Big Cyber Hits on GM, Chicago Public Schools, & Zola Showcase the Password Problem

Credential-stuffing attacks against online accounts are still popular, and they work thanks to continuing password reuse.

How to encrypt your email and why you should

If you've never added encryption to your email, Jack Wallen explains why you should and demonstrates how it works with the Thunderbird open-source email client.

Twitter Fined $150M for Security Data Misuse

Twitter is charged with using emails and phone numbers ostensibly collected for account security to sell targeted ads.

The FDA's New Cybersecurity Guidance for Medical Devices Reminds Us That Safety & Security Go Hand in Hand

The new draft guidance on premarket submissions incorporates quality system regulations and doubles down on a life-cycle approach to product security.

Twitter Fined $150m For Handing Users' Contact Details To Advertisers

Some QCT Servers Vulnerable To Pantsdown Flaw

Hacker Steals Database Of Hundreds Of Verizon Employees

Campaigners warn of legal challenge against Privacy Shield enhancements

Schrems III on the cards unless negotiators protect better oversight of US data access requests European privacy campaigner Max Schrems is warning that enhancements to the EU-US Privacy Shield data-sharing arrangements might face a legal challenge if nego ...

Malware-Infested Smart Card Reader

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them. But by all accounts, the potential attack surface here is enormous, as many federal empl ...

Time to update: Google Chrome 102 arrives with 32 security fixes, one critical

Google is urging Chrome users to update the browser now in order to fix a critical flaw.

Cybergang Claims REvil is Back, Executes DDoS Attacks

Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin.

Microsoft: Here's how to defend Windows against these new privilege escalation attacks

Microsoft is warning Windows domain admins to implement mitigations against an authentication weakness related to Active Directory.

WA gov creates cyber security uplift team

After mandating essential eight controls.

YouTube remains in Russia to be an independent news source: CEO

Speaking at the World Economic Forum in Davos, the CEO was upbeat about her company's role in Russia, whilst a panel of experts tackled the issue of health data privacy.

Millions of people's info stolen from MGM Resorts dumped on Telegram for free

Meanwhile, Twitter coughs up $150m after using account security contact details for advertising Miscreants have dumped on Telegram more than 142 million customer records stolen from MGM Resorts, exposing names, postal and email addresses, phone numbers, a ...

Most Common Threats in DBIR

Supply chain and ransomware attacks increased dramatically this year, which explains why so many data breaches in this year's DBIR were grouped as system intrusion.

Is Your Data Security Living on the Edge?

Gartner's security service edge fundamentally changes how companies should be delivering data protection in a cloud and mobile first world.

Interpol's Massive 'Operation Delilah' Nabs BEC Bigwig

A sprawling, multiyear operation nabs a suspected SilverTerrier BEC group ringleader, exposing a massive attack infrastructure and sapping the group of a bit of its strength.

JFrog Launches Project Pyrsia to Help Prevent Software Supply Chain Attacks

Open source software community initiative utilizes blockchain technology.

Mastercard Launches Cybersecurity “Experience Centre”

Experience Centre features emerging Mastercard products and solutions for securing digital payments on a global scale, including those developed locally in Vancouver.

Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message

Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.

Meet the 10 Finalists in the RSA Conference Innovation Sandbox

This year's finalists tackle such vital security concerns as permissions management, software supply chain vulnerability, and data governance. Winners will be announced June 6.

Brexit Leak Site Linked to Russian Hackers

Purporting to publish leaked emails of pro-Brexit leadership in the UK, a new site's operations have been traced to Russian cyber-threat actors, Google says.

Spring Cleaning Checklist for Keeping Your Devices Safe at Work

Implement zero-trust policies for greater control, use BYOD management tools, and take proactive steps such as keeping apps current and training staff to keep sensitive company data safe and employees' devices secure.

Data on ransomware attacks is 'fragmented and incomplete' warns Senate report

The US government must clean up ransomware reporting and data collection if it wants to devise adequate policy responses.

