US Creates National Cryptocurrency Enforcement Team
us Creates National cryptocurrency Enforcement Team The United States Department of Justice (DOJ) has formed a new task force to oversee complex investigations and prosecutions of criminal misuses of crypto-currency.
Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets
Written by Tim Starks Oct 7, 2021 | CYBERSCOOP A Russian-speaking ransomware gang in recent months has aggressivelytargeted North American organizations with more than $300 million in revenue, with a
#DTX2021: AI Ethics in Practice: How to Turn AI Principles Into Practical Governance and Compliance?
#DTX2021: AI Ethics in Practice: How to Turn AI Principles Into Practical Governance and Compliance? Where are we at with human interaction with AI? What impact in terms of ethics
Medtronic recalls insulin pump controllers over life-threatening flaws
A threat actor can exploit these vulnerabilities to hijack Medtronic devices and modify how much insulin should be administered to a patient. Medtronic, a well-known medical device maker, has recalled
Medtronic Cybersecurity Risks: Some Devices Should Be Returned to Vendor
Some Medtronic cybersecurity risks were discovered in relation to the “MiniMed Paradigm” products range, that is why the company urges immediate returning to vendors the remote controllers associated with MiniMed
Welland Park Academy IT Systems Hacked by a Former Employee Who Was Getting Bored
In retaliation for being fired, a computer expert began to carry out cyberattacks and deleted data from a secondary school’s systems, and changed passwords at an IT firm. On January
ShellClient Malware Used against Aerospace and Telco Firms
ShellClient is a previously undocumented remote access trojan (RAT) built with extra attention to its stealth capabilities on any system it infects. Apparently, the malware was created in order to
What is Spear Phishing? Definition, Examples, Prevention Strategies
What is spear phishing, you ask? Long story short, it’s a phishing technique that plays on the victim’s trust or, rather his gullibility. Spear phishing attacks are surgical, while general
#DTX2021: Adapt to Succeed During Times of Great Disruption, Says Astronaut Adam Steltzner
#DTX2021: Adapt to Succeed During Times of Great Disruption, Says Astronaut Adam Steltzner Astronaut Adam Steltzner, NASA JPL, outlined six principles that organizations of all sectors need to embrace in order
The Department of Justice Intends to Sue Contractors Who Don’t Report Cybersecurity Breaches
Yesterday, the Department of Justice declared is ready to take legal action against government contractors and other companies who receive U.S. government subventions if they don’t disclose cyber breaches of
#DTX2021: Houston, We Have a Breach: Cyber Preparedness Advice From Lisa Forte
#DTX2021: Houston, We Have a Breach: Cyber Preparedness Advice From Lisa Forte At DTX in London Excel on October 6 2021, Red Goat Cyber Security founder, Lisa Forte, delivered a session
Honeywell Critical Vulnerabilities in Experion Process Knowledge System and ACE Controllers
CISA issued an advisory this Tuesday regarding some Honeywell critical vulnerabilities. If exploited, the consequences might be remote code execution (RCE) and DoS attacks (Denial of Service). These flaws are
Twitch Was Hacked
Twitch is a video live streaming service based in the United States that specializes in video game live broadcasting, including esports tournaments. Twitch also provides music broadcasts, original material, and, more
Police Crack Multimillion-Dollar Real Estate Fraud Gang
Police Crack Multimillion-Dollar Real Estate Fraud Gang European police claim to have dismantled an international organized crime group (OGC) that made millions from real estate fraud. Law enforcers in the
Data Breach Volumes for 2021 Already Exceed 2020 Total
Data Breach Volumes for 2021 Already Exceed 2020 Total The number of data breaches publicly reported so far this year has already exceeded the total for 2020, putting 2021 on
Infosec Experts: Twitch Breach “As Bad as it Gets”
Infosec Experts: Twitch Breach “As Bad as it Gets” Gaming and content streaming giant Twitch has confirmed a breach has taken place at the firm, after reports claimed a hacktivist leaked
What Is Lateral Movement? Lateral Movement Explained
Network Lateral Movement or lateral movement in cybersecurity refers to a technique used by hackers to progressively move from a compromised entry point to the rest of the network as
Canopy Parental Control App Wide Open to Unpatched XSS Bugs
The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users. Canopy, a parental control app that offers a range of features meant to protect kids
America Urged to Prepare for Shift to Post-Quantum Cryptography
America Urged to Prepare for Shift to Post-Quantum Cryptography The Department of Homeland Security (DHS) has teamed up with the Department of Commerce’s National Institute of Standards and Technology (NIST) to release a roadmap on the
VMware ESXi Servers Encrypted by Lightning-Fast Python Script
The little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption. Researchers have discovered a new
Texan Imprisoned Over COVID-19 Hoax
Texan Imprisoned Over COVID-19 Hoax A man from Texas has been sentenced to 15 months in federal prison after lying on social media. San Antonio resident Christopher Charles Perez, also
The Telegraph newspaper exposed 10TB of subscriber data
The data was exposed due to an unprotected Elasticsearch cluster and remained open to public access without any security authentication. Well-known security researcher Bob Diachenko discovered a ‘Giant’ blunder made
ESPecter Bootkit Malware Haunts Victims with Persistent Espionage
The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. A rare Windows UEFI bootkit malware has been
Publishers Tackle Doctoring of Research Images
Publishers Tackle Doctoring of Research Images A working group appointed by the International Association of Scientific, Technical and Medical Publishers (STM) has published a new set of guidelines to tackle the issue
