Cyber Attacks, Threats, and Vulnerabilities
Microsoft says it detected active attacks leveraging Zerologon vulnerability (ZDNet) Zerologon patching window is slowly closing as Microsoft warns of attacks in the wild.
Philippine police, military disown fake Facebook accounts (Reuters) The Philippine police and military on Wednesday denied any links to Facebook accounts that were taken down by the social media giant after it said they had engaged in "coordinated inauthentic behaviour" interfering in Asian and American politics.
Indian government websites on Chinese hackers' radar trigger security concerns (DNA India) Indian government websites on Chinese hackers' radar trigger security concerns - Indian security agencies are concerned on the latest development in which the United States Department of Justice has said that five Chinese hackers who charged were involved to target the Indian government networks and comprised of foreign government computer networks.
SAP ASE Information Leaks: CVE-2020-6295 and CVE-2020-6317 (Trustwave) Today I'd like to discuss two information disclosure vulnerabilities that occur in SAP Adaptive Server Enterprise installation process.
Facebook allowed hundreds of misleading super PAC ads, activist group finds (CNN) Facebook has allowed political advertisers to target hundreds of misleading ads about Joe Biden and the US Postal Service to swing-state voters ranging from Florida to Wisconsin in recent weeks, in an apparent failure to enforce its own platform rules less than two months before Election Day.
Australian security agency reports significant increase of right-wing extremists
(Xinhua) Australia's national security agency has reported a significant increase in the number of right-wing extremists it has under surveillance.
Surveillance Company Explains How to Keep Facebook From Detecting Fake Accounts in Leaked Manual (Vice) A leaked manual from Blackdot Solutions, a British company that offers social media monitoring services, included a step-by-step guide on how to create fake profiles on Facebook and LinkedIn.
New Zebrocy Campaign Suggests Russia Continues Attacks on NATO (SecurityWeek) QuoINT security researchers have identified a new Russia-linked Zebrocy campaign targeting countries associated with NATO
North-Korean hackers, increasing Chinese intelligence presence in Nepal a fresh cause of worry for India (Zee News) North Korean hackers who target banking systems and steal critical technology are suspected to be working for Chinese intelligence to target Indian systems, officials said.
Cyber Operatives Target US Voting Systems (Voice of America) Increased security measures are not stopping cyber operatives from looking for ways to break into critical U.S. voting systems, according to officials charged with safeguarding the nation's Nov.
DDoS Attacks Impact the Election Process (Radware Blog) From elections to revolutions, availability of information and the ability to communicate are critical elements, and inhibitors, of political society.
New ransomware actor OldGremlin uses custom malware to hit top orgs (BleepingComputer) A new ransomware group has been targeting large corporate networks using self-made backdoors and file-encrypting malware for the initial and final stages of the attack.
Russian-speaking OldGremlin ransomware group targets Russian organisations (Computing) The group uses social engineering techniques to infect networks - but is only targetting Russian organisations, for now
OldGremlin, a new ransomware gang, is aiming at Russian targets, Group-IB says (CyberScoop) Medical labs, banks, manufacturers and software developers in Russia are the prime targets for a new ransomware gang that began operating with custom tools as early as March of this year, according to researchers at the security vendor Group-IB.
Microsoft, Italy, and the Netherlands warn of increased Emotet activity (ZDNet) New alerts about a spike in Emotet activity come after France, Japan, New Zealand issued similar warnings at the start of the month.
Critical Industrial Flaws Pose Patching Headache For Manufacturers (Threatpost) When it comes to patching critical flaws, industrial firms face various challenges – with some needing to shut down entire factories in order to apply updates.
Experts Insight On Purdue Findings That Billions Of Devices Vulnerable To New 'BLESA' Bluetooth Security Flaw (Information Security Buzz) It has been reported that, according to Purdue University researchers, billions of smartphones, tablets, laptops, and IoT devices are using Bluetooth software stacks that are vulnerable to a new security flaw disclosed over the summer.
