] The Mad Hacker [

online
mad hacker

Collecting all the news about Cybersecurity, computer security, cracking, hacking, infosec, netsec, & security vunerabilities in one convenient place

Whitehat, greyhat, blackhat, tinker, tailor, solider, spy
We trawl the web so you don't have to
Since 2000

the mad hacker overlay

The TikTok Ban: Security Experts Weigh in on the App’s Risks

(Friday September 18, 2020)
With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.

Weekly Update 209

(Friday September 18, 2020)
More IoT, more cyber and more Q&A so yeah, business as usual this week. More specifically, a lot of this week's update talks about VPNs and where they still make sense with so much HTTPS all over the place these days. As I say in the vid, blog

Stubborn WooCommerce Plugin Bugs Get Third Patch

(Friday September 18, 2020)
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.

A Hacker's Playlist

(Friday September 18, 2020)
Nine security researchers share their favorite songs and genres.

Implementing Direct Syscalls Using Hell's Gate

(Friday September 18, 2020)
I first encountered the concept of using direct system calls to bypass user-land API hooking a little more than a year ago when I read a blog post by Cornelis De Pla (@Cn33liz).  It is an excellent post and worth a read as he does an amazing job explaining exactly what system calls are and…

Deadly Ransomware Story Continues to Unfold

(Friday September 18, 2020)
A ransomware attack with fatal consequences is attracting notice and comment from around the world.

Apple Security Advisory 2020-09-16-5

(Friday September 18, 2020)
Apple Security Advisory 2020-09-16-5 - Xcode 12.0 is now available and addresses a code execution vulnerability.

Apple Security Advisory 2020-09-16-4

(Friday September 18, 2020)
Apple Security Advisory 2020-09-16-4 - watchOS 7.0 is now available and addresses cross site scripting vulnerabilities.

Apple Security Advisory 2020-09-16-3

(Friday September 18, 2020)
Apple Security Advisory 2020-09-16-3 - Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2020-09-16-2

(Friday September 18, 2020)
Apple Security Advisory 2020-09-16-2 - tvOS 14.0 is now available and addresses cross site scripting vulnerabilities.

Categorizing human phishing difficulty: a Phish Scale

(Friday September 18, 2020)
Abstract. As organizations continue to invest in phishing awareness training programs, many chief information security officers (CISOs) are concerned when thei

How I bypassed Cloudflare's SQL Injection filter

(Friday September 18, 2020)
astrocamel, Blog, Portfolio, George Skouroupathis

SecOps Teams Wrestle with Manual Processes, HR Gaps

(Friday September 18, 2020)
Enterprise security teams are "drowning in alerts."

Security Takeaways from the Great Work-from-Home Experiment

(Friday September 18, 2020)
As the pandemic drags on and remote workforces stay remote, zero-trust and other lessons learned should come to the fore.

Ubuntu Security Notice USN-4519-1

(Friday September 18, 2020)
Ubuntu Security Notice 4519-1 - Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code.

Apple Security Advisory 2020-09-16-1

(Friday September 18, 2020)
Apple Security Advisory 2020-09-16-1 - iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.

TP-Link Cloud Cameras NCXXX Bonjour Command Injection

(Friday September 18, 2020)
TP-Link cloud cameras NCXXX series (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are vulnerable to an authenticated command injection vulnerability. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root. NC210 devices cannot be exploited directly via /setsysname.cgi due to proper input validation. NC210...

Navy Federal Cross Site Scripting

(Friday September 18, 2020)
The Navy Federal site at navyfederal.org suffered from a cross site scripting vulnerability.

Ubuntu Security Notice USN-4517-1

(Friday September 18, 2020)
Ubuntu Security Notice 4517-1 - It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to cause an algorithmic complexity attack, resulting in a denial of service.

Mantis Bug Tracker 2.3.0 Remote Code Execution

(Friday September 18, 2020)
Mantis Bug Tracker version 2.3.0 suffers from a remote code execution vulnerability.

SpamTitan 7.07 Remote Code Execution

(Friday September 18, 2020)
SpamTitan version 7.07 suffers from an authenticated remote code execution vulnerability.

Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach

(Friday September 18, 2020)
Maze continues to adopt tactics from rival cybercrime gangs.

A real-life Maze ransomware attack – “If at first you don’t succeed…”

(Friday September 18, 2020)
The crooks wanted $15,000,000. They didn't get it. Huzzah!

