Tag Archive for: ‘Bad

Virgin Media just won’t take no for an answer, NFT apes, and bad optics • Graham Cluley

/in


Smashing Security podcast #256: Virgin Media just won't take no for an answer, NFT apes, and bad optics

After a brief discussion of the Log4Shell vulnerability panic, we discuss how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your girlfriend’s facial recognition.

All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.




Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Mark Stockley – @markstockley

Show notes:

Sponsor: 1Password

The first annual 1Password “State of Access” benchmark study illuminates the grave dangers unwittingly posed by checked-out, apathetic employees — including security professionals.

Burned-out employees are 3 times more likely to say security rules and policies “aren’t worth the hassle,” and nearly half of burned-out security professionals say it’s unrealistic for companies to be aware of and manage all apps and devices that employees use.

Read the report and find out what you can do at 1password.com/resources

Sponsor: Uptycs

Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.

Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.

Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.

Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.

Find out more and try it for free at uptycs.com

Follow the show:

Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Found this article interesting? Follow…

Source…

39% of all internet traffic is from bad bots

/in


Automated traffic takes up 64% of internet traffic – and whilst just 25% of automated traffic was made up by good bots, such as search engine crawlers and social network bots, 39% of all traffic was from bad bots, a Barracuda report reveals.

bad bots internet traffic

These bad bots include both basic web scrapers and attack scripts, as well as advanced persistent bots. These advanced bots try their best to evade standard defences and attempt to perform their malicious activities under the radar. The report revealed that the most common of these persistent bots were ones that went after e-commerce applications and login portals.

Bad bots internet traffic by location

The report also included a breakdown of bad bot traffic by location. It revealed that North America accounts for 67% of bad bot traffic, followed by Europe (22%) and then Asia (7.5%).

bad bots internet traffic

Interestingly, the European bot traffic was more likely to come in from hosting services (VPS) or residential IPs than the North American traffic, most of which originated from public data centres.

Most bot traffic comes in from AWS and Microsoft Azure

The research also revealed that most bot traffic comes in from the two largest public cloud vendors, AWS and Microsoft Azure, in roughly equal measure. This is likely because it is easy to set up a free account with either provider, and then use the account to set up the bad bots.

Finally, researchers observed that bad bot traffic tends to follow the standard workday, allowing them to hide within normal human traffic streams to avoid raising alarm bells.

Nitzan Miron, VP of Product Management, Application Security, Barracuda said: “While some bots like search engine crawlers are good, our research shows that over 60% of bots are dedicated to carrying out malicious activities at scale. When left unchecked, these bad bots can steal data, affect site performance, and even lead to a breach. That’s why it’s critically important to detect and effectively block bot traffic.”

Source…

How bad is ransomware? One insurer has dropped coverage for extortion payments.

/in


The AXA Group logo is seen Feb. 21, 2019, at the company’s 2018 annual results presentation in Paris. The global insurance company said May 6, 2021, that it will stop writing cyber-insurance policies in France that reimburse customers for ransomware extortion payments. (Thibault Camus/AP)

Source…

The Linux Foundation’s demands to the University of Minnesota for its bad Linux patches security project

/in


To say that Linux kernel developers are livid about a pair of University of Minnesota (UMN) graduate students playing at inserting security vulnerabilities into the Linux kernel for the purposes of a research paper “On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits” is a gross understatement. 

Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch and well-known for being the most generous and easy-going of the Linux kernel maintainers, exploded and banned UMN developers from working on the Linux kernel. That was because their patches had been “obviously submitted in bad faith with the intent to cause problems.” 

The researchers, Qiushi Wu and Aditya Pakki, and their graduate advisor, Kangjie Lu, an assistant professor in the UMN Computer Science & Engineering Department of the UMN then apologized for their Linux kernel blunders. 

That’s not enough. The Linux kernel developers and the Linux Foundation’s Technical Advisory Board via the Linux Foundation have asked UMN to take specific actions before their people will be allowed to contribute to Linux again. We now know what these demands are.

The letter, from Mike Dolan, the Linux Foundation’s senior VP and general manager of projects, begins:

It has come to our attention that some University of Minnesota (U of MN) researchers appear to have been experimenting on people, specifically the Linux kernel developers, without those developers’ prior knowledge or consent. This was done by proposing known-vulnerable code into the widely-used Linux kernel as part of the work “On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits”; other papers and projects may be involved as well. It appears these experiments were performed without prior review or approval by an Institutional Review Board (IRB), which is not acceptable, and an after-the-fact IRB review approved this experimentation on those who did not consent.

This is correct. Wu and Lu opened their note to the UMN IRB by stating: “We recently finished a work that studies the patching process…

Source…