2021

Three Top Russian Cybercrime Forums Hacked

Krebs on Security

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked.

SolarWinds Hires Chris Krebs to Reboot Its Cybersecurity

Data Breach Today

Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

The Last Watchdog

It’s only February, and 2021 already is rapidly shaping up to be the year of supply-chain hacks. Related: The quickening of cyber warfare. The latest twist: mobile network operator UScellular on Jan. 21 disclosed how cybercriminals broke into its Customer Relationship Management (CRM) platform as a gateway to compromise the cell phones of an undisclosed number of the telecom giant’s customers.

National Security Risks of Late-Stage Capitalism

Schneier on Security

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds.

Risk 113

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Far-Right Platform Gab Has Been Hacked—Including Private Data

WIRED Threat Level

The transparency group DDoSecrets says it will make the 70GB of passwords, private posts, and more available to researchers, journalists, and social scientists. Security Security / Cyberattacks and Hacks

More Trending

Pay-or-Get-Breached Ransomware Schemes Take Off

Dark Reading

In 2020, ransomware attackers moved quickly to adopt so-called "double extortion" schemes, with more than 550 incidents in the fourth quarter alone

5 Cloud Trends That Will Reshape IT in 2021

DXC

We rang in 2020 with all the expectations that cloud computing would continue its progression as a massive catalyst for digital transformation throughout the enterprise. What we didn’t expect was a worldwide health crisis that led to a huge jump in cloud usage.

Cloud 106

List of data breaches and cyber attacks in February 2021 – 2.3 billion records breached

IT Governance

The cyber security industry was rocked in February after a ransomware attack against the Cloud service provider Accellion. Dozens of organisations that used the software reported incidents in one of the worst months we’ve ever recorded.

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

Sealed U.S. Court Records Exposed in SolarWinds Breach

Krebs on Security

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S.

Patient Files Dumped on Darknet Site After Hacking Incidents

Data Breach Today

Data Appears to Come From 2 Healthcare Organizations in Florida, Texas The Conti cybercrime gang has reportedly leaked sensitive patient data, as well as employee records, on a darknet site following recent hacker attacks on a two healthcare organizations in Florida and Texas

260
260

Senators Grill Cybersecurity Execs on SolarWinds Attack

Data Breach Today

FireEye, Microsoft, CrowdStrike Offer New Details and Recommendations The CEOs of SolarWinds, Microsoft, FireEye and CrowdStrike rolled out a series of cybersecurity recommendations to a U.S.

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

SolarWinds and Mimecast are long-established, well-respected B2B suppliers of essential business software embedded far-and-wide in company networks. Related: Digital certificates destined to play key role in securing DX. Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map.

B2B 140

The Best Data Retention Policy & Template To Get You Started

In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.

Deliberately Playing Copyrighted Music to Avoid Being Live-Streamed

Schneier on Security

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down and maybe even banning the filmers: In a separate part of the video, which Devermont says was filmed later that same afternoon, Devermont approaches [BHPD Sgt. Billy] Fair outside.

China Hijacked an NSA Hacking Tool—and Used It for Years

WIRED Threat Level

The hackers used the agency’s EpMe exploit to attack Windows devices years before the Shadow Brokers leaked the agency’s zero-day arsenal online. Security Security / National Security

IT 114

New Ryuk ransomware implements self-spreading capabilities

Security Affairs

French experts spotted a new Ryuk ransomware variant that implements self-spreading capabilities to infect other devices on victims’ local networks.

Successful Malware Incidents Rise as Attackers Shift Tactics

Dark Reading

As employees moved to working from home and on mobile devices, attackers followed them and focused on weekend attacks, a security firm says

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

The new DevSecOps team is up and running, and you feel ready to take on rising security threats while delivering quality software updates. But that leaves just one question: how do you monitor your new program as effectively and efficiently as possible? Join Shannon Lietz, Director of DevsecOps at Intuit, and award-winning innovator, to learn the answers to these questions so you can lead your DevSecOps team to the top!

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Data Breach Today

Prolific Ransomware Can 'Spread Automatically' Inside Networks, CERT-FR Warns Prolific Ryuk ransomware has a new trick up its sleeve. "A

Defining and Refining Next-Gen AML

Data Breach Today

David Stewart of SAS on the Tools and Technologies Deployed to Fight Financial Crimes As the financial payments landscape shifts, and as fraudsters employ new technologies and techniques, institutions are deploying a next generation of anti-money laundering defenses.

IT 260

Analysis: 2020 Health Data Breach Trends

Data Breach Today

Ransomware, Phishing Incidents, Vendor Hacks Prevail Hacking incidents, including ransomware and phishing attacks, as well as security incidents involving vendors dominated the federal tally of major health data breaches in 2020

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week’s news about a hacker who tried to poison a Florida town’s water supply was understandably front-page material.

IT 246

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.

Biden Inauguration: Defending Against Cyberthreats

Data Breach Today

Experts Warn of an Elevated Risk of Attack From Domestic, Foreign Actors As thousands of National Guard troops pour into Washington to provide security for the Jan.

Researchers Disclose More Malware Used in SolarWinds Attack

Data Breach Today

Microsoft, FireEye Find Additional Payloads Used During Supply Chain Attack Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds last December.

223
223

GUEST ESSAY: 5 steps for raising cyber smart children — who know how to guard their privacy

The Last Watchdog

Today’s children are online at a young age, for many hours, and in more ways than ever before. As adults, we know that bad online decisions can have negative or dangerous effects for years to come. Related: Web apps are being used to radicalize youth. The question isn’t whether we should educate children about online safety, but how we can best inspire them to learn to be thoughtful, careful, and safe in the cyber world for their lifetime. For adults doing the teaching, it’s no easy task.

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008.

Testing at Every Stage of Development

Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.

There Are Spying Eyes Everywhere—and Now They Share a Brain

WIRED Threat Level

Security cameras. License plate readers. Smartphone trackers. Drones. We’re being watched 24/7. What happens when all those data streams fuse into one? Backchannel Security / Privacy Business

Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha

Security Affairs

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ?A

How Cybersecurity Newbs Can Start Out on the Right Foot

Dark Reading

Cybersecurity experts share their savvy tips and useful resources for infosec hopefuls