Day: September 24, 2021

Are Mozilla, Apple, Google opposing user control over identity? | Billionaire kicks off effort to challenge social networks with “distributed” identity

Are Mozilla, Apple, Google opposing user control over identity ? | Billionaire kicks off effort to challenge social networks with “distributed” identity .entry-content table, .entry-content tr td {border:none!important; }.mcnDividerBlockInner, .mcnShareBlock, #templateFooter {display:none!important; } p{ margin:10px 0; padding:0; } table{ border-collapse:collapse; } h1,h2,h3,h4,h5,h6{ display:block; margin:0; padding:0; } img,a img{ border:0; height:auto; outline:none; text-decoration:none; } body,#bodyTable,#bodyCell{ height:100%; …

Are Mozilla, Apple, Google opposing user control over identity? | Billionaire kicks off effort to challenge social networks with “distributed” identity Read More »

The Week in Ransomware – September 24th 2021 – Targeting crypto

This week’s biggest news is the USA sanctioning a crypto exchange used by ransomware gangs to convert cryptocurrency into fiat currency. By targeting rogue exchanges, the US government is hoping to disrupt ransomware’s payment system. This other interesting news this week is a list of vulnerabilities commonly used by ransomware gangs and how the REvil …

The Week in Ransomware – September 24th 2021 – Targeting crypto Read More »

ICA: 1

Here you can download the mentioned files using various methods. We have listed the original source, from the author’s page. However, after time these links ‘break’, for example: either the files are moved, they have reached their maximum bandwidth limit, or, their hosting/domain has expired. For these reasons, we have been in touch with each …

ICA: 1 Read More »

Scott Slipy joins Socure as Chief People Officer

Socure announced Scott Slipy joining as its chief people officer. In this executive leadership position, Slipy will support Socure’s hypergrowth by scaling up strategies to attract, retain, and develop innovative and high-performing teams as he furthers the impact-driven culture at Socure. Slipy has held executive roles with global, market-leading organizations, including Microsoft, Cisco, and UnitedHealth …

Scott Slipy joins Socure as Chief People Officer Read More »

FBI decision to withhold Kaseya ransomware decryption keys stirs debate

This week, the Washington Post reported that the FBI had the decryption keys for victims of the widespread Kaseya ransomware attack that took place in July yet did not share them for three weeks.  Hundreds of organizations were affected by the Kaseya attack, including dozens of hospitals, schools, businesses and even a supermarket chain in …

FBI decision to withhold Kaseya ransomware decryption keys stirs debate Read More »

Bitwarden vs LastPass: Compare Top Password Managers

If you’re looking for a password manager for your business, Bitwarden and LastPass might be on your list of potential solutions. Both vendors will help you and your employees store access credentials, improve password health, and share sensitive information securely. However, there are certain advantages each solution offers that might be better suited to your …

Bitwarden vs LastPass: Compare Top Password Managers Read More »

Secret Double Octopus names Horacio Zambrano as CMO

Secret Double Octopus (SDO) named Horacio Zambrano as Chief Marketing Officer. In his role, he will lead go-to-market planning and marketing operations at Double Octopus, with the goals of growing the company’s marketing effectiveness and extending its recognition as category leader. Double Octopus was named “best-in-class” passwordless MFA solution recently in an independent and broad …

Secret Double Octopus names Horacio Zambrano as CMO Read More »

VMware vCenter Server Vulnerability CVE-2021-22005 Under Active Exploit

On September 21, 2021, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability—CVE-2021-22005—in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server. On September 24, 2021, VMware confirmed reports that CVE-2021-22005 is being exploited in the …

VMware vCenter Server Vulnerability CVE-2021-22005 Under Active Exploit Read More »

This mobile banking malware is targeting customers of 27 Indian banks via income tax refund

Cybersecurity specialists from India reported the detection of Drinik, a new variant of malware for Android devices that masquerades as a fake tax refund notification in order to access victims’ financial information, including their online banking login credentials. In the attacks reported so far, users receive an SMS message containing a link, which redirects to …

This mobile banking malware is targeting customers of 27 Indian banks via income tax refund Read More »

Spanish Empire Was Defeated in a 16th Century American Slave Revolt

New research about 16th Century America has this important insight …we see individuals fleeing slavery who are able to hold the Spanish Empire at bay and fight them to a standstill for almost five decades — and then negotiate for their freedom and right to govern their communities… The post Spanish Empire Was Defeated in …