#InstaHack: how researchers were able to take over the Instagram App using a malicious image - Check Point Software (Check Point Software) Instagram is one of the most popular social media platforms globally, with over 100+ million photos uploaded every day, and nearly 1 billion monthly
Ransomware is big business—and you can’t afford to play the game! (Food Engineering) Ransomware could cost your food or beverage company millions.
Phishing Attacks Are Scarily Easy to Build (Menlo Security) Phishing attacks are scarily easy to launch and extremely dangerous. Watch our security team explore the dangers of this popular attack method.
Software vendor Tyler Technologies tells U.S. local government clients it was hacked (Reuters) Tyler Technologies <TYL.N>, whose products are used by U.S. states and counties to share election data, said on Wednesday that an unknown party had hacked its internal systems.
North Texas-Based Provider Of Software To Local Governments, Schools Suffers Data Breach (CBS) Tyler Technologies, based in Plano, told customers Wednesday an unknown intruder broke into its phone and information technology systems.
Gefco says cyber attack on its system was 'designed to disrupt our business' (The Loadstar) Gefco has admitted that it came under an external cyberattack last Sunday, “designed to disrupt our business”. Gefco said it did not yet know the origin of the attack, but is “working 24/7 with our IT partners and authorities to investigate and resolve the issue”. In a letter to customers, partners and colleagues, chief executive and chairman Luc Nadal said that Gefco had informed customer and partners, and “mobilised our employees to ...
'Message of Luc Nadal: Gefco cyber-attack' (The Loadstar) 22 September 2020 Dear Customers, Dear Partners, Dear Colleagues, Last Sunday, GEFCO came under an external cyberattack designed to disrupt our business. As soon as we learned about the cyberattack, we contacted our customers and partners to inform them, and we mobilized our employees to identify and implement alternative processes to ensure business continuity. Our IT team, together with our IT partners are working 24 hours a day to restore our business apps and we have ...
Shopify data breach illustrates the danger of insider threats (BleepingComputer) A recent data breach at Shopify that affected almost 200 merchange has been attributed to insiders.
Incident Update (Shopify) Recently, Shopify became aware of an incident involving the data of less than 200 merchants. We immediately launched an investigation to identify the issue--and impact--so we could take action and notify the affected merchants. Our investigation determined that two rogue members of our support team ...
Skyline.com Ransomware Attackers Claim 200+ GB of Cleartext Financial, Passport, and Personal Data Leaked (Risk Based Security) The Skyline data breach contains cleartext credit card information and could have far reaching implications for Skyline’s customers
Data breach at New York Sports Clubs owner exposed customer data (TechCrunch) Exclusive: The unprotected storage exposed customer addresses and phone numbers.
Data for 600K customers of U.S. fitness chains Town Sports leaked online (Security Affairs) The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet. US fitness chain Town Sports has suffered a data breach, a database belonging to the company containing the personal information of over 600,000 people was exposed on the Internet. Town Sports International Holdings is an […]
Cache Creek Casino in Northern California closed following systems failure (Sacramento Bee) Cache Creek Casino Resort in Northern California remains closed Tuesday morning, shut down since Sunday evening due to a systems infrastructure failure, according to a post on the tribal casino’s website.
Tennessee healthcare data breach impacts 235,000 patients (The Daily Swig) Blackbaud cyber-attack claims another victim
MultiCare donors, patients among victims in international ransomware attack (Spokesman) The Tacoma-based health care provider estimates somewhere around 300,000 patients and donors to their charitable arm may have been included in information stolen by data thieves targeting an online fundraising partner earlier this year. Those whose data may have been compromised are receiving notifications right now in the mail and via email.
