A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.
The post Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards appeared first on SecurityWeek.
The all in one place for non-profit security aid.
A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.
The post Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards appeared first on SecurityWeek.
Microsoft Bookings Flaw Let Hackers Create Impersonate User Acccounts
A critical security flaw in Microsoft Bookings has been uncovered. This flaw, inherent in the default configuration of Microsoft Bookings, potentially allows attackers to create unauthorized Entra (formerly Azure AD) accounts and obtain fraudulent certificates. This vulnerability poses significant risks to organizations using Microsoft 365 services.
According to Cyberis findings, the issue stems from the “Shared Booking Pages” feature in Microsoft Bookings, which is enabled by default for users with appropriate Microsoft 365 licenses. When a user creates a shared Booking page, it automatically generates a fully functional account in Entra without requiring administrative permissions.
Managed Detection and Response Buyer’s Guide – Free Download (PDF)
This flaw could be exploited by attackers who have compromised a Microsoft 365 user account. By creating a Shared Booking page, they can:
The report states that this vulnerability has a far-reaching impact. Attackers could impersonate high-profile individuals within an organization, conduct sophisticated phishing attacks, and potentially gain control over critical infrastructure.
Moreover, the created accounts can send and receive emails regardless of sharing settings. This allows attackers to intercept sensitive communications and potentially reset online services registered with compromised email addresses.
To mitigate these risks, security experts recommend several steps:
Organizations are advised to disable the Bookings feature if not in use. Administrators can do this by using PowerShell to set the BookingsEnabled parameter to false.
This vulnerability underscores the importance of carefully managing user permissions and regularly auditing account creation processes in Microsoft 365 environments. It also highlights the need for organizations to stay vigilant about potential security risks in widely used productivity tools.
As the cybersecurity landscape continues to evolve, it’s crucial for organizations to regularly assess their security configurations and implement robust monitoring systems to detect and respond to potential threats promptly.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
The post Microsoft Bookings Flaw Let Hackers Create Impersonate User Acccounts appeared first on Cyber Security News.
Cybersecurity Awareness Month & SEC Updates
In this episode of the Retail & Hospitality ISAC podcast, host Luke Vander Linden is joined by Jay Banks, senior information security analyst of IT risk and compliance at Dick’s Sporting Goods, to talk about Cybersecurity Awareness Month in October. They explore the mechanisms Dick’s Sporting Goods employs to advocate for cybersecurity throughout the month. Then, Luke sits down with Christian Beckner, vice president of retail technology and cybersecurity at the National Retail Federation (NRF), to discuss the recent rules governing cybersecurity released by the U.S. Securities and Exchange Commission (SEC). Read More
The CyberWire
7 Chinese Govt Hackers Charged for 14-year hack campaign
[[{“value”:”
The US Department of Justice (DOJ) has unsealed an indictment charging seven Chinese nationals with computer hacking and wire fraud conspiracies.
These individuals are accused of being part of a hacking group known as APT31, which the DOJ alleges is linked to China’s Ministry of State Security (MSS).
Over 10,000 malicious emails impacted thousands of victims across multiple continents. As alleged in today’s indictment, this prolific global hacking operation – backed by the PRC government – targeted journalists, political officials, and companies to repress critics of the Chinese regime, compromise government institutions, and steal trade secrets,” said Deputy Attorney General Lisa Monaco.
Document
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.
:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, which helps you to quantify risk accurately:
Indictment details a 14-year campaign by APT31 targeting:
US and foreign critics of China: Political dissidents, journalists, and government officials.
US businesses: Companies in defense, technology, telecommunications, and other critical sectors.
US political campaigns: Staffers and officials from both major parties.
The hackers allegedly used sophisticated techniques like zero-day exploits to compromise email accounts, steal intellectual property, and potentially influence US elections.
Targeting email accounts of members of the Inter-Parliamentary Alliance on China (IPAC), a group critical of the Chinese government.
Hacking attempts against US defense contractors and a leading provider of 5G network equipment.
Spying on Hong Kong pro-democracy activists.
Today’s announcements underscore the need to remain vigilant to cybersecurity threats and the potential for cyber-enabled foreign malign influence efforts, especially as we approach the 2024 election cycle. The Department of Justice will continue to leverage all tools to disrupt malicious cyber actors who threaten our national security and aim to repress fundamental freedoms worldwide.” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division.
Malware development and exploitation.
Infrastructure management for cyberattacks.
Surveillance and intrusion operations against US entities.
The defendants face charges of conspiracy to commit computer intrusions and conspiracy to commit wire fraud.
They are presumed innocent until proven guilty in a court of law. The DOJ is prosecuting the case with assistance from the National Security Division.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post 7 Chinese Govt Hackers Charged for 14-year hack campaign appeared first on Cyber Security News.
“}]] Read More
Cyber Security News