Android 11 — 5 New Security and Privacy Features You Need to Know

(Friday September 18, 2020)
After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost always for the wrong reason, including Google's failure to prevent malicious apps from being

Google’s awkward stalkerware typo said it was ok to spy on your spouse

(Friday September 18, 2020)
Google gets in a muddle about its stalkerware policy, after making an unfortunate typo.

A Chromium IPC sniffer

(Friday September 18, 2020)
A tool to capture communication between Chromium processes on Windows - tomer8007/chromium-ipc-sniffer

Deepfake Detection Poses Problematic Technology Race

(Friday September 18, 2020)
Experts hold out little hope for a robust technical solution in the long term.

Online Casino Roulette – A guideline for penetration testers and security researchers

(Friday September 18, 2020)
Introduction In recent years, the gaming industry has grown significantly, especially casino games and sports betting. Online casinos consolidate their position as one of the main sources of entertainment in many countries worldwide, which evidently involves a notable rise in their turnover. For instance, in Spain alone, the gaming industry generated revenue of around €4,567…

Shift Left Becomes Shift Everywhere,

(Friday September 18, 2020)
According to Synopsys‘ BSIMM11 Study, there are some key trends to take note of when it comes to software security practices. Firstly, it shows that CI/CD instrumentation and operations orchestration have become standard components of many businesses’ software security initiatives, influencing how they are organised, designed and executed. For example, software security teams are beginning […] The post Shift Left Becomes Shift Everywhere, [https://www.itsecurityguru.org/2020/09/18/shift-left-becomes-shift-everywhere/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Mitigating Cyber-Risk While We're (Still) Working from Home

(Friday September 18, 2020)
One click is all it takes for confidential information to land in the wrong hands. The good news is that there are plenty of ways to teach preventative cybersecurity to remote workers.

Indian government computers compromised

(Friday September 18, 2020)
Back at the beginning of the month, computers containing highly sensitive information about government officials and national security were compromised due to a breach at the National Informatics Centre, according to Delhi Police. The computers contained data regarding Indian Prime Minister Narendra Modi. The National Informatics Centre (NIC) organises and supports government communications, technologies and […] The post Indian government computers compromised [https://www.itsecurityguru.org/2020/09/18/indian-government-computers-compromised/] appeared first on IT Security Guru...

The smart home revolution

(Friday September 18, 2020)

Video surveillance & analytics

(Friday September 18, 2020)

HMRC COVID-19 tax relief scam targets business owners

(Friday September 18, 2020)
Business owners in the UK have been targetted by a phishing scam which captured sensitive information, such as passwords and payment details. The scam impersonated Her Majesty’s Revenue and Customs (HMRC), as reported by accountancy firm Lanop Outsourcing. Business owners were targetted through emails supposedly from HMRC which claimed that the recipient’s VAT deferral application […] The post HMRC COVID-19 tax relief scam targets business owners [https://www.itsecurityguru.org/2020/09/18/hmrc-covid-19-tax-relief-scam-targets-business-owners/] appeared first on IT Security Guru...

Ransomware attack on Californian schools stops remote learning

(Friday September 18, 2020)
An attack on the Newhall District in Valencia is one of the many ransomware attacks targeting the education sector in America. As children head back to school and learning moves online it seems that schools are becoming a major target for ransomware attacks. This most recent attack of Californian schools targetted 10 different elementary schools, […] The post Ransomware attack on Californian schools stops remote learning [https://www.itsecurityguru.org/2020/09/18/ransomware-attack-on-californian-schools-stops-remote-learning/] appeared first on IT Security Guru...

Hospital patient dies following botched ransomware attack

(Friday September 18, 2020)
When a ransomware attack knocked out systems at a major hospital in Düsseldorf, Germany, there were tragic consequences.

5 persistent challenges security pros face

(Friday September 18, 2020)
The fourth annual _Life and Times of Cybersecurity Professionals _report from ESG and the Information Systems Security Association (.  The report is chock full of great data. Here are some highlights that point to lingering challenges that dedicated cybersecurity professionals face:(Insider Story)

Security Recruiter Directory

(Friday September 18, 2020)
Looking for a qualified candidate or new job? CSO's security recruiter directory is your one-stop shop. The recruiters listed below can help you find your next Chief Security Officer (CSO), Chief Information Security Officer (CISO), or VP of Security and fill hard-to-hire positions in risk management, security operations, security engineering, compliance, application security, penetration testers, and computer forensics, among many others. If you're a security recruiting firm, we want your information! Our goal is to provide the most complete recruiter resource available, but to do that...

