Cybersecurity News
New APT hacking group leverages ‘KilllSomeOne’ DLL side-loading
A new entry into the APT scene has peppered its malware with political messages.05 November 2020
US, Brazilian law enforcement seize $24 million in cryptocurrency generated through online fraud
Suspects involved in the scheme are being accused of defrauding investors of over $200 million.05 November 2020
Capcom quietly discloses cyberattack impacting email, file servers
The attack forced Capcom to temporarily pull services to stop the attack from spreading.05 November 2020
Company that runs US illegal immigration detention centers discloses ransomware attack
Data for inmates and employees at three centers in California, Florida, and Pennsylvania was exposed in a ransomware attack on August 19.05 November 2020
Ransom Payment No Guarantee Against Doxxing
Several organizations that paid a ransom to keep attackers from releasing stolen data saw it leaked anyway, according to Coveware.04 November 2020
Disinformation Now the Top Concern Following Hack-Free Election Day
After an Election Day without foreign interference and cyberattacks, security experts turn their focus to disinformation.04 November 2020
Mysterious APT Leaves Curious ‘KilllSomeOne’ Clue
APT cloaks identity using script-kiddie messages and advanced deployment and targeting techniques.
04 November 2020
GrowDiaries Exposes Emails, Passwords of 1.4M Cannabis Growers
Cannabis journaling platform GrowDiaries exposed more than 3.4 million user records online, many from countries where pot is illegal.
04 November 2020
Google Forms Abused to Phish AT&T Credentials
More than 200 Google Forms impersonate top brands - including Microsoft OneDrive, Office 365, and Wells Fargo - to steal victims' credentials.
04 November 2020
Hexagon Announces Deal to Acquire PAS Global
The Houston-based PAS Global will operate as part of Hexagon's PPM (formerly Intergraph Process, Power & Marine) division.04 November 2020
Why Paying to Delete Stolen Data is Bonkers
Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion that victims might have any real expectation the attackers will actually destroy the stolen data, new research suggests a fair number of victims who do pay up may see some or all of the stolen data published anyway.04 November 2020
Prepare for the Unexpected: Costs to Consider in Security Budgets
Organizations that update business models to include cybersecurity as part of a strategic planning process may be able to better withstand unexpected disruptions.04 November 2020
Russian authorities make rare arrest of malware author
Malware dev made the grave error of deploying his malware inside Russia's borders.04 November 2020
Toymaker Mattel Hit by Ransomware Attack
Financial disclosure filings describe a ransomware attack that delivered a weak punch.
04 November 2020
Containers for Data Analysis Are Rife With Vulnerabilities
Old software components and the inclusion of unnecessary code created a massive attack surface area in containers for scientific analysis, researchers say.04 November 2020
VMware Issues Updated Fix For Critical ESXi Flaw
A previous fix for the critical remote code execution bug was "incomplete," according to VMware.
04 November 2020
CSA Moves to Redefine Cloud-Based Intelligence
The new paradigm seeks to understand, integrate, and automate data workflows, and better yet, doesn't require significant investment or more personnel.04 November 2020
Code42 Incydr Series: Why Most Companies Can’t Stop Departing Employee Data Theft
According to Code42’s Data Exposure Report, 63% of employees say they brought data with them from their previous employer to their current employer.
04 November 2020
Police to Livestream Ring Camera Footage of Mississippi Residents
Pilot program again sparks privacy fears from ACLU as Amazon takes its partnership with law enforcement to the next level.
04 November 2020
As Maze retires, clients turn to Sekhmet ransomware spin-off Egregor
The ransomware’s ‘retirement’ has left a hole that Egregor operators may capitalize on.04 November 2020