Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 77
» Latest member: Infosecjordan
» Forum threads: 5,020
» Forum posts: 5,449

Full Statistics

Online Users
There are currently 9 online users.
» 2 Member(s) | 3 Guest(s)
Ahrefs, Google, Semrush, UptimeRobot, dualgraph, Tails

Latest Threads
What you — and your com...
Forum: Blue Team (CND)
Last Post: miloscuttlebutt
5 minutes ago
» Replies: 0
» Views: 0
Vulnerability Spotlight: ...
Forum: Blue Team (CND)
Last Post: miloscuttlebutt
5 minutes ago
» Replies: 0
» Views: 0
m-WAY Search Trees | Set-...
Forum: Developers
Last Post: miloscuttlebutt
5 minutes ago
» Replies: 0
» Views: 0
Insertion in a sorted cir...
Forum: Developers
Last Post: miloscuttlebutt
5 minutes ago
» Replies: 0
» Views: 0
Samsung R&D Bangalore (On...
Forum: Developers
Last Post: miloscuttlebutt
5 minutes ago
» Replies: 0
» Views: 0
Oracle Interview Experien...
Forum: Developers
Last Post: miloscuttlebutt
5 minutes ago
» Replies: 0
» Views: 0
What are Hash Functions a...
Forum: Developers
Last Post: miloscuttlebutt
5 minutes ago
» Replies: 0
» Views: 0
New Ransomware Attack –...
Forum: Ransomware
Last Post: miloscuttlebutt
6 minutes ago
» Replies: 0
» Views: 0
Ransomware wave hits 23 t...
Forum: Ransomware
Last Post: miloscuttlebutt
6 minutes ago
» Replies: 0
» Views: 0
5 Ways to Protect Yoursel...
Forum: General News
Last Post: miloscuttlebutt
6 minutes ago
» Replies: 0
» Views: 1

 
  Vulnerability Spotlight: Multiple vulnerabilities in Aspose APIs
Posted by: miloscuttlebutt - 5 minutes ago - Forum: Blue Team (CND) - No Replies

Vulnerability Spotlight: Multiple vulnerabilities in Aspose APIs


Cory Duplantis and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities.

Cisco Talos recently discovered multiple remote code execution vulnerabilities in various Aspose APIs. Aspose provides a series of APIs for manipulating or converting a large family of document formats. These vulnerabilities exist in APIs that help process PDFs, Microsoft Word files and more. An attacker could exploit these vulnerabilities by sending a specially crafted, malicious file to the target and trick them into opening it while using the corresponding API.

In accordance with Cisco's disclosure policy, Talos is disclosing these vulnerabilities after numerous unsuccessful attempts were made to contact Aspose to report these vulnerabilities.

Vulnerability details

Aspose Aspose.Cells LabelSst remote code execution vulnerability (TALOS-2019-0794/CVE-2019-5032)
An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
Read the complete vulnerability advisory here for additional information.
Aspose Aspose.Cells number remote code execution vulnerability (TALOS-2019-0795/CVE-2019-5033)
An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
Read the complete vulnerability advisory here for additional information.
Aspose Aspose.Words EnumMetaInfo code execution vulnerability (TALOS-2019-0805/CVE-2019-5041)
An exploitable stack-based buffer overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger this vulnerability.
Read the complete vulnerability advisory here for additional information.

Versions tested

CVE-2019-5033 and CVE-2019-5034 affect Aspose.Cells, version 19.1.0. CVE-2019-5041 affects Aspose.Words, version 18.11.0.0.


Coverage

The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 49756, 49757, 49760, 49761, 49852, 49853


http://feedproxy.google.com/~r/feedburne...-2019.html

Print this item

  What you — and your company — should know about cyber insurance
Posted by: miloscuttlebutt - 5 minutes ago - Forum: Blue Team (CND) - No Replies

What you — and your company — should know about cyber insurance

By Jon Munshaw and Joe Marshall. 

