Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The Sunday Herald reported on Sunday that Best Western was struck by a trojan attack that lead to the possible compromise of about 8 million victims. There is some debate as to the extent of the breach and not a small amount of rumor going around. I'm not entirely disposed to trust corporate press releases for the facts, nor am I going to blindly accept claims of security researchers whose first call is to the PR team when discovering a problem. That said, here is what seems to be the agreed upon facts... more
In the wake of the 2016 United States Presidential Election, not even six hours after Donald Trump became the nation's President-Elect, an advanced persistent threat (APT) group launched a series of coordinated and well-planned spear phishing campaigns. more
Thailand's military-appointed parliament on Thursday passed a controversial cybersecurity law which gives sweeping powers to state cyber agencies. more
Last week, millions of infected devices directed Internet traffic to DNS service provider Dyn, resulting in a Distributed Denial of Service (DDoS) attack that took down major websites including Twitter, Amazon, Netflix, and more. In a recent blog post, security expert Bruce Schneier argued that "someone has been probing the defences of the companies that run critical pieces of the Internet". This attack seems to be part of that trend. This disruption begs the question: Can we trust the Internet? more
Nguyen Minh Duc, senior security director at Bach Khoa Internetwork Security (Bkis), says that the source of recent cyberattack against US and South Korean government websites was not North Korea -- as widely reported -- but UK. Based on Bkis analysis, a report today by Nguyen Minh Duc says that a master server located in UK was found to control the 8 Command and Control servers responsible for the series of cyberattacks last week.
more
The United States Department of Justice has announced that it has neutralized a global network of computers compromised by malware called "Snake," which the U.S. government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB). more
There are quite a lot of NTP-amplified denial of service attacks going around at the moment targeting tech and ecommerce companies, including some in the email space. What does NTP-amplifed mean? NTP is "Network Time Protocol" - it allows computers to set their clocks based on an accurate source, and keep them accurate. It's very widely used - OS X and Windows desktops typically use it by default, and most servers should have it running. more
If there's one simple - high impact - thing you could do to quickly check whether your network has been taken over by a criminal entity, or uncover whether some nefarious character is rummaging through your organizations most sensitive intellectual property out of business hours, what would it be? In a nutshell, I'd look to my DNS logs. It's staggering to me how few security teams have gotten wise to regularly interrogating the logs from their recursive DNS servers. more
The Internet infrastructure has been having a bad month. Not as bad as, say, the world's aviation infrastructure, but bad enough. First, Chinese Internet censorship leaked out to a few massively unlucky users of the I root server. Then China Telecom failed to filter someone who leaked thousands of hijacked routes to other people's networks through them, probably by accident. And then, inexplicably, Forbes went where no one had gone before... more
A significant ransomware attack by a group known as AlphV or BlackCat has severely disrupted pharmacies across the U.S., affecting the delivery of prescription medications for over ten days. This attack on Change Healthcare has resulted in considerable difficulties for hospital pharmacies and nationwide drug distribution. more
J. Nicholas Hoover reporting in InformationWeek: "The White House on Wednesday issued an update of the Obama administration's ongoing cybersecurity work, detailing some of the steps being taken in an effort to secure the nation's networks against cyber attacks and in the process offering some new insight into the administration's future plans. The progress report, issued immediately after a meeting held by White House cybersecurity coordinator Howard Schmidt with agency secretaries, cybersecurity experts..." more
There are new threats that you may have already been exposed to. Here are some of the new threats and advice on how to protect yourself. During this pandemic, Zoom has emerged as a very popular teleconferencing choice for companies and educational institutions, but a new weakness for Zoom was also discovered. Some online conferences and classes that had not password protected their sessions fell victim to eavesdroppers using the screen sharing feature to "Zoom Bomb" those sessions with graphic images. more
A team of researchers have released a report detailing a new type of threat in which adjacent IoT devices, such as Internet-connected light bulbs, will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction. more
The United States has shifted its Russia strategy more toward offense and inserted potentially crippling malware inside Russia's electric power grid at a depth and with an aggressiveness that had never been tried before, according to a New York Times's story that broke over the weekend. more
"Nobody knows anything," screenwriter William Goldman (think "Butch Cassidy and the Sundance Kid" and "The Princess Bride") said famously of Hollywood. The same may be said of enterprise security. Word now comes that the Sony hack for which the FBI has fingered North Korea may, in fact, be the work of some laid-off and disgruntled Sony staff. But that's not clear, either. more
A World-Renowned Source for Internet Developments. Serving Since 2002.