SecuitNEWS

Preventing Criminals from Using Cloud Applications to Inject Chaos Into Work Environments In 2020, cyber criminals used cloud applications, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain.  How do we prevent these criminals from injecting chaos into our hybrid work environments? As I’ve been preaching for years, the new security paradigm has shifted to focus on applications, users, and data.  Although the network and endpoint still play an important role in security, the shift to secure user access to applications and data has accelerated, especially in a work from anywhere environment.  But where should organizations start? Doni Brass, Product Management Lead at Cisco Umbrella, joined Enterprise Security Weekly to we lay out how companies and their IT teams can stave off threats in the cloud app discovery process, stop...

Colombian police arrest Gozi malware suspect after 8 years at large – Naked Security More than eight-and-a-half years ago, we wrote about the US indictment of three cybercrime suspects . The troika was wanted for allegedly operating a bank-raiding crimeware “service” known as Gozi , based on zombie malware that used a technique known as HTML injection to trick victims into revealing personal information relating to their on-line banking. As we explained at the time [ original text slightly edited]: Adding to or altering the content of a bank’s online login form is tricky if you want to make the modifications on the server side or while the content is in transit. […] But if you can plant malware on the victim’s PC, you can use what’s known as an MiTB attack, or “manipulator in the browser”. Then, you wait until a suitable online transaction form has been securely delivered and decrypted for display in the browser. Only then do you inject content into the HTML in order to modi...

Miming, Mimecast? The latest attempt at exploiting SEGs By Adam Martin, Phishing Defense Centre Secure email gateways (SEGs) often provide end users with a sense of safety from phishing and other malicious attacks delivered via email. This, however, can provide a false sense of confidence when interacting with notifications and alerts from phishing emails spoofing SEGs. The traditional tactic of employing a sense of urgency is generally the flavor of choice for threat actors in the form of disk space being full, invoices, etc. The objective is to draw the user into making rash decisions based on a fear of either data or monetary loss. The initial link presented to the user takes advantage of the Google redirect feature using the following link: hXXps://www.google.com/url?q=hXXps://d5e5ecb84884425f98768108f081a87a[.]svc[.]=dynamics.com/t/r/X-fsqjgi42gdMDDZPkaz34T9oWvCL2u-hDs3ZwpUAU8%23%5BTO-EMAIL%5D:0002%3D12900&source=gmail&ust=1619610429283000&usg=AFQjCNEmWYNQmZ0Z4zu...