May, 2021

How to Tell a Job Offer from an ID Theft Trap

Krebs on Security

One of the oldest scams around — the fake job interview that seeks only to harvest your personal and financial data — is on the rise, the FBI warns.

Employers are watching remote workers and they're monitoring these activities

Tech Republic Security

While many employers are tapping technologies to monitor workflows, a new report highlights potential drawbacks and even resentment among surveilled employees

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MY TAKE: How SASE has begun disrupting IT — by shifting cybersecurity to the ‘services edge’

The Last Watchdog

One of the hottest topics at RSA Conference 2021 taking place virtually this week is the Secure Access Services Edge ( SASE ) security framework. Related: Cybersecurity experts react to Biden’s EO. SASE (pronounced sassy) essentially is a roadmap for infusing privacy and security deeply into the software coding that gives life to our smartphones, IoT devices and cloud infrastructure, i.e. at the “services edge,” where all the action is taking place.

5 Critical Regulations for Cyber Security Compliance

Doctor Chaos

Cyber security compliance is more important than ever. With new technologies and digital connections happening every day, small and medium-sized businesses (SMBs) must properly comply with cyber security regulations across the board. Which ones, though, should you focus on the most?

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Over 25% Of Tor Exit Relays Spied On Users' Dark Web Activities

The Hacker News

An unknown threat actor managed to control more than 27% of the entire Tor network exit capacity in early February 2021, a new study on the dark web infrastructure revealed.

110
110

The Only Thing Surprising About The Crippling Ransomware Attack On A Major US Fuel Pipeline Is That Anyone Is Surprised That The Attack Succeeded

Joseph Steinberg

More Trending

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills.

Welcoming the Swedish Government to Have I Been Pwned

Troy Hunt

Today I'm very happy to welcome the 16th government to Have I Been Pwned, Sweden.

Colonial Pipeline, Darkside and Models

Adam Shostack

The Colonial Pipeline shutdown story is interesting in all sorts of ways, and I can’t delve into all of it. I did want to talk about one small aspect, which is the way responders talk about Darkside. Blog posts from Sophos and Mandiant seem really useful!

Adding a Russian Keyboard to Protect against Ransomware

Schneier on Security

A lot of Russian malware — the malware that targeted the Colonial Pipeline, for example — won’t install on computers with a Cyrillic keyboard installed.

Colonial Pipeline Paid Hackers $5 Million Ransom

Adam Levin

Colonial Pipeline paid roughly $5 million to the ransomware group responsible for hacking its systems, contradicting earlier claims. . Bloomberg News reported that the company paid the ransom in cryptocurrency hours after the May 7 cyberattack that shut down the country’s largest fuel pipeline.

Email Security, Working from Home and World Password Day

Lohrman on Security

What is the future of passwords? More urgently, how are you doing with using (or reusing) passwords now? Here are some helpful tips ahead of World Password Day on May 6

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast.

Pwned Passwords, Open Source in the.NET Foundation and Working with the FBI

Troy Hunt

I've got 2 massive things to announce today that have been a long time in the works and by pure coincidence, have aligned such that I can share them together here today. One you would have been waiting for and one totally out of left field.

RSAC insights: Introducing ‘CWPP’ and ‘CSPM,’ new frameworks to secure cloud infrastructure

The Last Watchdog

A greater good has come from Capital One’s public pillaging over losing credit application records for 100 million bank customers. Related: How credential stuffing fuels account takeovers.

Double-Encrypting Ransomware

Schneier on Security

This seems to be a new tactic : Emsisoft has identified two distinct tactics. In the first, hackers encrypt data with ransomware A and then re-encrypt that data with ransomware B.

Credit Reporting Companies Put Customer Data at Risk

Adam Levin

The credit reporting bureau Experian is facing a backlash for its recent failures to protect customer data. . An undergraduate student at Rochester Institute of Technology named Bill Demirkapi discovered the most recent security failure.

Gas Lines Unmask Ransomware Crisis: Where Next?

Lohrman on Security

America finally woke up to the reality that we have a ransomware emergency worthy of real attention. How did events unfold and what will happen next?

