Cox’s bad customer service stymies users who don’t want upload speeds cut
Cox told media that customers can keep speed plans but didn't tell sales reps.
24-02-2021 21:15

Ukraine says Russia hacked its document portal and planted malicious files
Ukraine says Russia also backed massive DDoS attack using never-before-seen methods.
24-02-2021 20:09

Cybercriminals Target QuickBooks Databases
Stolen financial files then get sold on the Dark Web, researchers say.
24-02-2021 17:25

New APT Group Targets Airline Industry & Immigration
LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
24-02-2021 17:05

61% of Malware Delivered via Cloud Apps: Report
Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.
24-02-2021 16:56

DHL Express and FedEx targeted by phishing scam
Researchers have discovered that around 10,000 employee mailboxes at DHL Express and FedEx have been hit by two phishing attacks that sought to extract recipients work email account. A blog post shared by Armorblox this week detailed the attacks. The pos
24-02-2021 15:33

Google Invests in Linux Kernel Developers to Focus on Security
Google will fund two full-time Linux kernel developers to maintain and improve Linux security in the long term.
24-02-2021 15:25

Kaseya Buys Managed SOC Provider
Purchase extends offerings for MSP and SMB customers
24-02-2021 15:00

How Security Culture Invokes Secure Behaviour
It has always been suspected that security culture and secure behaviour were closely linked, although proof was hard to produce. Today, KnowBe4 released research that shows not only have researchers been able to validate that link, but they also give dat
24-02-2021 14:59

The Realities of Extended Detection and Response (XDR) Technology
While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion.
24-02-2021 13:00

Android users now have an easy way to check the security of their passwords
Feature checks user credentials against a list of billions of compromised passwords.
24-02-2021 12:52

Universities Face Double Threat of Ransomware, Data Breaches
Lack of strong security policies put many schools at risk of compromise, disrupted services, and collateral damage.
24-02-2021 11:20

Cartoon Caption Winner: Be Careful Who You Trust
And the winner of The Edge's February cartoon caption contest is ...
24-02-2021 11:00

Bombardier suffers ransomware and data leak
The Canadian airplane manufacturer has today revealed that it suffered a security breach. In a press release, Bombardier disclosed that some of its data has been published on the dark web portal operated by the Clop ransomware gang: “An initial inv
24-02-2021 10:55

Healthcare Organisations increasingly targeted in cyberattacks
Research has shown that in the past year cyberattackers have increasingly targeted healthcare organisations for deploying ransomware and other cyber-attacks. The annual X-Force Threat Intelligence research was released on Wednesday, which tracks the evol
24-02-2021 10:02

3 Security Flaws in Smart Devices & IoT That Need Fixing
The scope and danger of unsecured, Internet-connected hardware will only continue to deepen.
24-02-2021 10:00

Botnet Uses Blockchain to Obfuscate Backup Command & Control Information
The tactic makes it much harder for defenders to take down botnets via sinkholing and other standard techniques, Akamai says.
24-02-2021 09:15

Confirmed: Fry’s Electronics going out of business, shutting down all stores
Former king of build-your-own-PC retailers couldn't survive COVID, consignment shift.
24-02-2021 05:52

SolarWinds Attackers Lurked for 'Several Months' in FireEye's Network
Top execs from FireEye, SolarWinds, Microsoft, and CrowdStrike testified before the US Senate Intelligence Committee today on the aftermath - and ongoing investigations - into the epic attacks.
23-02-2021 19:45

Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Also on Krebs' radar: the cyber-response to COVID-19 and intelligence-sharing between private and public sectors.
23-02-2021 17:50

SonicWall Releases Second Set of February Firmware Patches
The latest patches, for its SMA 100 series products, comes less than three weeks after an updates to patch a zero-day vulnerability.
23-02-2021 16:10

Musk: Starlink will hit 300Mbps and expand to “most of Earth” this year
SpaceX CEO teases higher speeds, lower latency, and near-global coverage.
23-02-2021 15:52

10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express
The two campaigns aimed to steal victims' business email account credentials by posing as the shipping companies.
23-02-2021 15:00

The bitcoin blockchain is helping keep a botnet from being taken down
Wallet transactions camouflage the IP address of the botnet's control server.
23-02-2021 14:00

Augmenting SMB Defense Strategies With MITRE ATT&CK: A Primer
Any organization can use MITRE ATT&CK as a force multiplier, but it's especially valuable for small ones.
23-02-2021 13:00

Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
When siloed functions unite in the face of cyberthreats, organizations can continue, uninterrupted, along their paths to digital transformation.
23-02-2021 10:45

Transport for NSW affected by Accellion breach
Accellion systems are used to share and store files by as many as 300 organisations all around the world. Recently, they suffered a data breach following an attack linked to the ransomware gangs, Clop and FIN11. Accellion has claimed that less than 100 c
23-02-2021 10:39