Airbnb Accounts Exposed to Hijacking Due to Phone Number Recycling (SecurityWeek) A cybersecurity enthusiast has discovered that Airbnb accounts can be hijacked due to recycled phone numbers, and the issue does not appear to have been fixed
Experts On News that Data of more than 500,000 referees stolen in ransomware attack (Information Security Buzz) It has been reported that ArbiterSports, the official software provider for the NCAA (National Collegiate Athletic Association), and many other US leagues have announced it fended off a ransomware attack. In a data breach notification letter filed with multiple states across the US, the company said that despite detecting and blocking the hackers from encrypting its …
Bosses 'did not discuss data breach with minister' (BBC News) Tories call it "astonishing" that health minister did not meet senior Public Health Wales bosses.
St. Clair County government target of cyber attack (WBMA) Officials said Tuesday that St. Clair County government was the target of a cyber attack. In a news release, Paul Manning, Chairman of the St. Clair County Commission said, on Monday September 21, 2020 around 7:00 p. m. , the county began taking actions to "mitigate and remediate any hardware or software which may have been compromised" as a result. He added that this work will continue during the upcoming days.
3S CoDeSys (Update A) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 10.0
ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available
Vendor: 3S-Smart Software Solutions
Equipment: CoDeSys
Vulnerabilities: Improper Access Control, Relative Path Traversal
2.
Security Patches, Mitigations, and Software Updates
More patches released to address Zerologon bug in systems not compatible with Microsoft's fix (Computing) The Zerologon micropatch is 'primarily targeted at Windows Server 2008 R2 users without Extended Security Updates'
Microsoft Overhauls ‘Patch Tuesday’ Security Update Guide (Threatpost) Microsoft announced a new Security Guide to help cybersecurity professionals more quickly untangle relevant bugs in its monthly security bulletins.
Cyber Trends
Top Threats to Cloud Computing: Egregious (Cloud Security Alliance) The report provides organizations with an up-to-date, expert-informed understanding of cloud security concerns in order to make educated risk-management decisions regarding cloud adoption strategies. The Top Threats reports have traditionally aimed to raise awareness of threats, risks and
StackRox State of Container and Kubernetes Security Report Reveals Rapid Growth across Container and Kubernetes Adoption, Security Incidents, and DevSecOps Initiatives (StackRox) StackRox releases State of Containers and Kubernetes Security Report, Fall 2020
WatchGuard Research Finds 12% Spike in Evasive Threats Despite Decrease in Overall Malware Volume (WatchGuard Technologies) New report underscores the importance of layered security as zero day malware variants, Java-Script malware attacks and Microsoft Excel-based threats rise
State of IAAS Cloud Infrastructure Security and Governance (Sailpoint) A Global Survey of Executives and Governance Professionals
Cloud adoption has saved more than half of UK businesses from Covid-19 collapse (Centrify) LONDON ― September 24, 2020 ― Fifty-one percent (51%) of UK business leaders say their shift to a cloud computing-based business model has saved their company from collapse during the Covid-19 pandemic, according to research from Centrify, a leading provider of Identity-Centric Privileged Access Management (PAM) solutions.
Employees Would Simply Rather Not with Boring Security Awareness Training, New Research Finds (PR Newswire) In news surprising no one, a new survey of 1,000 U.S. employees has found that boring security awareness training doesn't make them want to be...
Remote Work Exacerbating Data Sprawl (Dark Reading) More than three-quarters of IT executives worry that data sprawl puts their data at risk, especially with employees working from insecure home networks, survey finds.
Infosec pros struggle to find opportunities to improve their work skills (Help Net Security) Cybrary survey finds the worsening security teams skills gap threatens job effectiveness amidst increasing devastating, global cyber attacks.
Massive Zunahme: Zahl der Cyberattacken steigt im zweiten Quartal um 154 Prozent (Mimikama) Die aktuelle Bedrohungsanalyse von G DATA CyberDefense belegt: Cyberkriminelle haben auch im zweiten Quartal Privatanwender und Unternehmen massiv attackiert.
South Africa, Kenya and Nigeria saw Millions of Cyber Attacks in 2020 and the Year is not over yet (IT News Online) South Africa, Kenya and Nigeria saw Millions of Cyber Attacks in 2020 and the Year is not over yet
Akamai: Cyberattacks against gamers spiked in the pandemic (VentureBeat) The video game industry faced more than 10 billion cyberattacks during the past couple of years, with the attacks spiking in the pandemic.
