Cybersecurity Alerts, News, and Tips


Web Crawlers, the DMCA, and Thinking Ahead

Who Should Read It?
This article is for web content makers and owners of the public content platforms, web developers, and anyone who can suddenly publish content that might become a subject of DMCA claim. A couple of examples are Twitter, GitHub, and Vimeo platforms that allow users to publish pictures, videos, and source codes that might appear to violate copyright laws. 
Disclaimer
Of course, when we are talking about Public resources like Twitter, it is not a problem for someone to write a web-crawler smart enough to analyze specific resources and copy/download all the possible content from it (or save the content on the user machine). In this case, your platform/web-site is simply one point in the content distribution chain and does not know how this content is supposed to be shared after all. Since it is a separate resource with its mission and reasons to work with this information (so they might need or don’t need to satisfy DMCA rules), I don’t think it’s something you can do with it. Web-crawlers overall may become a massive problem in the DMCA applicability. On the other side, they play a substantial role as an external cache that allows people to find information lost on the original resource. So, web crawlers, not always bad, actually. 



Ukraine: nation-state hackers hit government document management system

Ukraine ‘s government attributes a cyberattack on the government document management system to a Russia-linked APT group. The Ukraine ‘s government blames a Russia-linked APT group for an attack on a government document management system, the System of Electronic Interaction of Executive Bodies (SEI EB). According to Ukrainian officials, the hackers aimed at disseminating malicious […]
The post Ukraine: nation-state hackers hit government document management system appeared first on Security Affairs.


IBM Security Report: Ransomware Top Cyber Threat in 2020

Ransomware was 2020’s top cyber threat & comprised 23% of cyberattacks, the IBM Security “2021 X-Force Threat Intelligence Index” shows.
The post IBM Security Report: Ransomware Top Cyber Threat in 2020 appeared first on MSSP Alert.



Managed Security Services Provider (MSSP) News: 24 February 2021

Today’s MSSP news involves Arete, CrowdStrike CSPM, Cyber Risk Aware, Datawiza, Devo Technology, Huntress, McAfee, Microsoft MISA, Milton Security, Perimeter 81, Protegrity, Red Hat & more.
The post Managed Security Services Provider (MSSP) News: 24 February 2021 appeared first on MSSP Alert.


A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Crooks are exploiting BTC blockchain transactions to hide backup command-and-control (C2) server addresses for a cryptomining botnet. Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2.  This technique allows botnet operators to make their infrastructure resilient […]
The post A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism appeared first on Security Affairs.



Best Practices to Secure Your SDLC Process

Introduction
In the development of a robust software system, a well-structured Software Development Life Cycle (SDLC) is of utmost importance. An SDLC is a meticulously structured roadmap neatly sectioned into various phases in the software development process, allowing the stakeholders of the project to effectively collaborate and keep track of the progress—from planning to designing, and deployment to maintenance, an SDLC  ensures easy evaluation at each step of the software development journey and its fool-proof execution. 
In the past, security-related tasks were limited to only the testing phase of the SDLC. As a result, several issues would get discovered very late into the process and some not at all. As a consequence, businesses were perpetually at high-security risk and the cost of software maintenance and troubleshooting would spiral out of control.