Krebs on Security

NOVEMBER 21, 2020

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy , the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident is the latest incursion at GoDaddy that relied on tricking employees into transferring ownership and/or control over targeted domains to fraudsters.

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Schneier on Security

NOVEMBER 24, 2020

Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital and the patient dying. The police wanted to prosecute the ransomware attackers for negligent homicide, but the details were more complicated: After a detailed investigation involving consultations with medical professionals, an autopsy, and a minute-by-minute breakdown of events, Hartmann believes that the severity of the victim’s medi

Ransomware 361

Ransomware Cybercrime Hacking 361

Troy Hunt

NOVEMBER 22, 2020

With the benefit of hindsight, this was a naïve question: Alright clever IoT folks, I've got two of these garage door openers, what do you reckon the best way of connecting them with Apple HomeKit is? [link] — Troy Hunt (@troyhunt) April 25, 2020 In my mind, the answer would be simple: "Just buy X, plug it in and you're good to go". Instead, I found myself heading down the rabbit hole into a world of soldering, custom firmware and community-driven home automation kits.

IoT 361

IoT Firmware Manufacturing Internet 361

Adam Levin

NOVEMBER 23, 2020

The holidays are the most wonderful time of the year, especially for scammers. Consumers are typically spending more, doing it quickly and not paying as much attention to who they’re buying it from because of the rush. With the COVID-19 pandemic, many shoppers will make the bulk of their purchases online, which means this year’s Black Friday and Cyber Monday shopping frenzy could be riskier than usual.

Scams 239

Scams Banking Retail Consumer Protection 239

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Tech Republic Security

NOVEMBER 26, 2020

As you plan your big data strategy for next year, keep these seven goals in mind.

Big data 218

Big data 218

Schneier on Security

NOVEMBER 23, 2020

Last week I signed on to two joint letters about the security of the 2020 election. The first was as one of 59 election security experts, basically saying that while the election seems to have been both secure and accurate (voter suppression notwithstanding), we still need to work to secure our election systems: We are aware of alarming assertions being made that the 2020 election was “rigged” by exploiting technical vulnerabilities.

Government 326

Government Hacking Risk Cybersecurity 326

Security Affairs

NOVEMBER 26, 2020

US Fertility, the largest network of fertility centers in the U.S., discloses a ransomware attack that took place in September 2020. US Fertility , the largest network of fertility centers in the U.S., revealed that a ransomware attack hit its systems in September 2020. The US Fertility (USF) network is comprised of 55 locations across 10 states that completed almost 25,000 IVF cycles in 2018 through its clinics with 130,000 babies have been born. “On September 14, 2020, USF experienced

Ransomware 145

Ransomware Data breaches Encryption Malware 145

Tech Republic Security

NOVEMBER 24, 2020

If you've had files deleted by a hacker or you've accidentally removed them, Jack Wallen shows you how to recover that missing data with a handy tool called testdisk.

217

217

Schneier on Security

NOVEMBER 23, 2020

Quanta magazine recently published a breathless article on indistinguishability obfuscation — calling it the “‘crown jewel’ of cryptography” — and saying that it had finally been achieved, based on a recently published paper. I want to add some caveats to the discussion. Basically, obfuscation makes a computer program “unintelligible” by performing its functionality.

Encryption 256

Encryption 256

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. In part 2 , I covered IP addresses and the importance of a decent network to run all this stuff on, followed by Zigbee and the role of low power, low bandwidth devices. I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time.

IoT 356

IoT Firmware Risk Manufacturing 356

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Affairs

NOVEMBER 27, 2020

Canon finally confirmed that it has suffered a ransomware attack in early August that resulted in the theft of data from its servers. Canon has finally confirmed that it was the victim of a ransomware attack in early August and that the threat actors also stole data from its servers. In August, ZDNet first revealed the ransomware attack after it has obtained an internal memo that confirmed the outage suffered by Canon a few days before was caused by a ransomware attack.

Data breaches 145

Data breaches Ransomware Banking Media 145

Tech Republic Security

NOVEMBER 25, 2020

Any business is subject to ransomware attacks, but some are more hit more than others. Tom Merritt lists five business sectors that are targeted by ransomware.

Ransomware 210

Ransomware 210

Schneier on Security

NOVEMBER 25, 2020

In a lecture, Adam Shostack makes the case for a discipline of cyber public health. It would relate to cybersecurity in a similar way that public health relates to medicine.