Spanish Empire Was Defeated in a 16th Century American Slave Revolt Read More »

Researcher discloses several zero-day iOS, iPadOS vulnerabilities

An iOS security researcher has publicly disclosed three zero-day vulnerabilities in Apple’s mobile operating systems—and a fourth that is unmitigated in iOS 15. The researcher, who went by the pseudonym “illusionofchaos” in their disclosure, stated that they had privately reported these vulnerabilities to Apple months ago. Since Apple has failed to fix the issues within …

Researcher discloses several zero-day iOS, iPadOS vulnerabilities Read More »

Cyberattacks against a Russian rocket shop and the Port of Houston. As ransomware gangs increase activity, the US considers defenses. Pegasus found in French Ministers’ phones. Meng heads home?

Someone is phishing for Russian rocketeers. The Port of Houston discloses a cyberattack, which the Port says it deflected before it had operational consequences. Ransomware gangs are up and active, and the US is considering mandatory reporting by victims as a defensive policy. Pegasus spyware is said to have been found in the phones of …

Cyberattacks against a Russian rocket shop and the Port of Houston. As ransomware gangs increase activity, the US considers defenses. Pegasus found in French Ministers’ phones. Meng heads home? Read More »

Friday Squid Blogging: Person in Squid Suit Takes Dog for a Walk

Friday Squid Blogging: Person in Squid Suit Takes Dog for a Walk No, I don’t understand it, either. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Tags: squid, video Sidebar photo of Bruce Schneier by …

Friday Squid Blogging: Person in Squid Suit Takes Dog for a Walk Read More »

Overview of security incidents for the period 18-24 September 2021

The sixteenth vulnerability in Apple products this year, a “terrorist attack” on the financial system of Venezuela, a key hidden by the FBI to recover encrypted REvil files, the exploitation of an eleven-year vulnerability in Adobe ColdFusion – read about these and other security incidents for the period from September 18 to September 24, 2021.  …

Overview of security incidents for the period 18-24 September 2021 Read More »

United Health Centers ransomware attack claimed by Vice Society

​California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft. United Health Centers is a health care provider in California with twenty-one community health centers servicing Fresno, Kings, and Tulare counties. On August 31st, BleepingComputer was told by a source in the cybersecurity industry that United …

United Health Centers ransomware attack claimed by Vice Society Read More »

BrandPost: Trust Transformation – Creating a Robust Security Culture Built for Tomorrow’s IT Leaders

Trust is empowerment and making the modern day ‘identity for the internet’ journey as secure as possible is paramount to enterprise success. IT leaders know every person has the right to safely manage and navigate technology. Okta provides the secure front door strategies that bring simple and reliable access to people and organizations everywhere. Okta …

BrandPost: Trust Transformation – Creating a Robust Security Culture Built for Tomorrow’s IT Leaders Read More »

Tesla Claims It Now Detects Flashing Safety Lights… Five Years Late

The first Tesla “Autopilot” crash fatality was January 2016. It crashed into the back of a high visibility service vehicle with flashing safety lights. Did you know? Tesla at that time said it would take decisive and quick action to prevent it happening again. Since then, Teslas repeatedly crashed in the same basic way causing …

Tesla Claims It Now Detects Flashing Safety Lights… Five Years Late Read More »

Canada’s Anti-Spam Law (CASL): What you need to know

Canada’s Anti-Spam Law (CASL): What you need to know Written by Rick Buck, Chief Privacy Officer, WireWheel Introduction The Canada Anti-Spam Law (CASL) was introduced in 2010 but came into effect on July 1, 2014. The CASL’s primary purpose is to reduce “the harmful effects of spam and related threats” and “help create a safer …

Canada’s Anti-Spam Law (CASL): What you need to know Read More »

CVE-2021-20034 flaw can allow SMA 100 device takeover, patch it now!

SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that can allow device takeover. SonicWall has addressed a critical security vulnerability, tracked as CVE-2021-20034, that impacting several Secure Mobile Access (SMA) 100 series products. The vulnerability is an improper access control vulnerability that can be …

CVE-2021-20034 flaw can allow SMA 100 device takeover, patch it now! Read More »