Sequoia Capital investor information stolen
Sequoia Capital, one of the most famous venture capital firms in Silicon Valley announced that it suffered a data breach. The firm officially referred to it as a “cybersecurity incident”, in which investor data, including personal information
23-02-2021 10:35

CVSS as a Framework, Not a Score
The venerable system has served us well but is now outdated. Not that it's time to throw the system away -- use it as a framework to measure risk using modern, context-based methods.
23-02-2021 10:00

Austin Energy: Scammers threaten to cut power
Unknown individuals have been impersonating Austin Energy in an attempt to scam customers. The scammers were threatening to cut customers’ power unless a fictitious overdue bill was paid immediately. They typically requested reloadable prepaid debi
23-02-2021 09:56

AT&T and Frontier have let phone networks fall apart, Calif. regulator finds
AT&T raised phone prices 153% over a decade as service got steadily worse.
22-02-2021 20:44

Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool
APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.
22-02-2021 18:10

Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast.
22-02-2021 17:50

Accellion Data Breach Resulted in Extortion Attempts Against Multiple Victims
FireEye Mandiant says it discovered data stolen via flaw in Accellion FTA had landed on a Dark Web site associated with a known Russia-based threat group.
22-02-2021 16:50

Clubhouse suffer a ‘data breach’
Security concerns have recently arisen concerning the popular audio chatroom app Clubhouse. The app’s users privacy policy has been questioned in the past, with the app saying it would take steps to ensure user data could not be accessed by malicio
22-02-2021 15:26

Researcher Reports Vulnerability in Apple iCloud Domain
A stored cross-site scripting vulnerability in the iCloud website reportedly earned a security researcher $5,000.
22-02-2021 15:25

Sequoia Capital Suffers Data Breach
The attack began with a successful phishing email.
22-02-2021 15:00

8 Ways Ransomware Operators Target Your Network
Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.
22-02-2021 11:45

Cybersecurity Responsibility in a Post-Pandemic World
In this video, Omdia Cybersecurity Senior Research Director Maxine Holt explains why a more sustainable approach to post-pandemic cybersecurity is necessary.
22-02-2021 11:00

What Can Your Connected Car Reveal About You?
App developers must take responsibility for the security of users' data.
22-02-2021 10:00

New malware found on 30,000 Macs has security pros stumped
With no payload, analysts are struggling to learn what this mature malware does.
20-02-2021 15:10

Comcast reluctantly drops data-cap enforcement in 12 states for rest of 2021
ISP grants reprieve in Northeast but still caps users in most of its US territory.
19-02-2021 17:26

International law firm Jones Day hacked with data posted on dark web 
This week, it was confirmed that international law firm Jones Day had data stolen from cybercriminals and is a direct result of the wider data breach suffered by file-sharing service Accellion. The hacker, which goes by the name Clop, had uploaded much o
19-02-2021 17:16

Kia Denies Ransomware Attack as IT Outage Continues
Kia Motors America states there is no evidence its recent systems outage was caused by a ransomware attack.
19-02-2021 17:15

Companies unprepared for cloud migration
A new report from Virtana reveals that most organisations are forcing to revert some of their applications back to on-prem infrastructure. 350 IT professionals were included in the report, which found that 72% had moved at least one app back onto on-prem
19-02-2021 15:30

US cities affected after ATFS Ransomware attack
Automatic Funds Transfer Services was targeted in a ransomware attack on the 3rd of February. The  payment processor is used by many cities and agencies throughout the US. The data used for billing and verifying customers and residents is extremely varie
19-02-2021 14:59

Attackers Already Targeting Apple's M1 Chip with Custom Malware
A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.
19-02-2021 13:15

New browser-tracking hack works even when you flush caches or go incognito
At least 4 top browsers affected by "powerful tracking vector," researchers say.
19-02-2021 12:54

Red Canary closes $81 million Series C financing round led by Summit Partners
Red Canary has closed its $81 million Series C financing round led by global growth equity investor Summit Partners. The new funding will help to support continued investment in both product and team expansion as the company continues to work toward enab
19-02-2021 12:45

Omdia's On-Demand Webinars
19-02-2021 12:00

People’s Postcode Lottery scam claims you could have won £1,000
The People’s Postcode Lottery has issued a statement warning players of a phishing scam which offers £1,000 in exchange for personal details. The scam claims to be from the People’s Postcode Lottery and states that players have won £1,000 aft
19-02-2021 11:40

Millions of Californian DMV records possibly exposed in breach
The Californian Department of Motor Vehicles (DMV) has suffered a data breach that could have possibly exposed over a year’s worth of data after a third-party contractor was compromised during a cyberattack. During this breach customer addresses an
19-02-2021 11:11