US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking
Written by Tim Starks Oct 6, 2021 | CYBERSCOOP U.S. officials unveiled a suite of cybersecurity initiatives Wednesday, from cracking down on illicit cryptocurrency usages to increasing transparency about data
High Severity Vulnerability Patched in Access Demo Importer Plugin
WordFence – Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On August 9, 2021, the Wordfence
CISA Creates JCDC Agency for U.S. Cyber Defense Operations Plans
Security Intelligence – CISA Creates JCDC Agency for U.S. Cyber Defense Operations Plans The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a new agency on Aug. 6
#DTX2021: How to Keep Pace with the Rising Threat Landscape
#DTX2021: How to Keep Pace with the Rising Threat Landscape Strategies organizations should take to keep up with the evolution of cyber-attackers was the topic of a panel discussion during Digital
Twitch Gets Gutted: All Source Code Leaked
An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch’s source code, comments going back to its inception and more. An attacker claims
Twitch hacked- Source code and Streamer payment figures leaked
Twitch has undergone a massive hack resulting in leaking the source code for its unreleased streaming service, creator payout details, and other sensitive information. The attack was carried out by
Heimdal™ Adds a New Product to Its Suite of Cybersecurity Solutions: Remote Desktop
Copenhagen, October 6th, 2021 – Heimdal™ Security (Heimdal™) has just launched a brand-new remote access and support solution that will greatly improve your flexibility in terms of connecting to your
The Telegraph Leaked 10 TB Database
The exposed data was kept on an exposed Elasticsearch cluster. It’s important to note that while much of the data was encrypted, personal information of at least 1,200 Telegraph subscribers
Apache HTTP Server Zero-day Vulnerability Exploited in the Wild, Users Should Patch ASAP
Apache HTTP Server users have been advised to patch as soon as possible as a zero-day bug in the open-source cross-platform web server software is actively being exploited in the
150 Million Google User Accounts Will Automatically Be Enrolled Into 2FA
The 2FA technique, often known as two-factor authentication, is essentially a two-step verification, as the name suggests. Users log in using two authentication factors: one can be a password or
How Can You Use A VPN On Netflix?
To watch Netflix securely and unlock its international catalog, you just need a reliable VPN – Let’s dig deeper. Netflix is one of the leading streaming platforms that has over
Stolen Twitch source code, creator payment data revealed in apparent data leak
Written by Jeff Stone Oct 6, 2021 | CYBERSCOOP Source code underpinning the live streaming service Twitch has reportedly leaked, exposing information about some company plans and payment data from
Advanced Threat Protection in the Modern Age: An Interview with a Threat Hunter
These days, the line between our online and offline lives has become indistinguishable. Our home lives, professional work, community services, economic prosperity and even national security are all connected to
#DTX2021: Louis Theroux Discusses the Coalescence of Tech and Human Behavior
#DTX2021: Louis Theroux Discusses the Coalescence of Tech and Human Behavior Renowned documentarist Louis Theroux described the growing societal dangers posed by social media use during the keynote interview at
NCSC: Revoke Admin Access for BYOD Users Immediately
NCSC: Revoke Admin Access for BYOD Users Immediately Government security experts have urged organizations to review and re-plan any BYOD strategies implemented as a quick fix during the pandemic, warning
CISA, NIST Says Use Cybersecurity Control Systems
Trend Micro – Last July 2021, US President Joe Biden signed a memorandum on improving the US’s cybersecurity for critical infrastructure control systems. It establishes a voluntary initiative, encouraging collaboration
TangleBot Android malware hijacks phone to steal login credentials
TangleBot Android malware is delivered through smishing and is currently targeting users in Canada and the US disguised as information about COVID-19 vaccination. It is a fact that SMS messages
IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft
Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses. Three vulnerabilities in the IP video-surveillance systems created by Axis
Apache Web Server Zero-Day Exposes Sensitive Data
The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. Apache Software has quickly issued a fix for a zero-day security
Cybersecurity risk assessment: Does Your Company Need It?
Cyber security risk assessments are a framework for detecting, analyzing, and prioritizing operational risk – Let’s dig deeper into why your company needs it more than ever. What is a
White House Dark Web Marketplace Shuts Down its Operations
The White House Dark Web Marketplace says “We are retiring!” The White House Dark Web marketplace will cease to exist as the website administrator has announced to shut down its
How to Build an Incident-Response Plan, Before Security Disaster Strikes
Joseph Carson, Chief Security Scientist at ThycoticCentrify, offers a 7-step practical IR checklist for ensuring a swift recovery from a cyberattack. In a startling discovery, a recent report found that
Facebook Blames Outage on Faulty Router Configuration
One easily disproved conspiracy theory linked the ~six-hour outage to a supposed data breach tied to a Sept. 22 hacker forum ad for 1.5B Facebook user records. As of Monday
Oops! Compound DeFi Platform Gives Out $90M, Would Like it Back, Please
The Compound cryptocurrency exchange accidentally botched a platform upgrade and distributed millions in free COMP tokens to users – then threatened to dox the recipients. Compound, an Ethereum-based decentralized finance