Top 7 cybersecurity books for ethical hackers in 2020 (Infosec Resources) Top ethical hacking books for 2020 Ethical hacking is a huge field with a number of different specializations within it. Since ethical hackers are
Marketplace
Newly founded cybersecurity startups raise over $31 million in 2020 (Atlas VPN) According to data presented by the Atlas VPN team, there are 78 new cybersecurity companies founded in 2020 that cumulatively have raised over $31.6 million in funding year-to-date.
CrowdStrike to Acquire Preempt Security to Offer Customers Enhanced Zero Trust Security Capabilities (BusinessWire) CrowdStrike Holdings, Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint and cloud workload protection, today announced it has agreed to acquir
CrowdStrike to acquire Preempt Security for $96 million (ZDNet) The company said it plans to use the deal to bolster its Falcon platform with conditional access technology.
Cerberus Sentinel announces acquisition of Clear Skies Security (GlobeNewswire) U.S. cybersecurity services firm adds experienced penetration testing team
Check Point Software Announces a Cloud Cybersecurity Acquisition: What You Should Know (The Motley Fool) The cybersecurity specialist also claimed to redefine secure remote access to enterprises.
Cloud Stocks: What Should Proofpoint Acquire? (Seeking Alpha) Proofpoint's Q2 revenues grew 21% to $258.4 million, ahead of the market's forecast of $253 million. For the third quarter, Proofpoint forecast revenues of $260-262 million with an EPS of $0.37-0.40. Rather than depend on partnerships, Proofpoint should go for an acquisition of a capital-efficient startup that would complement its offerings.
Huawei says 'survival is the goal' as US crackdown hammers its business (CNN) Huawei is in survival mode, as continuous "attacks" from the United States threaten to choke off the Chinese tech company's access to key technology.
UPDATE: Facebook now says it will reject Trump ads prematurely claiming victory Nov. 4 (Fast Company) Facebook banned political ads a week before the election. After questions from ‘Fast Company,’ it will now ban political ads—including those by the Trump campaign—that claim false victory in the days after November 3.
How a marked-up term sheet and messy rollout threw TikTok deal into disarray (Reuters) As China's ByteDance raced to seal a deal with Oracle Corp <ORCL.N> and Walmart Inc <WMT.N> to keep its video-sharing app TikTok operational in the United States, an apparent breakthrough came last Wednesday in a phone call to U.S. Treasury officials.
TCC, Mohammed bin Salman's new Darkmatter substitute (Intelligence Online) The cyber firm now controlled by the Saudi royal palace is developing a new range of activities focused on social network influence campaigns.
Yorkshire could lead the way in cybersecurity - Saj Huq (Yorkshire Post) This year has seen an unprecedented acceleration in the growth of the UK’s cybersecurity sector.
Cowbell Cyber Poised to Dominate Next Wave of Cyber Insurance with Prime 250 (PR Newswire) Cowbell Cyber, the industry's first AI-powered cyber insurance provider for small to mid-sized businesses (SMBs), today announced the...
TrapX Named 2021 TAG Cyber Distinguished Vendor (BusinessWire) TrapX Security, the global leader in Deception-based cyber defense solutions, has been selected by TAG Cyber as a Distinguished Vendor in the 2021 Sec
TrueFort Named 2021 TAG Cyber Distinguished Vendor (BusinessWire) TrueFort's ability to reduce the attack surface for application ecosystems is addressing an unmet need in our industry said Dr. Amoroso TAG Cyber CEO
SentinelOne appoints David Bernhardt as CFO (Help Net Security) SentinelOne, the autonomous cybersecurity platform company, today announced the appointment of David Bernhardt as CFO.
