• Samba issues patches for three vulnerabilities
    Home > Security News > Vulnerabilities Samba released security updates patching three issues CVE-2019-14902, CVE-2019-14907, and CVE-2019-19344. The medium-rated CVE-2019-14902 fixes a problem where a newly delegated right, but more importantly the removal of a previously delegated right, would not be inherited on any domain controller other than the one where the change was made. The patch fixes this issue, but Samba noted, “it is vital that a full-sync be done TO each Domain Controller to ensure each ACL (ntSecurityDescriptor) is re-calculated on the whole set of DCs.” CVE-2019-14907, medium rated, can allow a crash after failed character conversion at log level three or higher affecting Samba 4.0 and later. In the Samba Active Directory Domain Controller this may cause a long-lived process to terminate. The final issue, CVE-2019-19344, covers a use after free issue during DNS zone scavenging in Samba Active Directory Domain Controller in versions 4.9 and later. Patches for all three issues have been posted.Read More
  • Survey: Financial-Sector Agencies’ Policies for Sharing Cyber Threats Inconsistent
    Four years after the enactment of the Cybersecurity Information Sharing Act of 2015, a joint inspectors general survey of seven financial-sector agencies’ efforts to implement the law reflects significant irregularities in steps taken to share cyber threat indicators and defensive measures with their fellow federal agencies and non-federal entities. The Office of the Chief Information Officer “does not have the resources, fiscal funds, or technical capabilities to implement a sharing of CTIs and DM program,” the National Credit Union Administration told the Council of Inspectors General on Financial Oversight in a Jan. 15 memo. The CISA law promised to shield private-sector entities from liability if they shared such information through the Department of Homeland Security’s Automated Indicator Sharing system and required federal agencies to implement policies to likewise share information the government had access to with the private sector.Read More
  • Startup Privafy Raises $22M with New Approach to Network Security
    Startup Privafy Raises $22M with New Approach to Network Security The company today disclosed an approach to data security designed to protect against modern threats at a lower cost than complex network tools. Data security startup Privafy has officially entered the market with a new security-as-a-service application and $22 million in minority investment to continue scaling its cloud-based business. Privafy, founded by executives of Verizon and NXP Semiconductors, aims to secure data in motion as it travels across on-prem locations, clouds, mobile, and the Internet of Things. Its Cloud Services are built to protect data across business environments from unauthorized intrusions, malware, DDoS, ransomware, and other threats at a lower cost than legacy tools. A central dashboard monitors and manages Privafy security services, including NetEdge to secure on-prem connectivity, CloudEdge to secure public and private clouds, and AppEdge to protect workers on iOS, Android, Windows, macOS, and Linux.Read More
  • Google finds security flaws in Apple's web browser: FT
    FILE PHOTO: The Apple logo is shown atop an Apple store at a shopping mall in La Jolla, California, U.S., December 17, 2019, 2019. (Reuters) - Google researchers have found multiple security flaws in Apple Inc’s Safari web browser that allowed the tracking of users’ browsing behavior, the Financial Times reported on Wednesday, citing a soon-to-be published paper. The vulnerabilities were found in a tool specifically designed to protect privacy and could have allowed third parties to obtain sensitive information about the browsing habits of users, the report added. Alphabet Inc’s Google disclosed the flaws to Apple last August, according to the report. In a blog post in December, an Apple engineer said that the company had fixed flaws disclosed to it by Google researchers. An Apple spokesman on Wednesday confirmed that the flaws found by Google and highlighted in the Financial Times’ story were patched last year.Read More
  • EFS Ransomware Attacks Overcome Major Antivirus Tools in Proof-of-Concept Tests
    EFS ransomware attacks targeting Windows users could potentially overcome several major signature-based antivirus tools, researchers have discovered. Developed by Microsoft and intended to offer full disk encryption, EFS — otherwise known as Windows Encrypting File System — was put to the test as part of an investigation by SafeBreach Labs. The firm created its own ransomware variant to see if antivirus tools would stop an attack. According to the published results, all three of the tools tested failed to keep the EFS ransomware attacks at bay. At this point, a hard-wired public key in the ransomware encrypted the key file data and attempted to wipe slack parts of the disk. Have a Ransomware Recovery Strategy Even if cybercriminals haven’t actually carried out EFS ransomware attacks yet, it’s a good reminder that organizations should be proactive in having a ransomware recovery strategy in place.Read More
  • Anchore raises $20 million to automate container security management
