Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a "killswitch" designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.
Ryuk, Egregor Ransomware Attacks Leverage SystemBC BackdoorIn the past few months researchers have detected hundreds of attempted SystemBC deployments globally, as part of recent Ryuk and Egregor ransomware attacks.
Outing of FSB hit squad highlights Russia's data security problem
Analysis: trade in stolen data is a boon for investigators and a headache for Kremlin
In early 2019, the journalist Andrei Zakharov managed to buy his own phone and banking records in a groundbreaking investigation into Russia’s thriving markets in stolen personal data, in which law enforcement and telecoms employees can be contracted anonymously to dip into their systems and pull out sensitive details on anyone.
A year and a half later, investigators from Bellingcat and the Insider used some of the same tools and clever analysis to out a secret FSB team that had been tasked with killing Alexei Navalny using a novichok nerve agent.
Related: Russian FSB hit squad poisoned Alexei Navalny, report says
Related: 'We got really lucky': how novichok suspects' identities were revealedContinue reading...
The SolarWinds Perfect Storm: Default Password, Access Sales and MoreMeanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.
Patching Still Poses Problems for Industrial Controllers, Networking DevicesMore than 90% of devices that run the popular VxWorks embedded operating system remain vulnerable to critical flaws disclosed more than a year ago.
Sextortionist Campaign Targets iOS, Android Users with New SpywareGoontact lures users of illicit sites through Telegram and other secure messaging apps and steals their information for future fraudulent use.
Why Secure Email Gateways Rewrite Links (and Why They Shouldn't)Redirecting a user to a trusted server buys a secure email gateway company some time while it decides whether a URL is malicious -- but there are avoidable drawbacks to this approach.
SSO and MFA Are Only Half Your Identity Governance StrategyWe need better ways to manage user identities for accessing applications, especially given the strain it places on overworked IT and security teams.
FICO launches cryptocurrency trade risk solution for banksThe software will bring crypto risk assessment to KYC processes.
Cybersecurity Advent calendar: Stay close to one another… Safely!
This year, many of us will be celebrating Christmas with our loved ones virtually, however we shouldn’t underestimate the value of securing our online communication.
The post Cybersecurity Advent calendar: Stay close to one another… Safely! appeared first on WeLiveSecurity