It’s no longer a question of “if” any given company or organization is going to be hit with a cyber attack — it’s when. And when that attack comes, who is willing to take on that risk?

For some groups, it may be that they feel they are fully prepared to take on the challenge of defending against an attack or potentially recover from one. But cyber security insurance offers the ability to transfer that risk to an insurance company that can help you with everything from covering lost revenue to providing incident response as soon as you detect an attack.

Even back in 2016, Cisco Talos called the realm of cyber insurance “new and immature.”  But since then, the market has changed drastically, and these kinds of policies are becoming more popular. Still, some businesses have been slow to adopt these policies. According to a study by J.D. Power & Associates and the Insurance Information Institute released in October 2018, 59 percent of businesses still do not have any form of cyber insurance.
But a recent wave of attacks — including the takedown of computer systems in Baltimore, a multi-million-dollar settlement from Equifax over a 2016 data breach, and the recent theft of millions of Captial One customers’ information — shows why it’s important to remain prepared for these kinds of scenarios.

Equifax is still recovering from a massive data breach in 2016 that cost the company hundreds of millions of dollars. A cyber policy the company had covered $125 million in costs associated with the attack, though Equifax admittedly could have used a bigger policy considering the breach cost a total of $1.4 billion.

Is cyber insurance the right choice for your company or organization? We spoke to two cyber insurance experts to get answers to the questions we had around cyber insurance to help you make an informed decision.

How similar is cyber insurance to the insurance we’re all used to (health, car, etc.)? 

Turns out, not very. Catherine Rudo, the vice president of cyber insurance at Nationwide, said handing out cyber insurance policies is nothing like other, more conventional policies. Rudo agreed to speak with Talos regarding security policies across the board and said her comments do not reflect the traditional Nationwide policy.

“If you compare cyber to property [insurance], I don’t think there’s a direct comparison,” she said. “Cyber stands on its own. It’s something that’s closer to a liability policy … not everyone needs it in the same way, but everyone needs it.”
Rather than the plug-in and play model of other policies like car insurance, where you’d put in the specific make, model, year and amount of coverage needed for your car, and the insurer spits out a quote, each cyber policy is going to be different.

Rudo said each policy must be assessed and written on a case-by-case basis. There’s a wide variety of factors that need to be considered, including intellectual property, potential extortion payments, liability coverage, etc.

For example, the risks inherent with a cyber policy for an electric company would be entirely different than a clothing store that collects point-of-sale payments.

What do insurers do to calculate initial risk in these policies? 

For an insurance company to underwrite a policy for a company, organization or even government entity, the insurer must evaluate several different areas of security risk.

For example, Rudo said that on most cyber insurance applications, the potential insured must answer questions about patching cadence, the number of endpoints that access their network, what (if any) firewalls are in place and what third-party vendors the company works with.

Leslie Lamb, Cisco’s head of risk management, knows firsthand what the application process is like.

Lamb has been a part of every cyber insurance policy Cisco has ever purchased, and said every year, they reassess the policy and always try to get additional coverage in some form or another. She said Cisco’s CISO, Steve Martino, has met with insurance underwriters every year to discuss what Cisco does to limit exposure to attackers, what new intelligence partnerships are in place and how the company mitigates risk.

“We essentially do a roadshow for them,” Lamb said, adding that the process usually starts about 120 days prior to the expiration of Cisco’s current policy.

There’s also the inherent risk that comes with certain industries. For example, public institutions may have a more expensive policy because they handle a large amount of intellectual property, making them a more enticing target.

There’s also the issue of the size of the business — obviously, larger companies are going to be targeted more often than a mom-and-pop corner store.

Rudo said that the premiums may even increase if the potential insured has a higher appetite for risk than another company or organization.

How long have cyber policies been around? 

Lamb says a common misconception is that cyber insurance policies have only been around for a few years, when in fact, they’ve existed for about 15 years, even dating back to the Y2K scare.

But Lamb said the popularity of the market has increased dramatically over the past five years.