Cybersecurity 241

Cybersecurity 241

Troy Hunt

NOVEMBER 25, 2020

The first few parts of this series have all been somewhat technical in nature; part 1 was how much of a mess the IoT ecosystem is and how Home Assistant aims to unify it all, part 2 got into the networking layer with both Wi-Fi and Zigbee and in part 3 , I delved into security. Now let's tackle something really tricky - humans. I love the idea of automating stuff in the home, but I love the idea of a usable home even more.

IoT 348

IoT Firmware Media Marketing 348

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

NOVEMBER 24, 2020

Researchers spotted a new variant of an adware and coin-miner botnet operated by Stantinko threat actors that now targets Linux servers. Researchers from Intezer have spotted a new variant of an adware and coin-miner botnet that is operated by Stantinko threat actors since 2012. The Stantinko botnet was first spotted by ESET in 2017, at the time it infected around half a million computers worldwide.

Adware 145

Adware Malware Hacking Software 145

Tech Republic Security

NOVEMBER 23, 2020

The Android apps promised Minecraft modifications but instead delivered intrusive ads aimed at kids and teenagers, says Kaspersky.

199

199

WIRED Threat Level

NOVEMBER 23, 2020

The company is rolling out a patch today for the vulnerabilities, which allowed one researcher to break into one in 90 seconds and drive away.

Hacking 145

Hacking 145

Troy Hunt

NOVEMBER 23, 2020

In part 1 , I deliberately kept everything really high level because frankly, I didn't want to scare people off. I'm not ashamed to say that the process of getting even the basics working absolutely did my head in as I waded through a sea of unfamiliar technologies, protocols and acronyms. I wish I'd had just the fundamentals down pat before going deeper and that was my intention with the first part of the series.

Firmware 337

Firmware IoT Wireless Manufacturing 337

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

NOVEMBER 23, 2020

The U.S. FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The U.S. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware 145

Ransomware Encryption VPN Backups 145

Tech Republic Security

NOVEMBER 25, 2020

Tech companies are offering this emerging technology to help financial institutions secure data while it is being processed.

Banking 193

Banking Technology 193

Dark Reading

NOVEMBER 24, 2020

As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice.

Backups 145

Backups Ransomware 145

Trend Micro

NOVEMBER 26, 2020

We recently discovered a new backdoor we believe to be related to the OceanLotus group. Some of the updates of this new variant include new behavior and domain names.

Malware 141

Malware 141

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

NOVEMBER 21, 2020

The Manchester United football club has been hit by a cyber attack on their systems, it is not aware of a breach of personal data for his fans. Manchester United disclosed a cyber attack, but according to the football club it is not “currently aware of any breach of personal data associated with our fans and customers”. The club confirmed the security breach on Friday evening, it shut down its systems to prevent the malware from spreading within.

Cyber Attacks 145

Cyber Attacks Media Malware Hacking 145

Tech Republic Security

NOVEMBER 24, 2020

Capturing the phone's IMSI number and MAC address, the leaked data could have made users trackable, potentially over their lifetimes, says Palo Alto Networks.

174

174

Threatpost

NOVEMBER 25, 2020

The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound.

Hacking 138

Hacking Internet Internet IoT 138

WIRED Threat Level

NOVEMBER 22, 2020

For now, the security measure will be available only to people using the beta version of the app.

Encryption 138

Encryption 138

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Affairs

NOVEMBER 24, 2020

2FA bypass discovered in web hosting software cPanel. More than 70 million sites are managed via cPanel software, according to the company. Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. Security researchers from Digital Defense have discovered a major security issue in cPanel , a popular software suite that facilitates the management of a web hosting server.

Hacking 145

Hacking Authentication Accountability Software 145

Tech Republic Security

NOVEMBER 24, 2020

If you're looking for the best Android VPN, Jack Wallen thinks Google's take on the service might be the perfect fit for those wanting both performance and security.

VPN 167

VPN 167

We Live Security

NOVEMBER 26, 2020

Here’s what to know about attacks where a fraudster has your number, literally and otherwise. The post SIM swap scam: What it is and how to protect yourself appeared first on WeLiveSecurity.

Scams 134

Scams 134

WIRED Threat Level

NOVEMBER 21, 2020

Ransomware as a service, exposed SMS photos, and more of the week's top security news.

Ransomware 135

Ransomware 135

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity