Tag Archive for: configuration

Easy Configuration Fixes Can Protect Your Server from Attack

/in


ttps://securityintelligence.com/articles/easy-configuration-fixes-can-protect-your-server/”http://www.w3.org/TR/REC-html40/loose.dtd”>

In March 2023, data on more than 56,000 people — including Social Security numbers and other personal information — was stolen in the D.C. Health Benefit Exchange Authority breach. The online health insurance marketplace hack exposed the personal details of Congress members, their families, staff and tens of thousands of other Washington-area residents.

It appears the D.C. breach was due to “human error”, according to a recent report. Apparently, a computer server was misconfigured to allow access to data without proper authentication. Implementing authentication would have been something easy to accomplish. Instead, a door was left wide open for attackers to gain access.

Poorly configured web servers are all too common. In fact, a recent study from a firm that indexes internet-facing devices reported that over 8,000 servers hosting sensitive information are not properly configured.

Easy to Identify Data Exposure

A recent Censys report stated that “data exposures via misconfiguration remain a serious problem. We found over 8,000 servers on the internet hosting potentially sensitive information, including possible credentials, database backups and configuration files.” As per the report, these vulnerabilities were easy to identify, as they would be for even inexperienced threat actors.

Meanwhile, print management software developer PaperCut recently warned customers to update their software immediately. PaperCut makes printing management software utilized by companies, state entities and education. As per their website, PaperCut serves hundreds of millions of people from around the globe.

In a recent vulnerability bulletin, PaperCut said, “We have evidence to suggest that unpatched servers are being exploited in the wild.” Other reports of poorly managed Linux servers and poorly secured Interned-exposed Microsoft SQL (MS-SQL) servers have led to malware entry.

Other findings in the Censys report include:

  • Over 1,000 hosts with over 2,000 SQL database files were exposed with no authentication requirements on the HTTP services…

Source…

Week in review: Kali Linux 2021.3, how to avoid cloud configuration breaches, hybrid digital dexterity

/in


Here’s an overview of some of last week’s most interesting news, articles and interviews:

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)
Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in attacks in the wild.

Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more!
Offensive Security has released Kali Linux 2021.3, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it.

CVE-2021-40444 exploitation: Researchers find connections to previous attacks
The recent targeted attacks exploiting the (at the time) zero-day remote code execution vulnerability (CVE-2021-40444) in Windows via booby-trapped Office documents have been delivering custom Cobalt Strike payloads, Microsoft and Microsoft-owned RiskIQ have shared.

Microsoft announces passwordless authentication option for consumers
After offering the passwordless authentication option to enterprise customers in March 2021, Microsoft has now started rolling it out to its consumer segment of users.

Third-party cloud providers: Expanding the attack surface
In this interview with Help Net Security, Fred Kneip, CEO at CyberGRX, talks about the lack of visibility into third-party risk, how to address this issue, and what companies should consider when choosing the right cloud provider.

Only 30% of enterprises use cloud services with E2E encryption for external file sharing
A recent study of enterprise IT security decision makers conducted by Tresorit shows that majority of enterprises use additional encryption methods to boost the security of cloud collaboration and file transfer, however, tools with built-in end-to-end encryption are still less frequent despite the growing popularity of this privacy and security enhancing technology.

Mobile app creation: Why data privacy and compliance should be at the forefront
In today’s mobile app landscape, providing customers with the most tailored and personal experience possible is essential to edging out competitors….

Source…

Tripwire expands multi-cloud capabilities for Tripwire Configuration Manager

/in


Tripwire announced expanded multi-cloud capabilities for Tripwire Configuration Manager. Tripwire’s SaaS application now helps organizations effectively manage security across AWS (Amazon Web Services), Microsoft Azure and GCP (Google Cloud Platform), including greater data privacy management through storage configuration monitoring.

Tripwire Configuration Manager simplifies the monitoring, remediation, and automation of cloud account configurations for multi-cloud organizations through a single console.

Users can monitor and enforce secure configuration policies across a multi-cloud environment and determine where they stand against Center for Internet Security Foundations benchmarks.

Misconfigurations are a leading cause of data breaches and security incidents involving the cloud. Tripwire Configuration Manager helps ensure your cloud accounts are in a known and trusted state by enforcing security policies.

Its automated remediation feature will reset a configuration that is out of compliance to its previous state, ensuring user cloud accounts are configured correctly, and the services and workloads they host in the cloud are safe.

The updated service also enables storage monitoring and provides an in-depth view of storage configuration across multi-cloud accounts, making it easier to define public vs. private data.

Users can break down data privacy settings to address specific areas of concern, such as encryption, and enforce increased levels of privacy for more important data.

“As companies continue to expand operations into the cloud, they are left open to significant security, privacy, and regulatory threats, often caused by misconfigurations,” said Tim Erlin, vice president of product management and strategy at Tripwire.

“Most teams have limited personnel to defend the network and need support to determine which problems are most pertinent. Secure configuration management is a basic but critical security practice to ensure gaps in security are realized and that companies are protected from devastating and costly impacts caused by cloud-related attacks.”

Tripwire Configuration Manager is easy to implement and operate. A free trial is available that…

Source…

New XLoader Variant Masquerades as Android Security Apps, iOS Configuration Profile – Security Intelligence

/in

New XLoader Variant Masquerades as Android Security Apps, iOS Configuration Profile  Security Intelligence

Security researchers observed a new variant of XLoader masquerading as Android security apps and an iOS configuration profile to target mobile users.

“android security news” – read more