Meritor Names Fazal Merchant, Former Co-CEO of Tanium, Inc., to its Board of Directors (PR Newswire) Meritor, Inc. (NYSE: MTOR) today announced that it has appointed Fazal Merchant as a Class II director, with a term expiring at the 2023 annual...
Products, Services, and Solutions
vArmour Introduces Industry’s First Relationship Search to Investigate and Manage Cyber Risk Enterprise-Wide (GlobeNewswire) New Capabilities Enable Businesses to Pinpoint Risk and Resiliency Challenges Across Every Environment
AGU Selects ForgeRock Identity Cloud to Speed Its Pivot to a Virtual Conference (ForgeRock) ForgeRock Identity Cloud Features Fast Implementation and Seamless Integrations, Eliminating Pricing Surges
Attivo Networks ThreatDefend Platform is Verified as Citrix Ready (BusinessWire) Attivo Networks®, an award-winning leader in cyber deception and attacker lateral movement threat detection, today announced that Citrix Systems, Inc.
Pulse Secure Fortifies Secure Access Through McAfee’s Security Innovation Alliance (GlobeNewswire) Pulse Secure, the leading provider of Zero Trust Secure Access solutions, today announced successful integration and joint compatibility testing with McAfee ePolicy Orchestrator (ePO).
Siemens and Atos Announce a Five-Year Extension of Their Strategic Partnership (AiThority) As part of this agreement, Atos will also invest in innovation and digital modernization, in order to advance important innovation topics for Siemens.
Qualys Groundbreaking Multi-Vector Approach to EDR Now Shipping (WFMZ) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced the immediate availability
SpyCloud and CyberDefenses Team Up to Defend Against Foreign Election Interference (The Killeen Daily Herald) SpyCloud, known for its unique breach data collection and curation platform that powers leading account takeover prevention and fraud investigation solutions, today announced
Security Startup Kognos Ties XDR to VMware Carbon Black (SDxCentral) Security starup Kognos came out of the gate running today with its XDR platform and VMware Carbon Black interoperability.
Ordr Announces IoT Discovery Program To Uncover Shadow IoT (PR Newswire) Ordr, the leader in security for enterprise IoT and unmanaged devices, announced the availability of the Ordr IoT Discovery Program to uncover...
Pradeo Security In-App Protection: Neutralizing clones and fake apps to prevent fraud (Help Net Security) The new anti-clone/fake app capability is part of Pradeo Security In-App Protection service and complements shielding capabilities.
Mandiant Introduces New Cybersecurity Services for Microsoft Customers (BusinessWire) New Mandiant cybersecurity services bring together Mandiant expertise and intelligence with Microsoft security products.
Nuspire and SentinelOne Enhance Endpoint Service to Help Clients Improve Their SecOps Efficiencies and Effectiveness (PR Newswire) Nuspire, a leading and trusted managed security services provider (MSSP), in partnership with SentinelOne, the autonomous cybersecurity...
Comodo and Room57 Announce Strategic Partnership (Yahoo!) Comodo, the world’s leader of next-generation cybersecurity announced a partnership with Room57, an IT management and technology services provider based out of the United Kingdom.
AT&T, Akamai extend deal through 2023 (Light Reading) AT&T said it will continue to sell Akamai's services through 2023, extending the agreement the companies initially inked in 2012.
KnowBe4 Launches Enhanced Phish Alert Button With Language Localization Feature for Microsoft 365 (AiThority) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, announced it has launched an enhanced Phish Alert Button (PAB) with a Language Aware feature.
Infrascale Reimagines Customer Care in Data Protection Market (PRWeb) Infrascale, a cloud-based data protection company providing industry-leading backup and disaster recovery solutions, today announced a transformational over
Technologies, Techniques, and Standards
Testing ahead of U.S. elections reveals struggle to quell disinformation (Reuters) U.S. Election Day exercises simulating attacks ranging from hackers to anthrax to disrupt voting show state and local officials will struggle to quickly counter falsehoods flooding social media, according to five people familiar with the tests.