2 Hackers Charged for Defacing Sites after U.S. Airstrike Killed Iranian General

(Friday September 18, 2020)
The US Department of Justice (DoJ) on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January. Behzad Mohammadzadeh (aka Mrb3hz4d), 19, and Marwan Abusrour (aka Mrwn007), 25, have been charged with conspiracy to commit intentional damage to a protected

U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

(Friday September 18, 2020)
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target

Patient Dies After Ransomware Attack on Düsseldorf Hospital

(Friday September 18, 2020)
According to reports, the network failure announced by Düsseldorf University Hospital (UKD) last week – which turned out to be a ransomware infection – has resulted in a patient dying. “In the morning hours of Thursday (September 10th), larger parts of the IT systems of the Düsseldorf University Hospital were gradually no longer usable,” the institution said […]

D-Link DGS-1210-28 Denial Of Service

(Friday September 18, 2020)
D-Link DGS-1210-28 suffers from a denial of service vulnerability.

How to use FUFF more effectively for in-depth recon (custom fuzzing, headers, linking with Burp, advanced modes)

(Friday September 18, 2020)
Summary This guide is a large summary of the information security tool, FFUF. This is also paired with a video companion guide, shown below:

The Secureworks Advantage: Our Foundation

(Friday September 18, 2020)
THE SECUREWORKS ADVANTAGE: OUR FOUNDATION A blog by Steve Fulton, Chief Product Officer, Secureworks A blog by Steve Fulton, Chief Product Officer, Secureworks

Don't Fall for It! Defending Against Deepfakes

(Thursday September 17, 2020)
Detecting doctored media has become tricky -- and risky -- business. Here's how organizations can better protect themselves from fake video, audio, and other forms of content.

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

(Thursday September 17, 2020)
The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and "supply chain" attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm.

Microsoft Spooler Local Privilege Elevation

(Thursday September 17, 2020)
This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there is no way to remove the dll once it is loaded by the service. Essentially, on default settings, this module adds a permanent elevated backdoor.

Microsoft SQL Server Reporting Services 2016 Remote Code Execution

(Thursday September 17, 2020)
Microsoft SQL Server Reporting Services 2016 suffers from a remote code execution vulnerability.

Ubuntu Security Notice USN-4518-1

(Thursday September 17, 2020)
Ubuntu Security Notice 4518-1 - Matthias Gerstner discovered that xawtv incorrectly handled opening files. A local attacker could possibly use this issue to open and write to arbitrary files and escalate privileges.

Ubuntu Security Notice USN-4516-1

(Thursday September 17, 2020)
Ubuntu Security Notice 4516-1 - It was discovered that GnuPG signatures could be forged when the SHA-1 algorithm is being used. This update removes validating signatures based on SHA-1 that were generated after 2019-01-19. In environments where this is still required, a new option --allow-weak-key-signatures can be used to revert this behaviour.

Ubuntu Security Notice USN-4515-1

(Thursday September 17, 2020)
Ubuntu Security Notice 4515-1 - Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information.

Ubuntu Security Notice USN-4514-1

(Thursday September 17, 2020)
Ubuntu Security Notice 4514-1 - It was discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-4513-1

(Thursday September 17, 2020)
Ubuntu Security Notice 4513-1 - Dileep Kumar Jallepalli discovered that apng2gif incorrectly handled loading APNG files. An attacker could exploit this with a crafted APNG file to access sensitive information.

Indictments Unlikely to Deter China's APT41 Activity

(Thursday September 17, 2020)
So far, at least, the threat group has not let public scrutiny slow it down, security researchers say.

Iranian Hackers Indicted for Stealing Aerospace & Satellite Tracking Data

(Thursday September 17, 2020)
Also, the US Treasury sanctioned Iranian attack group APT39 following a years-long malware campaign.

Mozi Botnet Accounts for Majority of IoT Traffic

(Thursday September 17, 2020)
Mozi’s spike comes amid a huge increase in overall IoT botnet activity.

Major Global Ransom Denial of Service Campaign Continues Rising Trend in Global DDoS Attacks

(Thursday September 17, 2020)
Extortionists Claim Connection to Notorious Threat Actor Groups In recent weeks Imperva has become aware of a considerable increase in the number of serious Ransom Denial of Service (RDoS) threats, with extortion campaigns targeting thousands of large commercial organizations globally, not least the financial services industry. RDoS campaigns are extortion-based Distributed Denial of Service (DDoS) […] The post Major Global Ransom Denial of Service Campaign Continues Rising Trend in Global DDoS...

