WyzGuys Tech Talk

A quick Saturday digest of cybersecurity news articles from other sources.

GoDaddy – “unauthorized individual” had access to login info

Web hosting behemoth GoDaddy just filed a data breach notification with the US state of California.

On May 4, 2020, GoDaddy, one of the world’s largest website hosting providers, disclosed that the SSH credentials of approximately 28,000 GoDaddy hosting accounts were compromised by an unauthorized attacker.

You can find full details and guidance on the official Wordfence blog

Shadow Broker leaked NSA files point to unknown APT group

A security researcher claims to have unearthed a previously-unknown APT group after reading the NSA files leaked by the Shadow Brokers in 2016.

5 flourishing and 5 fading IT careers

Once a technology has proved its value, the demand for people who know how to get the most out of it never quite goes to zero. Just look at COBOL programming, currently experiencing a surge in demand due to states still using it for mainframe-based unemployment systems that now need to be retooled in response to the COVID-19 pandemic.  Growing careers:  cybersecurity, big data analytics, data scienentists and engineers, the technology facilitator.  Fading careers: admin roles, project managers, software QA engineers, back-end/front-end engineers, small company CIO. READ MORE

Kaspersky offers free cybersecurity training to assist teams working remotely

Telecommuting comes with its own set of cybersecurity risks. Kaspersky has announced a free training module to help remote teams make more informed cybersecurity decisions.

National Cyber Awareness System:  AA20-120A: Microsoft Office 365 Security Recommendations

Original release date: April 29, 2020

Summary

As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully considering the security configurations of these platforms.

This Alert is an update to the Cybersecurity and Infrastructure Security Agency’s May 2019 Analysis Report, AR19-133A: Microsoft Office 365 Security Observations, and reiterates the recommendations related to O365 for organizations to review and ensure their newly adopted environment is configured to protect, detect, and respond against would be attackers of O365.

Solution Summary

CISA encourages organizations to implement an organizational cloud strategy to protect their infrastructure assets by defending against attacks related to their O365 transition and better securing O365 services.[9] Specifically, CISA recommends that administrators implement the following mitigations and best practices:

• Use multi-factor authentication. This is the best mitigation technique to protect against credential theft for O365 administrators and users.
• Protect Global Admins from compromise and use the principle of “Least Privilege.”
• Enable unified audit logging in the Security and Compliance Center.
• Enable Alerting capabilities.
• Integrate with organizational SIEM solutions.
• Disable legacy email protocols, if not required, or limit their use to specific users.

WordPress Releases Security Update

Original release date: April 30, 2020

WordPress 5.4 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.4.1.

Bumper Adobe update fixes flaws in Magento, Bridge and Illustrator

Adobe’s latest patches are out, including fixes for its ecommerce platform.  Nevertheless, with a total of 35 CVEs to fix in this update, including 24 described as ‘critical’, it’s likely the company has been saving up this patching haul from its bug bounty program for some time.

The Ransomware Apology and Decryption Key Giveaway

Do hackers ever experience a change of heart? It appears the operators of Shade ransomware just did, because they announced they’re giving away more than 750,000 ransomware decryption keys. And they posted a very personal apology note, as well. On GitHub, the “Shade-Team” posted a contrite ransomware note that concludes with this message: “We apologize to all the victims of the trojan and hope… Read more

Cybersecurity Ratings of Remote Meeting Apps: Zoom, Teams, Skype, and More

The mass proliferation of virtual meeting platforms is posing questions about security and privacy. From concerns about foreign governments listening to corporate video calls to the rise in “Zoom bombers” crashing meetings and classes, how secure are these remote meeting apps, really? Thanks to Mozilla, now we know. It examined 15 platforms: Zoom, Google (Duo, Hangouts, Meet), FaceTime, WhatsApp… Read more

Why Video Calls Are Surprisingly Exhausting

Expressing yourself and trying to read others’ faces in a grid of video feeds is a taxing task.

Google fights spammy extensions with new Chrome Web Store policy

About fricking time!!The policies are specifically meant to fight spam, but they outlaw tactics taken by malicious extensions as well, including fake reviews.