Reddit Squashed QAnon by Accident (The Atlantic) Two years ago, Reddit had the internet’s biggest QAnon problem. Today, that problem is gone—but the company can’t really explain why.
Cyber Airmen Trained for a China-Taiwan Conflict That Unfolds Online (Air Force Magazine) 16th Air Force Airmen mine social media and other forms of public information to address an undisclosed scenario involving China and Taiwan.
Your best defense against ransomware: Find the early warning signs (Help Net Security) Finding the early warning signs of an infection is your best defense against ransomware. Learn what to be on the lookout for and stay secure.
Contact Center Security While Working Remote (Dialpad) Remote work can expose systems to more cyber security threats. Here are a few things to keep in mind to ensure contact center security while working remote.
Design and Innovation
Facebook Tool Faulted for Lapses in Finding Voter Misinformation (BloombergQuint) Facebook Tool for Finding Voting Misinfo Falls Short, Study Says
Cybersecurity innovations: Why these startups are drawing in the money (TechGenix) With attackers making use of every vulnerability, our sense of security has turned into insecurity. These cybersecurity innovations may have the answers.
5 Key Takeaways On Cyber AI from The CSHub Financial Services Summit (Cyber Security Hub) Takeaways include How digital acceleration & global disruption shape today’s threat landscape; Security challenges such as insider threat, IP theft, data breaches, and compliance and regulation; How advanced AI cyber defense protects in high-risk environments; Defensive AI wins against offensive AI
Academia
You have to 'think like a bad guy for a little while': Augusta U is keeping medical devices safe from hackers. (Becker's Health) Michael Nowatkowski, PhD, associate professor at University of Augusta's computer and cyber sciences school in Georgia, specializes in reverse engineering medical devices to check their cybersecurity strength, according to a Sept. 18 Athens Banner-Herald report.
NYU will allows Master's students to gain first-hand knowledge with zero trust practices (Security Magazine) New York University Tandon School of Engineering and its Master of Science in Cybersecurity Risk and Strategy degree will now encompass practical, first-hand knowledge of secure access service edge (SASE) and zero trust best practices.
Legislation, Policy, and Regulation
India is no superpower in Cyberspace, claims Harvard report (India Today) Cyber power is slowly becoming the new value addition to a country's strength. We have been witnessing increased cases of espionage, cyber warfare, bot attacks and strong surveillance systems to monitor people. Given that India's border tensions with China have soured in recent times, how much power does India hold in cyberspace?
GAO report calls for White House cyber director (FCW) Congress may have to step in to carve out a White House position charged with implementing protective cybersecurity measures.
GAO Tells State Dept. to Work with Agencies on Bureau of Cyberspace Security and Emerging Technologies Plan (Homeland Security Today) Officials from six agencies that work with State on cyber diplomacy efforts told GAO that State did not inform or involve them in the development of its plan to establish the new bureau.
For Trump's White House, cyber improvements are easier said than done (CyberScoop) In September 2018, the White House announced a new federal cybersecurity strategy to make critical infrastructure more resilient to hacking, shore up supply chains and “identify, counter, disrupt, degrade and deter behavior in cyberspace.”
EASA, FAA Officials Talk Cybersecurity Policy Updates for Connected Aircraft Systems (Aviation Today) During the first day of the Global Connected Aircraft Summit’s second “Cabin Chats” web series, cybersecurity experts from the European Union Aviation Safety Agency (EASA) and the Federal Aviation Administration (FAA) came together to discuss risk management and upcoming policy changes for stakeholders across the connected aircraft ecosystem. Peter Skaves, Advanced Avionics Chief Scientific and …
Senate committee set to subpoena CEOs of Google, Facebook, Twitter over Section 230 (NASDAQ:GOOG) (Seeking Alpha) The Senate Commerce Committee will subpoena the CEOs of Google (GOOG +1.5%, GOOGL +1.5%), Facebook (FB +0.9%) and Twitter (TWTR -3.5%) to testify at an Oct.
