Connect with us

Cyber Security

Worldwide Endpoint Security Software Market Shares Report Reveals CrowdStrike is Shaping the Endpoint Market

Avatar

Published

on

[ This article was originally published here ]

SUNNYVALE, Calif.–(BUSINESS WIRE)–CrowdStrike® Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint protection, today announced that it was identified as the fastest-growing endpoint security software vendor not only shaping the endpoint market but nearly doubling its market share within the IDC Worldwide Endpoint Security Software Market Shares, 2019: Vendors’ Pivot from Products to Platforms Accelerating (Doc # US46610420, June 2020) report. Highlighted in the report, CrowdStrike demon

Avatar

Source: https://www.cybersecurity-insiders.com/worldwide-endpoint-security-software-market-shares-report-reveals-crowdstrike-is-shaping-the-endpoint-market/

Cyber Security

Bitglass Security Spotlight: Over 200k Instacart Users’ Data Is Being Sold on Dark Web

Avatar

Published

on

[ This article was originally published here ]

Here are the top stories of recent weeks:

  • Instacart Customer Data for Sale on Dark Web
  • 17 Million users exposed on SaaS platform
  • First American Financial Corp. Charged Over 2019 Breach
  • COVID-19 Research Data Hacked by Chinese Contractors
  • University of York, the Latest Victim of a Data Breach

Avatar

Source: https://www.cybersecurity-insiders.com/bitglass-security-spotlight-over-200k-instacart-users-data-is-being-sold-on-dark-web/?utm_source=rss&utm_medium=rss&utm_campaign=bitglass-security-spotlight-over-200k-instacart-users-data-is-being-sold-on-dark-web

Continue Reading

Cyber Security

Reddit Attack Defaces Dozens of Channels

Avatar

Published

on

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2020-15058
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

CVE-2020-15059
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

CVE-2020-15060
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

CVE-2020-15061
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.

CVE-2020-15062
PUBLISHED: 2020-08-07

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

Source: https://www.darkreading.com/attacks-breaches/reddit-attack-defaces-dozens-of-channels/d/d-id/1338614?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Continue Reading

Cyber Security

Researcher Finds New Office Macro Attacks for MacOS

Avatar

Published

on

Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.

Microsoft Office is no stranger to vulnerabilities and exploits. Most of those vulnerabilities led from Microsoft Office to Microsoft Windows, but it’s possible for an attacker to take an exploit path from Microsoft Office to macOS — a path that Patrick Wardle, principal security researcher at Jamf, discussed in his presentation on Wednesday at Black Hat USA.

Wardle began by pointing out that macros — executable code inserted into documents — have been exploited as attack vectors since at least 1999. In the last three or four years, Wardle said, more of these exploits have been aimed at macOS targets as Macs have become more attractive targets because of their increased use in business environments.

The Human Side
In most of the macro-based attacks, human intervention on the part of the victim is required at least once, and usually twice, Wardle said. First, the victim must click on an email attachment or malicious link in order to download and open the infected document. Next, in most cases macros will not run on a system by default — they must be given explicit permission to run by the user.

Most macro-based attacks have two stages, Wardle explained. In the first — the stage given explicit permission to run by the victim — code executes that checks the system status, checks for the presence of anti-malware software, and then downloads the second stage. It’s the second stage payload that contains the “working” code of the attack, whether it’s skimming credentials, creating a bot, or encrypting the system’s data as part of a ransomware scheme.

Out of the (Sand)box
Modern malware writers have an additional hurdle to overcome. Microsoft Office now executes all macros in a “sandbox,” a walled-off environment within the operating system that prevents code from gaining persistence or interacting with the system as a whole. The goal for malware writers is breaking out of the sandbox.

Wardle said that researchers Pieter Ceelen and Stan Hegt found ways to include SYLK files and XLM code that make macros execute whether or not they’re invoked or allowed. They still run within the sandbox. Wardle showed that it’s possible to create files through a macro — files that can be placed outside the macro and can be built to auto execute on system boot. That combination is the key to persistence, one of the golden tickets that attackers pursue in any campaign.

What kind of files can fit the twin bill? Wardle found that a ZIP file, dropped into the proper subdirectory, will be invoked automatically. While the latest macOS endpoint security framework should detect such a file’s creation, Wardle said that there’s room for research here.

Asked by an audience member how he decides on which areas to pursue in his research, Wardle said that he looks at common vulnerabilities and exposures and their patches — especially patches that are very specific — and wonders whether there can be ways around them. Also, he said, he keeps abreast of research and finds that other researchers are a constant source of inspiration.