Industry 4.0 Points Up Need for Improved Security for Manufacturers

With manufacturing ranking as the fourth most targeted sector, manufacturers that understand their exposure will be able to build the necessary security maturity.

DDoS Extortion Attack Flagged as Possible REvil Resurgence

A DDoS campaign observed by Akamai from actors claiming to be REvil would represent a major pivot in tactics for the gang.

Web App Attacks On The Rise In Healthcare

Zoom Patches ‘Zero-Click’ RCE Bug

The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.

Verizon Report: Ransomware, Human Error Among Top Security Risks

2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.

DBIR Makes a Case for Passwordless

The 2022 Data Breach Investigations Report repeatedly makes the point that criminals are stealing credentials to carry out their attacks.

Beijing needs the ability to 'destroy' Starlink, say Chinese researchers

Paper authors warn Elon Musk's 2,400 machines could be used offensively A researcher from the Beijing Institute of Tracking and Telecommunications advocated for Chinese military capability to take out Starlink satellites on the grounds of national securit ...

Zoom patches XMPP vulnerability chain that could lead to remote code execution

Google Project Zero researcher finds holes in the different ways XML was parses on the Zoom client and server.

Predator spyware sold with Chrome, Android zero-day exploits to monitor targets

Or so says Google after tracking 30+ vendors peddling surveillance malware Spyware vendor Cytrox sold zero-day exploits to government-backed snoops who used them to deploy the firm's Predator spyware in at least three campaigns in 2021, according to Googl ...

'There's No Ceiling': Ransomware's Alarming Growth Signals a New Era, Verizon DBIR Finds

Ransomware has become so efficient, and the underground economy so professional, that traditional monetization of stolen data may be on its way out.

Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021

But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.

XM Cyber Adds New Security Capability for Microsoft Active Directory

Company to debut its AD capabilities at the 2022 RSA Conference.

Strong Password Policy Isn't Enough, Study Shows

New analysis reveals basic regulatory password requirements fall far short of providing protection from compromise.

Zuckerberg Sued By DC Attorney General Over Cambridge Analytica Data Scandal

Fronton IOT Botnet Packs Disinformation Punch

Facebook opens political ad data vaults to researchers

Facebook builds FORT to protect against onslaught of regulation, investigation Meta's ad transparency tools will soon reveal another treasure trove of data: advertiser targeting choices for political, election-related, and social issue spots.…

Netskope Expands Data Protection Capabilities to Endpoint Devices and Private Apps

New features include context-aware, zero-trust data protection on local peripherals and devices.

Nisos Announces $15 Million in Series B Funding Round

New funding led by global cyber investor Paladin Capital Group, alongside existing investors Columbia Capital and Skylab Capital.

Crypto Hacks Aren’t a Niche Concern; They Impact Wider Society

Million-dollar crypto heists are becoming more common as the currency starts to go mainstream; prevention and enforcement haven't kept pace.

SolarWinds: Here's how we're building everything around this new cybersecurity strategy

The SolarWinds supply chain attack was one of the biggest cyber incidents there's ever been. Here's how the company has dealt with the aftermath.

It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017

Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening inf ...

IBM is helping these schools build up their ransomware defenses

The goal is to improve cybersecurity defenses in public sector schools.

This era of big tech exceptionalism has got to end: Australian eSafety Commissioner

If the failures of this version of the internet are not learned, what will happen in a world of full sensory haptic suits, hyper-realistic experiences and teledildonics, asks Julie Inman Grant.

Screencastify fixes bug that would have let rogue websites spy on webcams

School-friendly tool still not fully protected, privacy guru warns Screencastify, a popular Chrome extension for capturing and sharing videos from websites, was recently found to be vulnerable to a cross-site scripting (XSS) flaw that allowed arbitrary we ...

