macross Frontier Super Dimension 3d Live World Tour 2021 Music Video

Big Data5 hours ago

Car Price Prediction – Machine Learning vs Deep Learning

Trending