How to Fine-Tune Vendor Risk Management in a Virtual World
Without on-site audits, many organizations lack their usual visibility to assess risk factors and validate contracts and SLA with providers.
19-02-2021 10:00

Microsoft says SolarWinds hackers stole source code for 3 products
The company said it found no indication the breach allowed customers to be hacked.
19-02-2021 02:20

Microsoft Concludes Internal Investigation into Solorigate Breach
The software giant found no evidence that attackers gained extensive access to services or customer data.
18-02-2021 18:10

CrowdStrike Buys Log Management Startup Humio for $400M
CrowdStrike plans to use Humio's technology to continue building out its extended detection and response platform.
18-02-2021 16:50

Apple Offers Closer Look at Its Platform Security Technologies, Features
In a nearly 200-page document, company offers a detailed overview of Secure Enclave and multiple other security controls in Apple silicon-based Macs and other platforms.
18-02-2021 15:25

Microsoft Azure Front Door Gets a Security Upgrade
New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
18-02-2021 14:46

Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy
Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
18-02-2021 13:00

Data security accountability in an age of regular breaches
As the number of vendors impacted by supply-chain breaches grows, one constant question remains: where exactly does accountability for data security lie, and what part do end users play in their own data breach protection?
18-02-2021 12:00

How to Run a Successful Penetration Test
These seven tips will help ensure a penetration test improves your organization's overall security posture.
18-02-2021 11:55

Virginia Takes Different Tack Than California With Data Privacy Law
Online businesses targeting Virginia consumers and have personal data of 100,000 consumers in the state must conform to the new statute.
18-02-2021 10:00

The Edge Pro Tip: Say What You Know
During the immediate period following a breach, it's vital to move fast - but not trip over yourself.
18-02-2021 09:45

Egregor Arrests a Blow, But Ransomware Will Likely Bounce Back
Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.
17-02-2021 18:30

US Unseals Indictments Against North Korean Cyberattackers for Thefts Totaling $1.3B
FBI, CISA, and Treasury Department also release details about North Korean malware used in cryptocurrency thefts since 2018.
17-02-2021 18:05

White House Says 100 Private Sector Orgs Hit in SolarWinds Campaign
Anne Neuberger, a top Biden cybersecurity official, provided an update on the government's investigation into the massive breach.
17-02-2021 17:25

Kia Faces $20M DoppelPaymer Ransomware Attack
Kia Motors America this week experienced a nationwide IT outage; now, reports indicate the company was hit with ransomware.
17-02-2021 15:50

Ransomware? Let's Call It What It Really Is: Extortionware
Just as the targets of these attacks have shifted from individuals to corporations, so too has the narrow focus given way to applying force and pressure to pay.
17-02-2021 13:00

Breach Etiquette: How to Mind Your Manners When It Matters
Panic-stricken as you may be in the face of a cyberattack, keeping calm and, perhaps most importantly, responding appropriately are critical to limiting the damage.
17-02-2021 12:40

Enterprise Windows Threats Drop as Mac Attacks Rise: Report
An analysis of 2020 malware activity indicates businesses should be worried about internal hack tools, ransomware, and spyware in the year ahead.
17-02-2021 12:20

4 Predictions for the Future of Privacy
Use these predictions to avoid pushback, find opportunity, and create value for your organization.
17-02-2021 10:00

France ties Russia’s Sandworm to a multiyear hacking spree
Destructively minded group has exploited an IT monitoring tool from Centreon.
17-02-2021 01:26

Compromised Credentials Show That Abuse Happens in Multiple Phases
The third stage, when threat actors rush to use stolen usernames and password pairs in credential-stuffing attacks, is the most damaging for organizations, F5 says.
16-02-2021 18:45

North Korea may have hacked into Pfizer servers looking for COVID data
South Korea's NIS warned lawmakers of Russian and North Korean hacking activity.
16-02-2021 18:08

Firms Patch Greater Number of Systems, but Still Slowly
Fewer systems have flaws; however, the time to remediate vulnerabilities stays flat, and many issues targeted by in-the-wild malware remain open to attack.
16-02-2021 17:45

Strata Identity Raises $11M in Series A Round
The series A round of funding, led by Menlo Ventures, will help Strata scale its distributed identity technology.
16-02-2021 14:20

Under Attack: Hosting & Internet Service Providers
The digital universe depends on always-on IT networks and services, so ISPs and hosting providers have become favorite targets for cyberattacks.
16-02-2021 13:00

New type of supply-chain attack hit Apple, Microsoft and 33 other companies
Researcher who got targets to automatically install his code gets $130,000 payout.
16-02-2021 12:49