An uncomplicated introduction to Uncomplicated Firewall

If you want to better secure your Linux desktop, but don't want to have to learn complicated firewall rules, Jack Wallen wants to introduce you to the Uncomplicated Firewall.

Multiple Governments Buying Android Zero-Days for Spying: Google

An analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.

QuSecure Carves Out Space in Quantum Cryptography With Its Vision of a Post-RSA World

NIST may be on the brink of revealing which post-quantum computing encryption algorithms it is endorsing, solidifying commercial developments like QuProtect.

Kingston Digital Releases Touch-Screen Hardware-Encrypted External SSD for Data Protection

IronKey Vault Privacy 80 External SSD safeguards against brute-force attacks and BadUSB with digitally-signed firmware.

After the Okta Breach, Diversify Your Sources of Truth

What subsequent protections do you have in place when your first line of defense goes down?

Snake Keylogger Spreads Through Malicious PDFs

How To Find NPM Dependencies Vulnerable To Account Hijacking

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments.

Snake Keylogger Spreads Through Malicious PDFs

Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug.

Forging Australian Driver’s Licenses

The New South Wales digital driver’s license has multiple implementation flaws that allow for easy forgeries. This file is encrypted using AES-256-CBC encryption combined with Base64 encoding. A 4-digit application PIN (which gets set during the initial ...

How to find NPM dependencies vulnerable to account hijacking

Security engineer outlines self-help strategy for keeping software supply chain safe Following the recent disclosure of a technique for hijacking certain NPM packages, security engineer Danish Tariq has proposed a defensive strategy for those looking to a ...

Misinformation needs tackling and it would help if politicians stopped muddying the water

Politicians lie, everyone knows it, but when the concept in question is how democracy works, it's a serious matter.

Conti: Russian-backed rulers of Costa Rican hacktocracy?

Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors In brief  The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it d ...

SolarWinds ready to move past breach and help customers manage theirs

Acknowledging that 2021 was a tough year, SolarWinds CEO says it has bolstered its build model and expanded its systems monitoring capabilities so customers can better manage the complexities of hybrid cloud environments.

Friday Squid Blogging: Squid Street Art

Pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

The Onion on Google Map Surveillance

“Google Maps Adds Shortcuts through Houses of People Google Knows Aren’t Home Right Now.” Excellent satire.

Quantum Key Distribution for a Post-Quantum World

New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.

Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication

Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.

Global Food Supply Chain At Risk From Malicious Hackers

Microsoft's out-of-band patch fixes Windows AD authentication failures

Microsoft releases a fix for the May 10 Patch Tuesday update that was causing authentication failures for some.

Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap

To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics.

Microsoft patches the patch that broke Windows authentication

May 10 update addressed serious vulns but also had problems of its own Microsoft has released an out-of-band patch to deal with an authentication issue that was introduced in the May 10 Windows update.…

Closing the Gap Between Application Security and Observability

Daniel Kaar, global director application security engineering at Dynatrace, highlights the newfound respect for AppSec-enabled observability in the wake of Log4Shell. 

Microsoft Bing censors politically sensitive Chinese terms internationally, reports Citizen Lab

Research claims search engine fails to autofill certain names in Han characters, Microsoft points to technical error Microsoft search engine Bing censors terms deemed sensitive in China from its autosuggestion feature internationally, according to researc ...

Fake domains offer Windows 11 installers - but deliver malware instead

Be careful what you are downloading - these files deliver the Vidar infostealer.

Microsoft: This botnet is growing fast and hunting for servers with weak passwords

Protect your Linux servers from XorDdos, a botnet scanning the internet for SSH servers with weak passwords, Microsoft warns.

Protecting data now as the quantum era approaches

Startup QuSecure is the latest vendor to jump into the field with its as-a-service offering Analysis  Startup QuSecure will this week introduce a service aimed at addressing how to safeguard cybersecurity once quantum computing renders current public key ...