Tag Archive for: manager

Kaspersky finds zero-day exploit in Desktop Window Manager

/in


Early 2021, Kaspersky’s researchers, upon further analysis into the already reported CVE-2021-1732 exploit used by the BITTER APT group, have managed to discover another zero-day exploit. The experts are currently unable to link this exploit to any known threat actor.

A zero-day vulnerability is basically an unknown software bug. Upon identification and discovery, they allow attackers to conduct malicious activities in the shadows, resulting in unexpected and destructive consequences.

While analyzing the CVE-2021-1732 exploit, Kaspersky experts found another such zero-day exploit and reported it to Microsoft in February. After confirmation that it is indeed a zero-day, it received the designation CVE-2021-28310.

According to the researchers, this exploit is used in the wild, potentially by several threat actors. It is an escalation of privilege (EoP) exploit, found in Desktop Window Manager, allowing the attackers to execute arbitrary code on a victim’s machine.

It is likely that the exploit is used together with other browser exploits to escape sandboxes or obtain system privileges for further access.

Kaspersky’s initial investigation has not revealed the full infection chain, so it is yet not known whether the exploit is used with another zero-day or coupled with known, patched vulnerabilities.

“The exploit was initially identified by our advanced exploit prevention technology and related detection records. In fact, over the past few years, we have built a multitude of exploit protection technologies into our products that have detected several zero-days, proving their effectiveness time and time again. We will continue to improve defenses for our users by enhancing our technologies and working with third-party vendors to patch vulnerabilities, making the internet more secure for everyone,” comments Boris Larin, security expert at Kaspersky.

More information about BITTER APT and IOCs are available to customers of the Kaspersky Intelligence Reporting service. Contact: [email protected]

A patch for the elevation of privilege vulnerability CVE-2021-28310 was released on April 13th, 2021.

Kaspersky products detect this exploit with the following verdicts:

Source…

Tripwire expands multi-cloud capabilities for Tripwire Configuration Manager

/in


Tripwire announced expanded multi-cloud capabilities for Tripwire Configuration Manager. Tripwire’s SaaS application now helps organizations effectively manage security across AWS (Amazon Web Services), Microsoft Azure and GCP (Google Cloud Platform), including greater data privacy management through storage configuration monitoring.

Tripwire Configuration Manager simplifies the monitoring, remediation, and automation of cloud account configurations for multi-cloud organizations through a single console.

Users can monitor and enforce secure configuration policies across a multi-cloud environment and determine where they stand against Center for Internet Security Foundations benchmarks.

Misconfigurations are a leading cause of data breaches and security incidents involving the cloud. Tripwire Configuration Manager helps ensure your cloud accounts are in a known and trusted state by enforcing security policies.

Its automated remediation feature will reset a configuration that is out of compliance to its previous state, ensuring user cloud accounts are configured correctly, and the services and workloads they host in the cloud are safe.

The updated service also enables storage monitoring and provides an in-depth view of storage configuration across multi-cloud accounts, making it easier to define public vs. private data.

Users can break down data privacy settings to address specific areas of concern, such as encryption, and enforce increased levels of privacy for more important data.

“As companies continue to expand operations into the cloud, they are left open to significant security, privacy, and regulatory threats, often caused by misconfigurations,” said Tim Erlin, vice president of product management and strategy at Tripwire.

“Most teams have limited personnel to defend the network and need support to determine which problems are most pertinent. Secure configuration management is a basic but critical security practice to ensure gaps in security are realized and that companies are protected from devastating and costly impacts caused by cloud-related attacks.”

Tripwire Configuration Manager is easy to implement and operate. A free trial is available that…

Source…

Microsoft officially launches ‘Autofill’ password manager for iOS and other platforms

/in


Microsoft today officially launched the new Autofill solution, which lets users easily store and manage their website passwords across different devices — including iPhone, iPad, Mac, Windows PCs, and Android phones.

Autofill was already available as part of a beta program, but now Microsoft is making the tool available to all users through the Microsoft Authenticator app, a Google Chrome extension, and also Microsoft Edge. Just like iCloud Keychain, Microsoft Autofill stores your passwords and makes it easy to enter them on websites.

The announcement was made today on the official Microsoft Experience blog:

Autofill stores your passwords under your Microsoft account. To get started with autofill on mobile, open the Microsoft Authenticator app, and then sign-in on the Passwords tab with your Microsoft account. If you have passwords saved under your Microsoft account on Microsoft Edge, they will sync to the Authenticator app.

If you’re on a Mac, Autofill can be used through the Microsoft Edge web browser or with a Google Chrome extension. Users coming from other password managers can import them into Microsoft Autofill using a CSV file. In iOS, the app also lets you protect your passwords with a PIN code, Touch ID, or Face ID.

The Microsoft Authenticator app is available for free on the App Store. It requires an iPhone or iPad running iOS 11 or later.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news:

Source…

Richard Sands joins Cyble as General Manager for the North America region

/in


Cyble announced that Richard Sands, former IT Security Director of Yum! Brands, will be joining Cyble as the General Manager for the North America region.

Richard’s addition to Cyble’s leadership team is expected to bolster the market reception of its services and add new impetus to the company’s growth. His expertise will also help shape an energetic work environment at Cyble, spearhead innovative strategic thinking, and foster the development of a dynamic organization.

Richard brings 20+ years of rich global experience in managing cybersecurity risks within the industry and as a trusted advisor to leading organizations. Prior to joining Cyble, Richard spent five years at Yum! Brands as its Director Global IT Security, three years at BHP as Global Cyber Security Strategy Lead, and over a decade at PricewaterhouseCoopers as Director, Information Security Services.

Beenu Arora, Founder and CEO at Cyble said, “As we move forward to make Cyble ‘Future Ready’, I am delighted to welcome Richard to the team. His calibre and expertise will ensure that Cyble has a resolute foundation and adopt resilient strategies to guide our sales and marketing efforts. The entire leadership team at Cyble is excited to keep innovating optimal solutions that elevate the experience of our clients.”

“Cyble’s long-term vision, people-first culture, and focus on serving clients means the future for Cyble is bright. I am excited to join this skilled and passionate team to help steer strategies in North America, establish sustainable relationships with our clients as their trusted cyber partner, and drive business results to fuel the Cyble’s next growth phase,” said Richard.

Beenu also added, “I am delighted to see Cyble hit our own scaling moment. We are responding to this growth by adding strategic talent to our leadership team! As Cyble continues to expand globally, we are further leveraging on virtual onboarding to strengthen our organization at multiple levels in tandem with our growth plans.”

Earlier in 2020, Cyble also appointed Arnab Chakraverty as Director, Products and Dhanalakshmi PK as Associate Director, Malware and Intelligence Research.

Source…