Adam Shostack

JANUARY 2, 2025

The Open Technology Institute has an Open Letter to Law Enforcement in the U.S., In closely related news, nominations for the 2020 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies are open. Lastly, the Port of Seattle is considering putting rules in place around facial recognition technology.

Technology 130

Technology Encryption Internet Internet 130

Penetration Testing

DECEMBER 11, 2024

The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co. for his alleged role in... The post CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach appeared first on Cybersecurity News.

Technology 59

Technology Cybersecurity Firewall 59

Schneier on Security

FEBRUARY 4, 2022

Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition. It’s a framework for private actors to scan every message sent online and report violations to law enforcement.

Surveillance 359

Surveillance Backups Media Technology 359

Security Affairs

JANUARY 4, 2025

“Today, the Department of the Treasurys Office of Foreign Assets Control (OFAC) sanctioned Integrity Technology Group, Incorporated (Integrity Tech), a Beijing-based cybersecurity company, for its role in multiple computer intrusion incidents against U.S. networks since the summer of 2022. critical infrastructure sectors.“

Cybersecurity 121

Cybersecurity IoT Hacking Technology 121

Schneier on Security

AUGUST 29, 2023

The facial recognition technology is used by the Maine Bureau of Motor Vehicles to ensure no one obtains multiple credentials or credentials under someone else’s name, said Emily Cook, spokesperson for the secretary of state’s office.

Identity Theft 313

Identity Theft Technology Software 313

Schneier on Security

OCTOBER 14, 2020

This is a current list of where and when I am scheduled to speak: I’ll be speaking at Cyber Week Online , October 19-21, 2020. I’ll be speaking at the IEEE Symposium on Technology and Society virtual conference, November 12-15, 2020. I’ll be keynoting the 2020 Conference on Cyber Norms on November 12, 2020.

Technology 229

Technology 229

Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days.

Data breaches 293

Data breaches Banking Cybercrime Advertising 293

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. In early 2020, Exorn promoted a website called “ orndorks[.]com Araneida Scanner. co as one of their projects.

Hacking 230

Hacking Cybercrime Advertising Data breaches 230

Schneier on Security

FEBRUARY 15, 2021

From a MIT Technology Review article : Soon after they were spotted, the researchers saw one exploit being used in the wild. More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order.

Technology 359

Technology Hacking Software 359

The Last Watchdog

MAY 24, 2021

Some instructive fresh intelligence about how cyber attacks continue to saturate the Internet comes to us from Akamai Technologies. In 2020, it saw 193 billion credential stuffing attacks globally, with 3.4 Meanwhile, threat actors’ siege on web applications surged 62 percent in 2020 vs. 2019: Akamai observed nearly 6.3

Financial Services 178

Financial Services Passwords Media Accountability 178

Malwarebytes

OCTOBER 18, 2024

The vulnerability, tracked as CVE-2024-44133 was fixed in the September 16 update for Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac Mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later). Microsoft has dubbed the flaw “HM Surf.”

Adware 144

Adware Spyware Mobile Technology 144

Krebs on Security

AUGUST 14, 2020

It’s unclear when the intruders first breached R1’s networks, but the ransomware was unleashed more than a week ago, right around the time the company was set to release its 2nd quarter financial results for 2020. R1 RCM declined to discuss the strain of ransomware it is battling or how it was compromised.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Troy Hunt

NOVEMBER 2, 2020

His comedy skit nailed it too: my Twitter timeline is literally just me talking about the things I'm interested in and whilst that might be predominantly technology and infosec stuff, turns out I actually have a life beyond that too. pic.twitter.com/YUJIqgYNXf — Troy Hunt (@troyhunt) November 1, 2020 Beautiful day out!

Data breaches 355

Data breaches InfoSec Media Technology 355

Krebs on Security

APRIL 20, 2023

3CX hired incident response firm Mandiant , which released a report on Wednesday that said the compromise began in 2022 when a 3CX employee installed a malware-laced software package distributed via an earlier software supply chain compromise that began with a tampered installer for X_TRADER , a software package provided by Trading Technologies.

Malware 330

Malware Software Technology Accountability 330

Schneier on Security

JUNE 3, 2022

Back in November 2020, in the middle of the COVID-19 pandemic, I gave a virtual talk at the International Symposium on Technology and Society: “ The Story of the Internet and How it Broke Bad: A Call for Public-Interest Technologists.” ” It was something I was really proud of, and it’s finally up on the net.

Internet 220

Internet Internet Technology 220

CyberSecurity Insiders

JUNE 2, 2023

By Jayakumar (Jay) Kurup, Global Sales Engineering Director at Morphisec Securing operational technology (OT) creates unique challenges. Sometimes this is due to cultural reasons (management’s fear of even the slightest chance of disruption); other times, it is technological.

Cyber threats 136

Cyber threats Technology Firewall Ransomware 136

Krebs on Security

APRIL 18, 2022

Conti ravaged the healthcare sector throughout 2020, and leaked internal chats from the Conti ransomware group show the gang had access to more than 400 healthcare facilities in the U.S. alone by October 2020. In June 2021, the HSE’s director general said the recovery costs for that attack were likely to exceed USD $600 million.

Healthcare 339

Healthcare Ransomware Cybersecurity Malware 339

Joseph Steinberg

JANUARY 4, 2021

Flash was once the dominant platform for rendering multimedia content in web browsers, but, as Adobe has terminated support for Flash as of the end of 2020, and, as Flash has created serious security problems in the past, now is the time to get rid of Flash once and for all.