Palo Alto Networks Plans to Acquire Cloud Security Firm
Most of Fortune 100 firms have used Bridgecrew's service in their application development processes.
16-02-2021 11:30

Fighting Fileless Malware, Part 3: Mitigations
Attackers can dodge the countermeasures you employ against fileless malware. So how do you mitigate the damage?
16-02-2021 10:30

Black History Month 2021: Time to Talk Diversity and Cybersecurity
In an industry that consistently needs new ideas, it's essential to have individuals who think, speak, and act in diverse ways.
16-02-2021 10:00

Parler says it’s back without “Big Tech” after being kicked off Amazon
Parler said it's using "independent technology" to get online after Amazon ban.
15-02-2021 21:15

U.S Internal Revenue Service warns of phishing scam
An urgent warning has been issued by the U.S Internal Revenue Service (IRS) about a phishing scam that is trying to steal Electronic Filing Identification Numbers. The scam emerged in early February, just before the start of tax filing season on Feb. 12
15-02-2021 15:49

Cyber security companies miss million of email attacks
New research by Barracuda has found that cybersecurity protection organisations have missed millions of email attacks. The research discovered 2,029,413 unique attacks in 2,600,531 unique mailboxes. The cybersecurity firm said that an average of 512 atta
15-02-2021 15:28

3.2 billion emails and passwords leaked in data breach
Over 3.2 billion email addresses and paired passwords have been posted online in what is being called one of the biggest breaches of all time. The database of passwords and emails are thought to have been compiled following data breaches carries out on v
15-02-2021 14:20

French and Ukrainian police arrested Egregor ransomware members
Several members of the Egregor ransomware group were arrested following a joint operation between Ukrainian and French law enforcement. French law enforcement officers made the arrests after they were able to trace ransom payments to group members based
15-02-2021 14:11

How Healthcare Organizations Can Protect Themselves Against IoT Ransomware
Healthcare delivery organizations are increasingly deploying medical devices, IoT, and other medical platforms to improve connectivity and support patient care. Weak cybersecurity evaluations, inappropriate network segmentation, and legacy devices expand
15-02-2021 13:50

Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees
Users' distrust of corporate security teams is exposing businesses to unnecessary vulnerabilities.
15-02-2021 10:00

100+ Financial Services Firms Targeted in Ransom DDoS Attacks in 2020
Consumer banks, exchanges, payment firms, and card issuing companies around the globe were among those hit.
15-02-2021 09:00

How to Submit a Column to Dark Reading
Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.
15-02-2021 08:30

Prosecutor charges former phone company employee in SIM-swap scheme
Charges filed as soaring cryptocurrency prices drive increase in SIM swapping crimes.
13-02-2021 14:00

A Windows Defender vulnerability lurked undetected for 12 years
Microsoft patched the bug in its A/V program after researchers spotted it last fall.
13-02-2021 12:10

Frontier raises sneaky “Internet Infrastructure Surcharge” from $4 to $7
Fee covers Frontier's basic network costs but isn't included in advertised rates.
12-02-2021 20:38

Top 5 privacy-conscious social media platforms
Recently, WhatsApp informed its users that it would be implementing a change to its Terms of Service and Privacy Policy. Users were given an ultimatum to accept or cease to use the app. This sent millions of people into a frenzy, with many individuals ju
12-02-2021 17:48

223 vulnerabilities identified in recent ransomware attacks
Researches from RiskSense, a risk-based vulnerability management service, discovered 223 different vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database that were used in ransomware attacks throughout 2020. This is four times the num
12-02-2021 15:22

AT&T scrambles to install fiber for 90-year-old after his viral WSJ ad
From 3Mbps DSL to 300Mbps fiber: Aaron Epstein's newspaper ad gets amazing result.
12-02-2021 15:01

Warning: Increase in Web Shell Attacks
Web shells are tools deployed by threat actors on already hacked servers to gain and maintain access. They allow these hackers to remotely execute arbitrary code or commands, move laterally within a network or deliver malicious payloads. Last year the nu
12-02-2021 13:42

Microsoft is seeing a big spike in Web shell use
Spike shows just how useful and hard to detect these simple programs can be.
12-02-2021 13:19

2021 CyberFirst Girls Competition
More than 6,500 girls entered this years qualifying round of the 2021 CyberFirst Girls Competition, run by the National Cyber Security Centre (NCSC). Teams from more than 600 schools took part in online cyber security puzzles. 9 of the teams are from Sco
12-02-2021 13:12

Confucious APT found targeting Pakistan and Indian officials using Android Spyware 
Two new Android survellanceware have been discovered by the Lookout Threat Intelligence Team. Named Hornbill and SubBird, these two campaigns are believed to be connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent th
12-02-2021 12:56

source : arstechnica, darkreading, itsecurityguru