Try This One Weird Trick Russian Hackers Hate

Krebs on Security

Welcoming the Trinidad & Tobago Government to Have I Been Pwned

Troy Hunt

Today I'm very happy to welcome the first Caribbean government to Have I Been Pwned, Trinidad & Tobago.

GUEST ESSAY: 3 sure steps to replace legacy network security systems — in a measured way

The Last Watchdog

Keeping up with the pace of technology, information, and the evolving threat landscape is a challenge for all enterprises. Related: DHS launches 60-day cybersecurity sprints. To make matters more difficult, implementing new security software and processes to address these issues is another big hurdle, often causing disruption—and not the good kind.

AIs and Fake Comments

Schneier on Security

This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” ” This wasn’t another attempt by Republicans to make it harder for Black people and urban residents to vote.

A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next

Anton on Security

A SOC Tried To Detect Threats in the Cloud … Your Won’t Believe What Happened Next Now, we all agree that various cloud technologies such as SaaS SIEM help your Security Operations Center (SOC). However, there’s also a need to talk about how traditional SOCs are challenged by the need to monitor cloud computing environments for threats. In this post, I wanted to quickly touch on this very topic and refresh some past analysis of this (and perhaps reminisce on how sad things were in 2012 ).

Are DHS Pipeline Breach Reporting Mandates Just the Beginning?

Lohrman on Security

The Department of Homeland Security is mandating that pipeline companies report cyber breaches to federal authorities within 12 hours of an incident, and the list of organizations who must do the same will likely grow

156
156

Recycle Your Phone, Sure, But Maybe Not Your Number

Krebs on Security

Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents.

Welcoming the Dominican Republic Government to Have I Been Pwned

Troy Hunt

Continuing with the launch of the Have I Been Pwned Domain Search API to national government cyber agencies, I am very happy to welcome the first Latin American country on board, the Dominican Republic.

ROUNDTABLE: Experts react to President Biden’s exec order in the aftermath of Colonial Pipeline hack

The Last Watchdog

As wake up calls go, the Colonial Pipeline ransomware hack was piercing. Related: DHS embarks on 60-day cybersecurity sprints. The attackers shut down the largest fuel pipeline in the U.S., compelling Colonial to pay them 75 bitcoins , worth a cool $5 million.

Bizarro Banking Trojan

Schneier on Security

Bizarro is a new banking trojan that is stealing financial information and crypto wallets. …the program can be delivered in a couple of ways­ — either via malicious links contained within spam emails, or through a trojanized app.

Using Threat Modeling to Improve Compliance (TM Thursday)

Adam Shostack

Threat model Thursday is not just back, but live again! This week is my Using Threat Modeling to Improve Compliance at RSAC 2021. The video replay is available if you have an RSA pass, and the slides are available to all. Threat Model Thursdays threat modeling

141
141

The Broadening of American Infrastructure — Or Not

Lohrman on Security

The Biden administration has proposed a bold new infrastructure plan that includes road, bridges, airports, broadband, people and more. What’s in the plan — and what’s next

150
150

Using Fake Reviews to Find Dangerous Extensions

Krebs on Security

Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams.

Weekly Update 245

Troy Hunt

This week is the culmination of planning that began all the way back in August last year when I announced the intention to start open sourcing the HIBP code base. Today, it's finally happened with Pwned Passwords now completely open to all.

RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment

The Last Watchdog

By patiently slipping past the best cybersecurity systems money can buy and evading detection for 16 months, the perpetrators of the SolarWinds hack reminded us just how much heavy lifting still needs to get done to make digital commerce as secure as it needs to be. Related: DHS launches 60-day cybersecurity sprints.

Ransomware Is Getting Ugly

Schneier on Security

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet.

Review: Practical Security Architecture

Adam Shostack

There’s an insightful comment , “Everybody has a testing environment. Some people are lucky enough enough to have a totally separate environment to run production in.” ” Similarly, everybody has both enterprise and product architecture.

Podcast: A Long Week

Doctor Chaos

Tony G and Aamir Lakhani discuss their long week of investigating remote work cyber attacks, the craziness of ransomware, the Colonial Pipeline attack, and a debate on Cobalt Strike being a tool made for attackers or being used by attackers.