Technology 246

Technology Mobile Internet Internet 246

Tech Republic Security

JULY 28, 2021

The number of ads selling access to corporate networks has continued to increase from 2019 to 2020 and into 2021, says Positive Technologies.

Technology 196

Technology 196

The Last Watchdog

SEPTEMBER 14, 2023

Fastly addresses these technological vulnerabilities by utilizing tools like Rust and WebAssembly. The societal aspects of technology, the human side, have grown equally unruly. People are wary of technology and its creators. These principles drive better technological outcomes, ensuring an improved experience for all web users.

Internet 290

Internet Internet Technology Risk 290

Krebs on Security

DECEMBER 2, 2020

The hack was acknowledged by the forum’s current administrator, who assured members that their passwords were protected with a password obfuscation technology that was extremely difficult to crack. OGUsers was hacked at least twice previously, in May 2019 and again in March 2020.

Accountability 345

Accountability Hacking Scams Media 345

Troy Hunt

OCTOBER 28, 2020

— NordVPN (@NordVPN) October 23, 2020 Ah, tricky! Much of this comes back to the old chestnut about how involved users should be in the whole decision-making process around the trustworthiness of a URL and indeed, how proactive technology should be to help them with this task. That’s how [link] became [link]. — Bartek ?wierczy?ski

Phishing 363

Phishing Password Management Passwords Internet 363

Schneier on Security

JUNE 30, 2022

Wired is reporting on a new remote-access Trojan that is able to infect at least eighty different targets: So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified at least 80 targets infected by the stealthy malware, including routers made by Cisco, Netgear, Asus, and DrayTek.

Malware 245

Malware DNS Architecture Hacking 245

Krebs on Security

JUNE 29, 2023

In March 2020, the DOJ unsealed two criminal hacking indictments against Kislitsin, who was then head of security at Group-IB , a cybersecurity company that was founded in Russia in 2003 and operated there for more than a decade before relocating to Singapore. Nikulin is currently serving a seven-year sentence in the U.S. prison system.

Cybersecurity 299

Cybersecurity Cybercrime Hacking Government 299

Troy Hunt

APRIL 9, 2020

link] — Troy Hunt (@troyhunt) March 31, 2020 And so it is with posts about the dangers of 5G. So, let's not talk about whether 5G is safe or not, let's instead talk about why opponents of the technology display every single spammy, scammy, hoaxy behaviour imaginable and then you can consider how much you should trust them.

Mobile 364

Mobile Media Scams Technology 364

Krebs on Security

APRIL 29, 2024

In February 2020, the FCC put all four wireless providers on notice that their practices of sharing access to customer location data were likely violating the law. The fines mark the culmination of a more than four-year investigation into the actions of the major carriers.

Wireless 326

Wireless Mobile Technology 326

Krebs on Security

APRIL 20, 2021

NYSE:IT ] — a $4 billion technology goliath whose analyst reports can move markets and shape the IT industry. As the largest organization dedicated to the analysis of software, Gartner’s network of analysts are well connected to the technology and software industries.

Marketing 281

Marketing Technology Software Cybercrime 281

Schneier on Security

MARCH 1, 2021

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. When national security is compromised by high-flying technology companies that fob off cybersecurity risks onto their customers, something similar is at work.

Risk 363

Risk Government Marketing Software 363

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., based Sophos Ltd.

Firewall 75

Firewall Hacking Malware Passwords 75

Krebs on Security

MARCH 23, 2021

Then in October 2020, the California Department of Technology (CDT) issued a new set of guidelines that effectively require all executives, managers and supervisors to know all of the details of a phishing exercise before it occurs.

Phishing 336

Phishing Data breaches Accountability Technology 336

Krebs on Security

NOVEMBER 4, 2020

.” Image: Coveware Q3 2020 report. Fabian Wosar , chief technology officer at computer security firm Emsisoft , said ransomware victims often acquiesce to data publication extortion demands when they are trying to prevent the public from learning about the breach.

Ransomware 361

Ransomware Backups Data breaches Encryption 361

The Last Watchdog

JULY 19, 2023

Here are a few takeaways: A converged ecosystem Cloud migration and rapid software development were both on a rising curve when Covid 19 hit and the global economy suddenly shut down in 2020. By one estimate, companies are on track to spend $77 billion on MSSP services by 2030, up from $22 billion in 2020.

CISO 244

CISO Architecture Network Security Cloud Migration 244

Penetration Testing

NOVEMBER 11, 2024

Active since 2020, Earth Estries primarily targets governments and technology firms through... The post Earth Estries’ Evolving Toolkit: A Deep Dive into Their Advanced Techniques appeared first on Cybersecurity News.

Government 62

Government Technology Cybersecurity Malware 62

Krebs on Security

NOVEMBER 17, 2022

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin.

Ransomware 354

Ransomware Encryption Backups Manufacturing 354

The Last Watchdog

SEPTEMBER 25, 2023

million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Taking an active role Your cybersecurity policy should address your employees and technology systems. Employee training is crucial.

Small Business 222

Small Business Cybersecurity Technology Accountability 222

Krebs on Security

JANUARY 29, 2022

Several articles here have delved into the history of John Bernard , the pseudonym used by a fake billionaire technology investor who tricked dozens of startups into giving him tens of millions of dollars. Another investor, a Belgian named Guy Devos , contributed the remaining $750,000. million) — had been lost.

Scams 313

Scams Technology Web Fraud 313