“It has grown exponentially because of the things that have been happening,” she said. “People are aware of what’s going on...no one is immune to having a cyber incident.”

Lamb said many multi-national companies have had cyber insurance policies as long as they’ve been around, but middle-market companies are just starting to pick up on the trend now.

Are there limits to how much a policy may pay out for one attack alone? 

This will vary from policy to policy, but most of the time, yes.

Rudo said companies seeking out cyber insurance policies will shop around between companies looking for which insurer can offer them a larger “policy aggregate,” meaning the total amount the policy will cover.

Another option could be to take out a policy covering a certain number of records that could be stolen in an attack.

“There are some policies that have a limit for how much they’ll spend, but they’ll have a number of records,” she said. “Some policies will say they’ll give ‘X’ million for your data breach, and another may say they’ll cover ‘X’ number of records. These policies don’t tabulate the amount, just the number of records taken.”

What happens after you’re attacked? 

Bad news — you’ve been attacked and are now infected with ransomware. Good news, you purchased a cyber insurance policy.

This varies from policy to policy, but some insurance companies will even go as far to provide boots-on-the-ground incident response and forensic assistance to help you recover your data and restore operations as quickly as possible.

Here’s why that makes sense for the insurer: If they can help you recover your data, the damages realized will not be as severe and thus reducing the monetary amount of claim and the restoration of activity to the victim as quickly as possible.

In some cases, the insurer will act as an intermediary between the attacker and the victim to help pay the ransom if that’s the route the victim wants to take.

“If a customer chooses to pay the ransomware, the insurance company will pay it, and the insurance company will sometimes facilitate [the payment],” Rudo said. “They can access a vendor to help with the ransomware payment. An insurance company will also respect the wish of the client if they choose not to pay the ransom.”

For example, an insurance company can even assist the victim in converting traditional currency into cryptocurrency, which the attacker may request as payment.

To hear Talos’ take on whether to pay the ransom in these kinds of attacks, you can check out our roundtable here.

Once the insured has completely recovered from an attack, the insurer will usually re-evaluate the policy and premium. The insurance company will look at things like if the initial attack vector was remediated, if the attacker was completely eradicated from the system and what new protections may be in place post-infection.

What is the timeframe for which the policy will cover an attack? For example, what would happen if an attacker had been in a victim’s system for a year, but the insured only took out a policy six months ago? 

These policies pay out on discovery. So, for example, if a retailer had a card-skimming malware sitting on their system since January, but the company only took out a policy in October, the attack would still be covered if they discovered the breach in November of that same year.

“These policies are on a discovery basis,” Rudo said. “The policy begins when the buyer has discovered the loss. The only way there might be an exclusion is if there’s a retroactive date [on the policy].”

What is Cisco’s role in all of this? 

Last year, Cisco, Aon, Apple and insurance company Allianz collaborated to launch the industry’s first cyber risk management solution.

The solution combines cyber resilience evaluation services from Aon, technology from Cisco and Apple, and options for enhanced cyber insurance coverage from Allianz.  “Enhancements” to the traditional insurance policy that this program offers, may include severance pay for CISO’s in the event of a termination after a breach, special support agreements if the insured uses a certain percentage of Apple products and a shorter waiting time for coverage to kick in, according to Lamb.

Organizations using Cisco Ransomware Defense are eligible for such enhancements from Allianz.

Other considerations 

  • Rudo said intellectual property is generally not covered by security policies because it is too difficult to quantify.
  • There are other liability policies that may be available to cover attacks that cause harm to a third party. For example, if an internet-of-things device was hacked in a way that it malfunctioned and injured a user, a cyber insurance policy would generally not cover that, but a separate liability policy would.
  • Many insurance companies will have “cyber security panels” that step in during some attacks to aid and provide advice to the victim. Lamb said Cisco is currently part of a few of these types of panels, and is looking to join more.


http://feedproxy.google.com/~r/feedburne...-FAQs.html

Print this item

  Samsung R&D Bangalore (On-Campus 2019)
Posted by: miloscuttlebutt - 5 minutes ago - Forum: Developers - No Replies