    “We created Anchore to empower developers to build secure software quickly and more efficiently,” said Anchore CEO Ziouani, who said the fresh capital will be put toward R&D. “Given our progress to date backed by the strong adoption this past year, we’re now ready to scale our sales, professional services, and engineering resources globally to meet the need and achieve our mission to bring the benefits of container workflow security to customers around the world.” Anchore offers container inspection and compliance solutions tailored for a range of different applications, including open source projects and large teams in highly regulated industries. They’re built atop the Anchore Engine, a tool for deep image inspection and vulnerability scanning that can be used to generate reports and define continuous integration/deployment pipeline policies, and that searches for attack vectors in apps and operating system (OS) packages while ensuring secrets like passwords, API keys, and other sensitive information aren’t exposed.Read More
  • Octarine releases open source security scanning tools for Kubernetes
    Octarine, a startup that helps automate security of Kubernetes workloads, released an open source scanning tool today. The tool, which is called Kube -scan, is designed to help developers understand the level of security risk in their Kubernetes clusters. The company is also open sourcing a second tool called The Kubernetes Common Configuration Scoring System or KCCSS for short, which is the underlying configuration framework used in Kube-scan. There are over 30 security settings, and understanding how they interact with each other, which settings make security worse, which one make it better, and the impact of each selection is not something that's easy to measure or explain," Sobrier told TechCrunch. This takes the settings as defined in KCCSS and applies a score, which measure the level of risk for each setting in the Kubernetes cluster you run it on. While it obviously could work hand-in-glove with Octarine's own security tools, Rafael Feitelberg, VP of commercialization, says the project has been more about helping companies see their Kubernetes cluster risk level, and giving them information to fix the problems it finds.Read More
  • Quantum computing could end encryption within five years, says Google boss
    The boss of Google has warned that quantum computers will be able to break encryption within as little as five years, signalling the growing threat to privacy such technological advances pose. Speaking at the World Economic Forum in Davos, Sundar Pichai said there was huge potential for quantum computing to "allow us to understand the world in a deeper way". Unlike classical computers which use things called "bits" to process information, quantum computers use miniscule particles called qubits which means they have much more computing power – allowing them to perform calculations significantly faster than regular computers.  Google has been among the companies making huge strides in quantum computing, and last year said it had made a breakthrough in the field, developing a chip which could perform a calculation that took a classical computer 10,000 years to complete, in just 200 seconds.Read More
  • ActZero Announces Acquisition of IntelliGO to Build Cybersecurity Business of the Future
    PALO ALTO, Calif., Jan. 22, 2020 /PRNewswire/ -- ActZero, a Palo Alto-based artificial intelligence company, announced today that it has acquired IntelliGO Networks, a leading provider of Managed Detection and Response services. IntelliGO will continue to operate as an independent entity, and will work with ActZero to achieve its vision of revolutionizing the Managed Security Services landscape with a unified, AI-driven security platform. IntelliGO was founded in Toronto in 2005 as a value-added cybersecurity reseller and managed services firm. IntelliGO has previously announced investments in augmenting its offering with machine learning, and this combination will enable the firm to deploy and scale similar tools and process improvements to gain efficiencies and deliver superior, faster, more predictable service to clients. "Our vision is to build a world-class cybersecurity services platform — which requires understanding and addressing business users' needs today, while dominating in machine learning and artificial intelligence to get ahead of tomorrow's threats," said Sameer Bhalotra, CEO of ActZero.Read More
  • ProtonVPN apps handed to open source community in transparency push
    ProtonVPN has handed over application code to the open source community in a bid to improve transparency and security standards. On Tuesday, the virtual private network (VPN) provider, also known for the ProtonMail secure email service, said that the code backing ProtonVPN applications on every system -- Microsoft Windows, Apple macOS, Android, and iOS -- is now publicly available for review in what Switzerland-based ProtonVPN calls "natural" progression. Each application has also undergone a security audit by SEC Consult, which ProtonVPN says builds upon a previous partnership with Mozilla. While the partnership did not go any further -- instead, Mozilla has created its own Firefox Private Network -- the trial did require ProtonVPN's technology to undergo an inspection by the browser as part of Mozilla's due diligence requirements. The macOS report (.PDF) uncovered no bugs at all, whereas one medium-risk vulnerability and four low-risk vulnerabilities were discovered in the Android audit (.PDF), the worst of which was an insecure logout issue.Read More