Schneier on Security
SEPTEMBER 23, 2020
A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. I think this is the first documented case of a cyberattack causing a fatality. UK hospitals had to redirect patients during the 2017 WannaCry ransomware attack , but there were no documented fatalities from that event. The police are treating this as a homicide.
Krebs on Security
SEPTEMBER 23, 2020
Tyler Technologies , a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Daniel Miessler
SEPTEMBER 21, 2020
I just came across another post on Hacker News talking about why you shouldn’t move your SSH port off of 22 because it’s Security by Obscurity. There are some good reasons not to move SSH ports in certain environments, such as usability. People absolutely love to invoke the “Security by Obscurity” boogeyman, and it makes them feel super smart when they do.
Adam Levin
SEPTEMBER 22, 2020
The personal information of 540,000 sports referees, league officials, and school representatives has been compromised following a ransomware attack targeting a software vendor for the athletics industry. ArbiterSports, a software provider for several sports leagues including the NCAA, announced that it had averted a ransomware attack in July 2020, but despite blocking the attempt to encrypt their systems, the company discovered that a database backup had been accessed prior to the attack.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Schneier on Security
SEPTEMBER 21, 2020
This sounds like a bad idea.
Krebs on Security
SEPTEMBER 24, 2020
Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft’s warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to patch the vulnerability by Sept. 21 at the latest.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
SEPTEMBER 23, 2020
Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon.
Schneier on Security
SEPTEMBER 22, 2020
No real surprises, but we finally have the story. The story he went on to tell is strikingly straightforward. De Guzman was poor, and internet access was expensive. He felt that getting online was almost akin to a human right (a view that was ahead of its time). Getting access required a password, so his solution was to steal the passwords from those who’d paid for them.
Krebs on Security
SEPTEMBER 25, 2020
John Bernard , the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups , appears to be a pseudonym for John Clifton Davies , a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared of murdering his wife on their honeymoon in India.
Tech Republic Security
SEPTEMBER 22, 2020
Keeping the hackers out remains a top priority but firms are also looking at new areas of investment.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
SEPTEMBER 22, 2020
Operation Disruptor is an unprecedented international law enforcement effort, stemming from last year’s seizure of a popular underground bazaar called Wall Street Market.
Schneier on Security
SEPTEMBER 22, 2020
Amazon drivers — all gig workers who don’t work for the company — are hanging cell phones in trees near Amazon delivery stations, fooling the system into thinking that they are closer than they actually are: The phones in trees seem to serve as master devices that dispatch routes to multiple nearby drivers in on the plot, according to drivers who have observed the process.
Security Affairs
SEPTEMBER 22, 2020
The Italian eyewear and eyecare giant Luxottica has reportedly suffered a cyber attack that disrupted its operations in Italy and China. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, Apex by Sunglass Hut, Pearle Vision, Target Optical, Eyemed vision care plan, and Glasses.c
Tech Republic Security
SEPTEMBER 22, 2020
Security is changing rapidly, and the COVID-19 pandemic hasn't helped. A Cisco roundtable of chief information security officer advisers plotted the course for a secure future.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
WIRED Threat Level
SEPTEMBER 20, 2020
The latest update for your iPhone and iPad will make them safer than ever.
Schneier on Security
SEPTEMBER 24, 2020
The New York Times wrote about a still-unreleased report from Chckpoint and the Miaan Group: The reports, which were reviewed by The New York Times in advance of their release, say that the hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging to the targets, overcoming obstacles created by encrypted applications such as Telegram and, according to Miaan, even gaining access to information on WhatsApp.
Security Affairs
SEPTEMBER 20, 2020
The U.K. National Cyber Security Centre (NCSC) has issued an alert about a surge in ransomware attacks targeting education institutions. The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware attacks against education institutions. The British security agency is urging the institutions in the industry to follow the recommendations to mitigate the risk of exposure to ransomware attacks.
Tech Republic Security
SEPTEMBER 23, 2020
Game players are affected by phishing campaigns, while gaming companies are getting hit by DDoS attacks, says Akamai.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
WIRED Threat Level
SEPTEMBER 24, 2020
On July 15, Twitter melted down. On Election Day, that's not an option.
Schneier on Security
SEPTEMBER 25, 2020
The founder and CEO of the Internet security company NS8 has been arrested and “charged in a Complaint in Manhattan federal court with securities fraud, fraud in the offer and sale of securities, and wire fraud.” I admit that I’ve never even heard of the company before.
Security Affairs
SEPTEMBER 20, 2020
The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them.
Tech Republic Security
SEPTEMBER 21, 2020
Government agencies in the US have until today to patch a Windows Server vulnerability that could give hackers control over federal networks.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
WIRED Threat Level
SEPTEMBER 19, 2020
The outage resulted in a significant delay in treatment. German authorities are investigating the perpetrators on suspicion of negligent manslaughter.
Dark Reading
SEPTEMBER 22, 2020
Understaffed, underfunded, and underequipped, IT teams in the K-12 sector face a slew of challenges amid remote and hybrid learning models. Here's where they can begin to protect their schools against cyberattacks.
Security Affairs
SEPTEMBER 19, 2020
The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. The company currently has over 2 million users, some of them were not able to access the service for several hours.
Tech Republic Security
SEPTEMBER 22, 2020
Passwords are the most important factor for securing your accounts. But you need to pay attention to your usernames as well, says NordPass.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
WIRED Threat Level
SEPTEMBER 21, 2020
So-called single sign-on options offer a lot of convenience. But they have downsides that a good old fashioned password manager doesn't.
Dark Reading
SEPTEMBER 23, 2020
With an increasing number of Internet-connected medical devices in use to manage diabetes, protection against a variety of wireless network attacks could very well be a matter of life and death for patients.
Security Affairs
SEPTEMBER 24, 2020
Experts worldwide warn about a surge in the Emotet activity, this time the alerts are from Microsoft, Italy and the Netherlands agencies. Two weeks ago, cybersecurity agencies across Asia and Europe warned of Emotet spam campaigns targeting businesses in France, Japan, and New Zealand. The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France.
Tech Republic Security
SEPTEMBER 23, 2020
Bad actors could create or change websites and social media content to discredit this year's electoral process, cautions the FBI and CISA.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Expert insights. Personalized for you.
363 
Let's personalize your content