Sat.May 14, 2022

Weekly Update 295

Troy Hunt

A short one this week as the previous 7 days disappeared with AusCERT and other commitments. Geez it was nice to not only be back at an event, but out there socialising and attending all the related things that tend to go along with it.

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking on “Securing a World of Physically Capable Computers” at OWASP Belgium’s chapter meeting in Antwerp, Belgium, on May 17, 2022. I’m speaking at Future Summits in Antwerp, Belgium, on May 18, 2022.

178
178
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OpRussia update: Anonymous breached other organizations

Security Affairs

Another week has passed and Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues, the collective claims to have hacked multiple organizations and government entities.

How to Turn a Coke Can Into an Eavesdropping Device

Dark Reading

Cyber-researchers are testing the bounds of optical attacks with a technique that allows attackers to recover voice audio from meetings if there are shiny, lightweight objects nearby

104
104

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Ransomware is Indiscriminatory – Prepare for Everything to Fail

Security Boulevard

Ransomware attacks continue to grow in frequency. In the past 12 months, 76% of organizations have been affected by ransomware attacks, constituting a 15% YoY rise according to Veeam’s Data Protection Trends Report 2022. As well as being more common, ransomware is also getting more potent.

The LEGION collective calls to action to attack the final of the Eurovision song contest

Security Affairs

The Pro-Russian volunteer movement known as LEGION is calling to launch DDoS attacks against the final of the Eurovision song contest. The LEGION is a Pro-Russian volunteer movement that focuses on DDOS attacks.

DDOS 96

More Trending

Pro-Russian hacktivists target Italy government websites

Security Affairs

Pro-Russian hacker group Killnet targeted the websites of several Italian institutions, including the senate and the National Institute of Health.

Telios Review – Decentralized And Secure Email Service Provider

SecureBlitz

In this post, I will show you the Telios review, a decentralized, secure, and encrypted email service. Telios is a decentralized and encrypted Peer-to-Peer email service provider that promises high-level security using a P2P network to provide secured and private email services for its clients.

The NSA Swears It Has ‘No Backdoors’ in Next-Gen Encryption

WIRED Threat Level

Plus: New details of ICE’s dragnet surveillance in the US, Clearview AI agrees to limit sales of its faceprint database, and more. Security Security / Security News

Motorola Solutions Reports First-Quarter 2022 Financial Results

CyberSecurity Insiders

CHICAGO–( BUSINESS WIRE )–Motorola Solutions, Inc. NYSE: MSI) today reported its earnings results for the first quarter of 2022. “I’m I’m pleased with our strong start to the year, highlighted by robust growth in video security,” said Greg Brown, chairman and CEO, Motorola Solutions.

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Angry IT admin wipes employer’s databases, gets 7 years in prison

Bleeping Computer

Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data. [.]. Security

111
111

OWASP® Global AppSec US 2021 Virtual – Ronen Slavin’s ‘Analyzing Google’s SLSA Framework For Securing Software Supply Chains’

Security Boulevard

Our thanks to both the OWASP® Foundation and the OWASP Global AppSec US 2021 Virtual Conference Presenters for publishing their well-crafted application security videos on the organization’s’ YouTube channel. Permalink.

How To Start An Insurance Business In 2022

SecureBlitz

Learn how to start an insurance business in 2022 in this post. If you are looking for a recession-proof business, entering the insurance industry is the right choice. Insurance is an essential part of life for the majority of Americans.

Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off

The Hacker News

Ever thought about working full-time in cybersecurity? With millions of unfilled jobs around, now is a great time to get into the industry. Of course, there are many different roles in this field. But all of them require the same handful of professional certifications.

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Microsoft fixes new PetitPotam Windows NTLM Relay attack vector

Bleeping Computer

A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. [.]. Security

94

XKCD ‘Crêpe’

Security Boulevard

via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Crêpe’ appeared first on Security Boulevard. Humor Security Bloggers Network Diacritic Sarcasm Linguistics Humor Randall Munroe Sarcasm satire XKCD

65

Crypto thief threatened to cut man's fingers 'one by one,' stole £34K

Bleeping Computer

Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000. [.].

Scams 86

LDAPSearch Reference

Security Boulevard

ldapsearch is a extremely powerful tool, especially for Windows Active Directory enumeration.

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Ana Pinczuk Appointed to SentinelOne Board of Directors

CyberSecurity Insiders

MOUNTAIN VIEW, Calif.–( –( BUSINESS WIRE )– SentinelOne (NYSE: S), an autonomous cybersecurity platform company, today announced the appointment of Ana Pinczuk to its board of directors. Pinczuk brings more than 30 years of technical executive leadership experience to SentinelOne.

Security BSides Sofia 2022 – Bozhidar Bozhanov, Minister Of e-Government, Republic Of Bulgaria ‘ Keynote’

Security Boulevard

Our thanks to Security BSides Sofia for publishing their Presenter’s Security BSides Sofia 2022 superb security videos on the organization’s’ YouTube channel. Permalink. The post Security BSides Sofia 2022 – Bozhidar Bozhanov, Minister Of e-Government, Republic Of Bulgaria ‘ Keynote’ appeared first on Security Boulevard.

Crypto robber who lured victims via Snapchat and stole £34,000 jailed

Bleeping Computer

Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000. [.].

Scams 55

What actually drives information security?

Notice Bored

The 'obvious' driver for information security is information risk: valuable yet vulnerable information must be secured/protected against anything that might compromise its confidentiality, integrity or availability, right?