Krebs on Security

JUNE 21, 2020

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “ BlueLeaks ” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. The collection — nearly 270 gigabytes in total — is the latest release from Distributed Denial of Secrets (DDoSecrets), an alternative to

Government 363

Government Cyber threats Accountability Banking 363

Schneier on Security

JUNE 12, 2020

This is a weird story : Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance and which routes all inbound and outbound connections through the open-source Tor network to anonymize it. According to Vice, the FBI had tried to hack into Hernandez's computer but failed, as the approach they used "was not tailored for Tails.

Surveillance 288

Surveillance Accountability Media Hacking 288

Adam Levin

JUNE 8, 2020

Japanese automotive manufacturer Honda is investigating a possible ransomware attack that has caused company-wide network outages. Several news outlets have reported that the company’s servers have been infected with the EKANS ransomware which led to network connectivity issues in Europe and Japan over the weekend. “On Sunday, June 7, Honda experienced a disruption in its computer network that has caused a loss of connectivity, thus impacting our business operations,” said a spokespe

Ransomware 283

Ransomware Manufacturing Malware Data breaches 283

Tech Republic Security

JUNE 11, 2020

A password alone will not protect sensitive information from hackers--two-factor authentication is also necessary. Here's what security pros and users need to know about two-factor authentication.

Authentication 216

Authentication Passwords 216

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

JUNE 26, 2020

A man accused to have developed distributed denial of service (DDoS) botnets based on the Mirai botnet was sentenced to 13 months in federal prison. Kenneth Currin Schuchman, 22, of Vancouver, Washington, was sentenced to 13 months in federal prison because it has developed distributed denial of service (DDoS) botnets based on the source code of Mirai botnet.

DDOS 140

DDOS IoT Advertising Internet 140

Threatpost

JUNE 5, 2020

A researcher found that phone numbers tied to WhatsApp accounts are indexed publicly on Google Search creating what he claims is a “privacy issue” for users.

Accountability 142

Accountability Data privacy Mobile 142

Schneier on Security

JUNE 24, 2020

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer than any other time in my adult life -- and I have no future flights scheduled. This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying.

Risk 358

Risk 358

WIRED Threat Level

JUNE 2, 2020

Over several decades, the 1033 program has shipped over $7.4 billion of Defense Department property to more than 8,000 law enforcement agencies.

144

144

Tech Republic Security

JUNE 18, 2020

When factories, notably in China, shuttered during the COVID-19 pandemic, products the US relied on were impacted. Here's how experts see a return to "Made in America" and the incumbent risks.

Manufacturing 211

Manufacturing Risk Cybersecurity 211

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack.

Media 136

Media Hacking Passwords Data breaches 136

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Threatpost

JUNE 29, 2020

Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.

Data privacy 144

Data privacy 144

Krebs on Security

JUNE 9, 2020

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.

Ransomware 352

Ransomware System Administration Backups Technology 352

Dark Reading

JUNE 26, 2020

Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.

140

140

WIRED Threat Level

JUNE 22, 2020

The so-called BlueLeaks collection includes internal memos, financial records, and more from over 200 state, local, and federal agencies.

Hacking 145

Hacking 145

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Tech Republic Security

JUNE 8, 2020

The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.

Small Business 218

Small Business Ransomware 218

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. Researchers at security firm Intego observed the new variant being spread masqueraded as a fake Adobe Flash Player installer (.DMG disk image) and implementing fresh advanced evasion capabilities. “The new malware tricks victims into bypassing Apple’s built-in macOS security protecti

Engineering 134

Engineering Malware Adware Antivirus 134

Threatpost

JUNE 4, 2020

Westech International provides maintenance for the Minuteman III nuclear-missile program and runs programs for multiple branches of the military.

Ransomware 138

Ransomware Government Malware Hacking 138

Krebs on Security

JUNE 3, 2020

An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico’s top tourist destinations disrupted their highly profitable business, which raked in an estimated $1.2 billion and enjoyed the protection of top Mexican authorities.

Banking 347

Banking Mobile Advertising Marketing 347

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Dark Reading

JUNE 18, 2020

The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?

Cybersecurity 131

Cybersecurity 131

WIRED Threat Level

JUNE 9, 2020

Just like with foods that display health information the package, researchers are exploring a tool that details how connected devices manage data.

IoT 131

IoT 131

Tech Republic Security

JUNE 23, 2020

Bad actors have flooded the enterprise with coronavirus-related attacks, but professionals working from home have other worries, Unisys Security found.

218

218

Security Affairs

JUNE 30, 2020

A threat actor is selling databases containing data belonging to 14 different companies he claimed were hacked in 2020. A threat actor is selling databases that contain user records for 14 different organizations he claimed were hacked in 2020, only for four of them ( HomeChef , Minted , Tokopedia , and Zoosk ) were previously reported data breaches.

Data breaches 133

Data breaches Hacking Passwords Risk 133

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

Threatpost

JUNE 4, 2020

The end-to-end encryption feature will not be offered to free users, Zoom's CEO said, in case Zoom needed to comply with federal and local law enforcement.

Encryption 131

Encryption 131

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web. On June 16, authorities in Michigan arrested 29-year-old Justin Sean Johnson in connection with a 43-count indictment on charges of conspiracy, wire fraud and aggravated identi

Identity Theft 325

Identity Theft Healthcare Hacking Technology 325

Dark Reading

JUNE 2, 2020

Insider cyber threats are always an issue during layoffs -- but with record numbers of home office workers heading for the unemployment line, it's never been harder to maintain cybersecurity during offboarding.

Information Security 112

Information Security Cyber threats Cybersecurity 112

WIRED Threat Level

JUNE 15, 2020

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users.

139

139

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk

Tech Republic Security

JUNE 3, 2020

Cybersecurity, remote IT troubleshooting and cloud support will be the most sought-after skills for businesses in the months following the COVID-19 pandemic, according to a survey of CIOs and tech executives.

Cybersecurity 199

Cybersecurity 199

Security Affairs

JUNE 27, 2020

The France Télévisions group announced yesterday that it was hit by a cyber attack, targeting one of its broadcasting sites. The France Télévisions group announced Friday that it was the victim of a cyber attack that targeted one of its broadcasting sites. According to the group, the attack did not impact its antennae. “One of its dissemination sites has been infected with a computer virus.” reads a statement issued by the Franch group.

Cyber Attacks 131

Cyber Attacks Backups Advertising Media 131

Threatpost

JUNE 25, 2020

Several high-severity flaws in Nvidia's GPU display drivers for Windows users could lead to code-execution, DoS and more.

145

145

Krebs on Security

JUNE 30, 2020

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse.

Retail 295

Retail Banking Hacking Cybercrime 295

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity