Troy Hunt

JUNE 19, 2021

Thought I'd do a bit of AMA this week given the rest of the content was a bit lighter. If you like this sort of content then I'll try and be a bit more organised next time, give some notice and make more of an event out of it. Other than that, I'm screwing around with more IoT things, dealing with more breaches, onboarding new governments so yeah, same same 🙂 References Here's the iFixit kit I bought, it's the "Pro Tech Toolkit" (this is a really nice pie

IoT 327

IoT Government Malware 327

Adam Shostack

JUNE 19, 2021

I’m thrilled that Juneteenth will be a Federal holiday. We need more holidays that celebrate freedom, and there’s few events that increase freedom as much as emancipating people who were enslaved. That is, freeing them from the threat violence would be used against them, and they would have no recourse. The United States also needs more holidays that celebrate the United part.

130

130

Bleeping Computer

JUNE 19, 2021

A new iPhone bug has come to light that breaks your iPhone's wireless functionality by merely connecting to a certain WiFi hotspot. Once triggered, the bug would render your iPhone unable to establish a WiFi connection, even if it is rebooted or the WiFi hotspot is renamed. [.].

Wireless 145

Wireless 145

Security Boulevard

JUNE 19, 2021

This week in security news in review, we have reporting on the Avaddon ransomware gang closing down, Google releasing a new framework about supply chain attack prevention, and a new malware that prevents you from visiting piracy sites. These and other stories in this week’s edition of the cyber news you need to know. . The post Security News in Review: Avaddon Ransomware Closes Down; CLOP Gang Members Arrested appeared first on Security Boulevard.

Ransomware 141

Ransomware Malware 141

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

JUNE 19, 2021

South Korea's 'Korea Atomic Energy Research Institute' disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability. [.].

VPN 144

VPN Hacking 144

Security Affairs

JUNE 19, 2021

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. South Korean representatives declared on Friday that North Korea-linked APT group Kimsuky is believed to have breached the internal network of the South Korean Atomic Energy Research Institute (KAERI). The Korea Atomic Energy Research Institute (KAERI) in Daejeon, South Korea was established in 1959 as the sole professional research-oriented institute for nuclea

Hacking 134

Hacking VPN Internet Internet 134

The Hacker News

JUNE 19, 2021

A string of cyber espionage campaigns dating all the way back to 2014 and focused on gathering military intelligence from neighbouring countries have been linked to a Chinese military-intelligence apparatus.

Cybersecurity 132

Cybersecurity 132

Security Affairs

JUNE 19, 2021

Experts attribute a series of cyber-espionage campaigns dating back to 2014, and focused on gathering military intelligence, to China-linked Unit 69010. Experts from Recorded Future’s Insikt Group linked a series of attacks, part of RedFoxtrot China-linked campaigns, to the PLA China-linked Unit 69010. The cyber-espionage campaigns dated back 2014 and focused on gathering military intelligence from neighboring countries were attributed to a Chinese military unit operating out of the city of Ürüm

Telecommunications 109

Telecommunications Government Hacking Malware 109

Security Boulevard

JUNE 19, 2021

via the textual amusements of Thomas Gx , along with the Illustration talents of Etienne Issartia and superb translation skillset of Mark Nightingale - the creators of CommitStrip ! Permalink. The post CommitStrip ‘Talk To Me’ appeared first on Security Boulevard.

109

109

Bleeping Computer

JUNE 19, 2021

Google is force-installing a Massachusetts COVID-19 tracking app on residents' Android devices without an easy way to uninstall it. [.].

125

125

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

JUNE 19, 2021

Our thanks to BSides Tampa for publishing their outstanding videos on the organization's YouTube channel. Enjoy the Education! Permalink. The post BSides Tampa 2021 – CISO Panel ‘John Burger, Guy Albertini, Michael Phillips, Barry Kortekas, Jon Sargent’ appeared first on Security Boulevard.

CISO 109

CISO Education InfoSec Information Security 109

The Hacker News

JUNE 19, 2021

South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart. The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a total of 13 IP addresses, one of which — "27.102.114[.

VPN 104

VPN Hacking 104

Bleeping Computer

JUNE 19, 2021

A new iPhone bug has come to light that breaks your iPhone's wireless functionality by merely connecting to a certain WiFi hotspot. Once triggered, the bug would render your iPhone unable to establish a WiFi connection, even if it is rebooted or the WiFi hotspot is renamed. [.].

Wireless 98

Wireless 98

Security Boulevard

JUNE 19, 2021

Imagine if a gang of burglars arrived on your street and started going from house to house each night testing windows and doors to see if any of them could be forced open. While many houses would be perfectly secure, it’s likely that there would be one or two — especially on a long street [.]. The post Better Vulnerability Management is Essential for Data Security appeared first on TechSpective.

86

86

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

JUNE 19, 2021

Google is force-installing a Massachusetts COVID-19 tracking app on residents' Android devices without an easy way to uninstall it. [.].

97

97

WIRED Threat Level

JUNE 19, 2021

Plus: Airbnb's safety squad, a fake pharmacy crackdown, and more of the week's top security news.

Risk 113

Risk 113

Security Boulevard

JUNE 19, 2021

TechSpective Podcast Episode 066 It has been a rough year and a half since COVID-19 hit at the beginning of 2020. Thankfully, we are rolling out vaccines at a blistering pace and it seems like there is light at the end of the tunnel and that things will begin to open back up. That includes [.]. The post Jack Daniel – Emerging from the Quarantine Cocoon appeared first on TechSpective.

Cybersecurity 65

Cybersecurity 65

Bleeping Computer

JUNE 19, 2021

A new trend has emerged on dating apps like Tinder with spammers sneaking in handwritten NSFW links within profile images. Multiple such Tinder spam profiles reviewed by BleepingComputer shared some common characteristics. [.].

Technology 107

Technology Mobile 107

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Boulevard

JUNE 19, 2021

Our thanks to BSides Tampa for publishing their outstanding videos on the organization's YouTube channel. Enjoy the Education! Permalink. The post BSides Tampa 2021 – Larry Whiteside’s ‘So You Wanna Be A CISO … Are You Sure?’ appeared first on Security Boulevard.

CISO 53

CISO Education InfoSec Information Security 53