FERC Asks Energy Sector to Report Huawei, ZTE Usage (Nextgov.com) Amid fears over having to replace equipment, Energy official noted no set timeline for implementing next steps on a related executive order.
FERC Opens Inquiry into Foreign Adversary-Provided Bulk Power System Telecommunications Equipment, Focusing on Huawei and ZTE Equipment Threat (JD Supra) On September 17, 2020, FERC issued a Notice of Inquiry (“NOI”) seeking comments on strategies to mitigate any potential risks to the bulk electric...
Hyten to issue new joint requirements on handling data (Defense News) Gen. John Hyten wants to change how the Joint Requirements Oversight Council issues its guidance on data.
Tamil Nadu Releases Ethical AI, Cybersecurity And Blockchain Policies (Analytics India Magazine) Tamil Nadu became the first state to come out with ethical artificial intelligence, cybersecurity and blockchain policies.
Litigation, Investigation, and Law Enforcement
Democrats call for declassifying election threats after briefing by Trump officials (TheHill) Multiple Democratic senators on Wednesday sounded the alarm around foreign threats to U.S. elections, with lawmakers pressing for more information to be made public after two classified briefings from top federal officials.
Govt has no access to WhatsApp data, voice messages: MEITY in Lok Sabha (MediaNama) In a first, MEITY has categorically denied that the government or any its agencies have access to WhatsApp data and voice messages.
Treasury sanctions individuals, groups tied to Russian malign influence activities (TheHill) The Treasury Department on Wednesday announced sanctions against eight individuals and seven groups related to efforts by Russia to spread malign influence around elections and to evade sanctions.
German Experts See Russian Link in Deadly Hospital Hacking (SecurityWeek) German authorities probing a cyber attack on a hospital's IT system that led to a fatal delay in treatment for a critically ill woman believe the software used can be traced back to Russian hackers.
The Most Vulnerable Ransomware Targets Are the Institutions We Rely On Most (The Union Journal) Editor's Note (9/21/20): This article was originally published online on March 23, 2016. We are republishing it in light of the news that a woman in Germany died as a result of a ransomware attac
TikTok asks court for injunction to stall impending ban (Washington Post) TikTok has filed for a preliminary injunction to halt the planned ban of its app from U.S. app stores this weekend.
TikTok asks court for injunction to stall impending ban (The Day) TikTok filed for an injunction in federal court Wednesday to halt a ban of the video app as it scrambles to complete a deal with the
TikTok: Even A Temporary Ban Could Make 90% Of Users Quit The App (NPR) Lawyers for popular video app TikTok are asking a federal judge to block President Trump's order banning the app from taking effect on Sunday.
Facebook denies it will pull service in Europe over data transfer ban (TechCrunch) Facebook’s head of global policy has denied the tech giant could close its service to Europeans if local regulators order it to suspend data transfers to the U.S. following a landmark Court of Justice ruling in July that has cemented the schism between U.S. surveillance laws and EU privacy ri…
Trump Homeland Security pick denies intelligence meddling (AP NEWS) President Donald Trump’s nominee to lead the Department of Homeland Security denied allegations Wednesday that he molded intelligence reports to suit the administration, telling...
Review of CBP’s Major Cybersecurity Incident during a 2019 Biometric Pilot (Office of the Inspector General, US Department of Homeland Security) CBP did not adequately safeguard sensitive data on an unencrypted device used during its facial recognition technology pilot (known as the Vehicle Face System).
Four former eBay workers to plead guilty in U.S. to cyberstalking campaign (Reuters) Four former eBay Inc workers have agreed to plead guilty to participating in a cyberstalking campaign against a Massachusetts couple whose online newsletter they viewed as critical of the e-commerce company.
4 eBay defendants expected to plead guilty, defense attorney says client's life 'essentially destroyed' (Silicon Valley Business Journal) Four of the seven former eBay employees accused of cyber-stalking two bloggers who cover the San Jose e-commerce giant are expected to plead guilty next month.