Hostrisk

Breach Notification Report Reveals Some PII Could Have Been Exposed
The Republican Governors Association was one of several U.S. organizations targeted in March when a nation-state group took advantage of vulnerabilities in Microsoft Exchange email servers, according to a breach notification letter filed with Maine authorities. It appears some PII was exposed.

https://www.inforisktoday.co.uk/republican-governors-association-targeted-in-exchange-attacks-a-17554

Microsoft and RiskIQ researchers have identified several campaigns using the recently patched zero-day, reiterating a call for organizations to update affected systems.

https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174780/

While tensions or disagreements may be part of any work setting, identifying the warning signs and responding appropriately can prevent conflict from escalating into something more dangerous.

https://www.securitymagazine.com/articles/96104-anticipating-and-resolving-conflict-in-the-workplace

The Open Web Application Security Project (OWASP) has released a draft of its ranking of the top 10 vulnerabilities.

https://www.securitymagazine.com/articles/96111-owasp-updates-top-10-security-vulnerability-ranking

Jason Kees, former information security executive for Groupon, CBS and Oracle, brings extensive experience enhancing cybersecurity strategies to Ping Identity.

https://www.securitymagazine.com/articles/96109-jason-kees-named-chief-information-security-officer-at-ping-identity

The university introduced new security measures to decrease crime in off-campus neighborhoods. The crime rate has dropped 39% since the security plan took effect.

https://www.securitymagazine.com/articles/96112-crime-rate-drops-at-ohio-state-after-security-overhaul

Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches.

https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/

Pro-Kurd Facebook profiles deliver ‘888 RAT’ and ‘SpyNote’ trojans, masked as legitimate apps, to perform mobile espionage.

https://threatpost.com/bladehawk-attackers-kurds-android/169300/

The privacy-touting, end-to-end encrypted email provider erased its site’s “we don’t log your IP” boast after France sicced Swiss cops on it.

https://threatpost.com/protonmail-log-ip-address-french-activist/169242/

The FTC’s first spyware ban nixes a company whose “slipshod” security practices led to exposure of thousands of victims’ illegally collected personal data.

https://threatpost.com/spyfone-ban-stalkerware-surveillance/169165/

With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier’s U.S. network – all the way from Pakistan.

https://threatpost.com/att-phone-unlocking-malware/174787/

GnuPG (the GNU Privacy Guard or GPG) is GNU’s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

https://packetstormsecurity.com/files/164179/gnupg-2.2.31.tar.bz2

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

https://packetstormsecurity.com/files/164158/opendnssec-2.1.10.tar.gz

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

https://packetstormsecurity.com/files/164063/packetfence-11.0.0.tar.gz

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

https://packetstormsecurity.com/files/164061/samhain-4.4.6.tar.gz

Before attempting to build the right foundation for comprehensive application security risk reporting, consider eight questions.

https://www.securitymagazine.com/articles/96118-8-tough-questions-to-drive-the-right-appsec-reporting-solution-and-devsecops

Disaster recovery solutions make it easy for administrators to prevent data loss caused by failure events or ransomware, even when they cannot be on-site.

https://www.securitymagazine.com/articles/96117-protecting-business-from-ransomware-at-the-edge

Shadow IT and misconfigured application programming interface accounted for the vast majority of security incidents in the cloud last year, according to the 2021 IBM Security X-Force Cloud Threat Landscape Report.

https://www.securitymagazine.com/articles/96116-misconfigured-apis-make-up-two-thirds-of-cloud-breaches

Horn brings years of law enforcement experience to the role, having served as a patrol officer, field training officer, and detective, among other positions.

https://www.securitymagazine.com/articles/96120-jeffrey-horn-named-police-chief-at-merced-college

Many Files Crypto-Locked Before July 13 Unlockable via Free Bitdefender Decryptor
Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt at least some of their files for free, thanks to a decryptor released by security firm Bitdefender.

https://www.inforisktoday.co.uk/good-news-revil-ransomware-victims-get-free-decryptor-a-17560