Apple Bug Allows Code Execution on iPhone, iPad, iPod

(Thursday September 17, 2020)
Release of iOS 14 and iPadOS 14 brings fixes 11 bugs, some rated high-severity.

Ransomware Gone Awry Has Fatal Consequences

(Thursday September 17, 2020)
An attack that knocked hospital systems offline reportedly ends in death for patient who had to be sent to another facility.

Sumo Logic IPO Prices Higher Than Expected

(Thursday September 17, 2020)
Co-founder and CTO Christian Beedgen explains what this means for the future of the cloud-based data analytics company.

Zerologon – hacking Windows servers with a bunch of zeros

(Thursday September 17, 2020)
Cryptography is hard. And cryptographic blunders can be hard to spot. This one was there for years...

Time for CEOs to Stop Enabling China's Blatant IP Theft

(Thursday September 17, 2020)
Protecting intellectual property in the name of US economic and national security should be part of every company's fiduciary duty.

Black Hat Europe

(Thursday September 17, 2020)
Virtual Event

Google Play Bans Stalkerware and ‘Misrepresentation’

(Thursday September 17, 2020)
The official app store is taking on spy- and surveillance-ware, along with apps that could be used to mount political-influence campaigns.

Microsegmentation and why it is a key element of network defence

(Thursday September 17, 2020)
Everyone has had to become accustomed to the phrase “social distancing” —  the practise of using distance from others to minimise health threats. Inevitably, people have started using the analogy “digital distancing” to talk about similar ideas in information security. It’s not exactly new to use disease metaphors in infosec — we already talk about […] The post Microsegmentation and why it is a key element of network defence [https://www.itsecurityguru.org/2020/09/17/microsegmentation-and-why-it-is-a-key-element-of-network-defence/] appeared first on IT Security Guru...

Now is the time for security leaders to build business resilience

(Thursday September 17, 2020)
COVID-19 has accelerated years of digital transformation into just a few months, weeks, and even days. Accenture recently moved 1.2 million NHS workers to Microsoft Teams in less than a week. And we are not alone – Satya Nadella recently said that Microsoft had seen two years’ worth of digital transformation in 2 months. This […] The post Now is the time for security leaders to build business resilience [https://www.itsecurityguru.org/2020/09/17/now-is-the-time-for-security-leaders-to-build-business-resilience/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Businesses are confident that they have bots under control. They’re wrong.

(Thursday September 17, 2020)
Businesses can make better decisions if they have a good idea of who is using their website. Are they young or old? Male or female? It turns out they are very likely not even people. The majority of web traffic is made up of automated bots, and a great deal of these are malicious. The […] The post Businesses are confident that they have bots under control. They’re wrong. [https://www.itsecurityguru.org/2020/09/17/businesses-are-confident-that-they-have-bots-under-control-theyre-wrong/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Staying ahead in the regulatory race

(Thursday September 17, 2020)
Governments are playing catch-up across the world. Data privacy breaches from large tech companies, such as Nintendo and Marriott, are becoming more commonplace—and as a result are putting pressure on authorities to introduce stricter compliance policies to safeguard the public. As such, IT pros who live in countries that have implemented policies, such as GDPR, […] The post Staying ahead in the regulatory race [https://www.itsecurityguru.org/2020/09/17/staying-ahead-in-the-regulatory-race/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

APT41 Operatives Indicted as Sophisticated Hacking Activity Continues

(Thursday September 17, 2020)
Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges.

How to prevent a flood of security hacks by avoiding code leaks

(Thursday September 17, 2020)
This week sees us celebrate National Coding Week, an event designed to promote the vital role of coding and other digital skills in today’s connected world. Coding, and the languages it uses, provides the bedrock on which we’ve built our digital world – a world which has become even more integral to everyday life given […] The post How to prevent a flood of security hacks by avoiding code leaks [https://www.itsecurityguru.org/2020/09/17/how-to-prevent-a-flood-of-security-hacks-by-avoiding-code-leaks/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Zenscrape: A Simple Web Scraping Solution for Penetration Testers

(Thursday September 17, 2020)
Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It is a much faster and easier process of retrieving data without undergoing the time-consuming

Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution

(Thursday September 17, 2020)
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication is required to exploit this vulnerability. Additionally, the target user must have the "Data Loss Prevention" role assigned and an active mailbox. If the user is in the "Compliance Management" or greater "Organization Management" role groups, then they have the "Data Loss Prevention" role. Since the user who installed Exchange is in the "Organization Management" role group, they transitively have the "Data Loss Prevention" role. The specific flaw exists within the...

nfstream 6.1.2

(Thursday September 17, 2020)
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Red Hat Security Advisory 2020-3779-01

(Thursday September 17, 2020)
Red Hat Security Advisory 2020-3779-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include XML injection, bypass, and improper authorization vulnerabilities.