Samsung R&D Bangalore (On-Campus 2019)


Round 1: It was a 3 hour long online contest and there was only one problem. Question Every point in the universe is represented by… Read More »

The post Samsung R&D Bangalore (On-Campus 2019) appeared first on GeeksforGeeks.




https://www.geeksforgeeks.org/samsung-rd...mpus-2019/

Print this item

  Insertion in a sorted circular linked list when a random pointer is given
Posted by: miloscuttlebutt - 5 minutes ago - Forum: Developers - No Replies

Insertion in a sorted circular linked list when a random pointer is given


Given an array arr[] of integers and a pointer to a random node of a circular sorted linked list (initially empty), the task is to… Read More »

The post Insertion in a sorted circular linked list when a random pointer is given appeared first on GeeksforGeeks.




https://www.geeksforgeeks.org/insertion-...-is-given/

Print this item

  m-WAY Search Trees | Set-1 ( Searching )
Posted by: miloscuttlebutt - 5 minutes ago - Forum: Developers - No Replies

m-WAY Search Trees | Set-1 ( Searching )


The m-way search trees are multi-way trees which are generalised versions of binary trees where each node contains multiple elements. In an m-Way tree of… Read More »

The post m-WAY Search Trees | Set-1 ( Searching ) appeared first on GeeksforGeeks.




https://www.geeksforgeeks.org/m-way-sear...searching/

Print this item

  What are Hash Functions and How to choose a good Hash Function?
Posted by: miloscuttlebutt - 5 minutes ago - Forum: Developers - No Replies

What are Hash Functions and How to choose a good Hash Function?


Prerequisite: Hashing | Set 1 (Introduction) What is a Hash Function? A function that converts a given big phone number to a small practical integer… Read More »

The post What are Hash Functions and How to choose a good Hash Function? appeared first on GeeksforGeeks.




https://www.geeksforgeeks.org/what-are-h...-function/

Print this item

  Oracle Interview Experience -On Campus (2019)
Posted by: miloscuttlebutt - 5 minutes ago - Forum: Developers - No Replies

Oracle Interview Experience -On Campus (2019)


The shortlisting for rounds are done by an online test held for approximately 2.5 hrs with 90 questions(MCQ). There are 4 sections, First one has… Read More »

The post Oracle Interview Experience -On Campus (2019) appeared first on GeeksforGeeks.




https://www.geeksforgeeks.org/oracle-int...mpus-2019/

Print this item

  New Ransomware Attack – Texas Government agencies become Victim
Posted by: miloscuttlebutt - 6 minutes ago - Forum: Ransomware - No Replies

New Ransomware Attack – Texas Government agencies become Victim

Still, Ransomware attacks become a problem on local governments, and Texas discovers this first-hand. On the morning of August 16, 23 government entities reported a ransomware attack. Most were “smaller...

The post New Ransomware Attack – Texas Government agencies become Victim appeared first on .




https://hackercombat.com/new-ransomware-...me-victim/

Print this item

  Ransomware wave hits 23 towns in Texas
Posted by: miloscuttlebutt - 6 minutes ago - Forum: Ransomware - No Replies

Ransomware wave hits 23 towns in Texas

The attack, which has victimized mostly smaller local governments, is thought to have been unleashed by a single threat actor
The post Ransomware wave hits 23 towns in Texas appeared first on WeLiveSecurity


http://feedproxy.google.com/~r/eset/blog...KvjNoD0gs/

Print this item

  5 Ways to Protect Yourself from IP Address Hacking
Posted by: miloscuttlebutt - 6 minutes ago - Forum: General News - No Replies

5 Ways to Protect Yourself from IP Address Hacking

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Your IP or Internet Protocol address is your digital identity on the internet. It allows your device to connect with the rest of the online world. For […]

The post 5 Ways to Protect Yourself from IP Address Hacking appeared first on Security Affairs.




https://securityaffairs.co/wordpress/901...ction.html

Print this item