Related content

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and … View Full Bio

Recommended Reading:

More Insights

Source: https://www.darkreading.com/endpoint/researcher-finds-new-office-macro-attacks-for-macos/d/d-id/1338610?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Continue Reading
Covid1911 hours ago

Virginia Supreme Court Grants Temporary Moratorium on Evictions

Blockchain13 hours ago

Slow But Steady: FATF Review Highlights Crypto Exchanges’ Struggle to Meet AML Standards

Science14 hours ago

Première biopsie liquide à recevoir l’approbation de la FDA pour le profilage complet des tumeurs dans tous les cancers solides, le diagnostic compagnon Guardant360® de Guardant Health gagne en crédibilité auprès des oncologues en Asie, au Moyen-Orient et en Afrique.

Covid1915 hours ago

2 Out Of 3 Churchgoers: It’s Safe To Resume In-Person Worship

Blockchain16 hours ago

Title Token for Blockchain Estate Registry, Part 3

Blockchain19 hours ago

Eerily Accurate Analyst Thinks Bitcoin Could Hit $20,000 in the Next 3 Months

Blockchain19 hours ago

Ransomware Attacks Demanding Crypto Are Unfortunately Here to Stay

Science21 hours ago

Ever-Glory To Report Second Quarter 2020 Earnings on August 14, 2020

Cyber Security22 hours ago

Bitglass Security Spotlight: Over 200k Instacart Users’ Data Is Being Sold on Dark Web

Blockchain22 hours ago

Analysts Fear an Ethereum Drop to $300 As Price Becomes “Heavy”

Science24 hours ago

WeissLaw LLP Reminds GRUB and NBL Shareholders About Its Ongoing Investigations

Science24 hours ago

SHAREHOLDER ALERT: WeissLaw LLP Reminds OTEL and DCOM Shareholders About Its Ongoing Investigations

Science24 hours ago

SHAREHOLDER ALERT: WeissLaw LLP Reminds MXIM and TORC Shareholders About Its Ongoing Investigations

Science24 hours ago

WeissLaw LLP Reminds CNXM and ONDK Shareholders About Its Ongoing Investigations

Blockchain1 day ago

Major South Korean Bank Joins the Crypto Custody Business

Blockchain1 day ago

Bullish Bitcoin Price Trend Intact Even After BTC Retests $11.4K Support

Blockchain1 day ago

BitMEX Leaderboard Trader Fears Bitcoin Could See a Second “Flash Dump”

Blockchain1 day ago

Analyst: Bitcoin May “Teleport” to $13,000 if It Breaks Key Level

Blockchain1 day ago

Adam Back: Some ICOs Funded Useful Research Despite Being Unethical

Covid191 day ago

Gov. Cuomo Clears The Way For In-Person Learning At Schools In New York State

Blockchain1 day ago

An Official North Dakota Cryptocurrency Could Be on the Horizon

Blockchain1 day ago

Law Decoded: Tech as an Arena for International Conflict, July 31–August 7

Cyber Security1 day ago

Reddit Attack Defaces Dozens of Channels

Blockchain1 day ago

OneCoin Co-Founder Escapes 90-Year Jail Term Following Court Settlement

Blockchain1 day ago

Ethereum is Showing Early Signs of Weakness; Is the Top in?

Blockchain1 day ago

Monero’s Hashrate Experienced Its Largest Single Day Gains Ever

Blockchain1 day ago

Bitcoin Plunges Under Pivotal $11.5k Support: What Do Analysts Think Is Next?

Code1 day ago

7 tips for using Google Meet on a Chromebook

Blockchain1 day ago

Bitcoin is Facing “Serious” Bearish Divergences as Analysts Eye Downside

Cyber Security1 day ago

Researcher Finds New Office Macro Attacks for MacOS

AR/VR1 day ago

Step Into the Jungle With Tarzan VR’s new Mixed Reality Trailer

Code1 day ago

How to convert Ubuntu into a rolling release

Nano Technology1 day ago

When Dirac meets frustrated magnetism

Nano Technology1 day ago

Tiniest secrets of integrated circuits revealed with new imaging technique

Nano Technology1 day ago

Sustainable chemistry at the quantum level: University of Pittsburgh’s John Keith explores the sustainable potential of computational quantum chemistry

Cyber Security1 day ago

Secure remote access explained

Cyber Security1 day ago

BlueVoyant and TELMEX Scitum Announce Strategic Cybersecurity Alliance

Cyber Security1 day ago

SentinelOne Research Identifies IoT Vulnerabilities Enabling Remote Takeover and Network Intrusion

Cyber Security1 day ago

Balbix Brings BreachControl™ to Ingram Micro Cloud Marketplace

Code1 day ago

How to remotely connect to any PC or device using AnyDesk

Trending