Ubuntu Security Notice USN-4510-2

(Thursday September 17, 2020)
Ubuntu Security Notice 4510-2 - USN-4510-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. Various other issues were also addressed.

Ubuntu Security Notice USN-4510-1

(Thursday September 17, 2020)
Ubuntu Security Notice 4510-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. This update fixes the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting. Various other issues were also addressed.

Ubuntu Security Notice USN-4511-1

(Thursday September 17, 2020)
Ubuntu Security Notice 4511-1 - Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile.

California Elementary Kids Kicked Off Online Learning by Ransomware

(Thursday September 17, 2020)
The attack on the Newhall District in Valencia is part of a wave of ransomware attacks on the education sector, which shows no sign of dissipating.

The Dunkin’ Donuts data breach leaves a very bad taste in the mouth

(Thursday September 17, 2020)
Despite repeated warnings Dunkin' Donuts failed to investigate evidence of a significant data breach, didn't reset passwords, and didn't warn customers... for years.

Struggling to Secure Remote IT? 3 Lessons from the Office

(Thursday September 17, 2020)
The great remote work experiment has exacerbated existing challenges and exposed new gaps, but there are things to be learned from office challenges.

U.S. Treasury Sanctions Russian Hackers for Stealing $17 Million in Crypto Cash

(Thursday September 17, 2020)
This week, U.S. authorities sanctioned two Russian nationals for defrauding several cryptocurrency exchanges of a combined $17 million. The duo, who had several other accomplices, used phishing schemes to meet their goals, cleverly laundered the virtual cash, and even manipulated cryptocurrency prices with fast-rate purchases and sales. “Today, in a coordinated action with the U.S. […]

COVID-19: Latest Security News & Commentary

(Thursday September 17, 2020)
Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic.

Hackers pumped and dumped GAS cryptocurrency for $16.8 million, alleges US DOJ

(Thursday September 17, 2020)
US authorities have charged two Russian men with allegedly defrauding cryptocurrency exchanges and their customers out of at least $16.8 million. Read more in my article on the Tripwire State of Security blog.

U.S. Announces Charges Against 2 Russian and 2 Iranian Hackers

(Thursday September 17, 2020)
Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals—Danil Potekhin and Dmitrii Karasavidi—are accused of stealing $16.8 million worth of cryptocurrencies in a series of

The NCSC issue new advice to academia

(Thursday September 17, 2020)
After an increase of cyber attacks on the education sector, the National Cyber Security Centre (NCSC) has issued a new warning for schools, colleges and universities. Over the last few months, cybercriminals have attacked schools and universities with ransomware as they prepare to bring students back safely after the long pause due to the pandemic. […] The post The NCSC issue new advice to academia [https://www.itsecurityguru.org/2020/09/17/the-ncsc-issue-new-advice-to-academia/] appeared first on IT Security Guru [https://www.itsecurityguru.org].

Staples Discloses Data Breach Exposing ‘Limited’ Customer Information

(Thursday September 17, 2020)
US-based Office Superstore, Staples, has recently disclosed a data breach that exposed the order details of nearly 2,500 customers. “We recently learned of unauthorized access to a limited number of non-sensitive customer order data on Staples.com, which may have included information about one of your orders,” the customer notification email said. “This may have included […]

New US digital identity legislation promises more secure verification

(Thursday September 17, 2020)
The COVID-19 pandemic has forced us to socially distance and do whatever we can digitally and remotely. For IT professionals, the pandemic likely brought a lot of unplanned headaches and long hours to ensure their organizations could remain securely operational while supporting a nearly 100% remote workforce.   [ Find out how . ] The pandemic has also revealed holes pertaining to digital identity, data protection and cybersecurity that expose individuals, businesses and government agencies to online fraud. Though numerous new technologies and commercial solutions are available, their...

7 best practices when selecting a PAM solution

(Thursday September 17, 2020)
The right PAM solution will enable security and compliance teams to define and enforce robust privileged account policies. So how do you pick the right PAM solution?

Skills and traits of a business-savvy CISO

(Thursday September 17, 2020)
What does it mean to be ‘business-savvy?’(Insider Story)

FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List

(Thursday September 17, 2020)
The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking more than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and 'Wicked Spider,' the cyber-espionage group has been operating since at least 2012 and is not just