Day: November 5, 2021

What is Gartner’s SASE Model, and How Will it Affect Your Cloud Security Stack?

By Chloe Whitaker Originally Published by Cisco on August 31, 2021 The way we think about networking and cybersecurity has changed dramatically in recent years. The rise of remote workers, coupled with the growing push of company data and infrastructure into the cloud, prompted Gartner to outline a new approach to networking and security: Secure …

What is Gartner’s SASE Model, and How Will it Affect Your Cloud Security Stack? Read More »

Security Spotlight: Critical Vulnerability Exploits and Patches, Plus Novel Attack Tactics

This blog was originally published by Bitglass here. Written by Jeff Birnbaum, Bitglass. Here are the top security stories from September 2021: Cisco Patches Three Critical Vulnerabilities Impacting Wireless Controllers and SD-WAN.Critical VMware vCenter Vulnerability Exploited in the WildNew APT Group FamousSparrow Exploits ProxyLogon and Uses Custom BackdoorRansomware Delivery Tool Zloader Malware Being Spread Through …

Security Spotlight: Critical Vulnerability Exploits and Patches, Plus Novel Attack Tactics Read More »

A drone was modified to disrupt U.S. Power Grid, says intelligence bulletin

US officials believe that a drone was employed in an attempted attack on a power substation in Pennsylvania last year.  US officials believe threat actors used a drone in an attempted attack on a power substation in Pennsylvania last year. The attackers used a DJI Mavic 2 quadcopter-type drone, with a thick copper wire attached underneath it via …

A drone was modified to disrupt U.S. Power Grid, says intelligence bulletin Read More »

What Are the Security Challenges with BYOK for Hybrid Cloud Users?

This blog was originally published by Unbound Security here. Written by Lior Levy, Unbound Security. Refer to Unbound Security’s webinar on November 18, 2021 for more information about key management and cryptography.Moving to the cloud usually brings several advantages, such as flexibility, scalability, and cost-effectiveness. However, it also results in multiple security challenges – the …

What Are the Security Challenges with BYOK for Hybrid Cloud Users? Read More »

ICS Threat Hunting: “They're Shootin’ at the Lights!” – PART 2

ICS Threat Hunting: “They’re Shootin’ at the Lights!” blog series review: PART 1 – In our first ICS Threat Hunting blog in this series, ICS Threat Hunting: “They’re Shootin’ at the Lights!” – PART 1, we focused on extending traditional threat hunting into OT/ICS environments. We referenced the 1988 film Die Hard and its key …

ICS Threat Hunting: “They're Shootin’ at the Lights!” – PART 2 Read More »

Technology vendor, mental health services provider, and pain management clinic all report breaches involving protected health information

QRS On August 26, healthcare technology services company QRS, Inc. (“QRS”)  discovered that an attacker had compromised a patient portal and exfiltrated some files from that client’s server.  The compromise had been detected within three days of the attack. The information the threat actor may have accessed or acquired may have included, depending on the …

Technology vendor, mental health services provider, and pain management clinic all report breaches involving protected health information Read More »

From the Trenches: 4 Cloud Security Lessons from Aon’s Chief Security Officer Anthony Belfiore

This blog was originally published by Wiz here. Written by Josh Dreyfuss, Wiz. Cloud has driven innovation and agility for organizations, but for security teams it has also brought new levels of complexity around people, processes, and technology. Today’s elastic cloud environments have introduced new risks that security must develop approaches to address. Recently, CxO …

From the Trenches: 4 Cloud Security Lessons from Aon’s Chief Security Officer Anthony Belfiore Read More »

5 Tips on How To Build a Great Cloud Migration Roadmap

Written by Susan Craig Just like any other complex project, cloud migration implies much more than just moving workloads. Its successful application allows companies to enhance the workflow, increase agility and boost the process’s efficiency. Furthermore, that’s a great solution for setting up a secure working environment that enables employees to work anytime from anywhere. …

5 Tips on How To Build a Great Cloud Migration Roadmap Read More »

DOD's Cybersecurity Overhaul Creates New FCA Risk

By Daniel Wilson (November 5, 2021, 11:03 PM EDT) — The U.S. Department of Defense’s proposed overhaul to its contractor cybersecurity requirements should be simpler to comply with than the previous version, but a purportedly beneficial allowance for self-assessment comes with an increased risk of False Claims Act liability. Cybersecurity Maturity Model Certification 2.0, introduced …

DOD's Cybersecurity Overhaul Creates New FCA Risk Read More »

US defense contractor Electronic Warfare Associates discloses data breach

US defense contractor Electronic Warfare Associates (EWA) was hit by a cyber attack, threat actors stole personal information from its email system. US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system. The company confirmed that attackers exfiltrated files containing sensitive information. Electronic Warfare Associates provides electronic …

US defense contractor Electronic Warfare Associates discloses data breach Read More »

Jury Convicts Chinese Spy Of Attempted Espionage, IP Theft

By Dave Simpson (November 5, 2021, 10:08 PM EDT) — An Ohio federal jury convicted a member of China’s intelligence agency of two counts of conspiring to and attempting to commit economic espionage and two counts of attempting to steal trade secrets from jet engine manufacturer GE Aviation, the U.S. Department of Justice announced Friday. …

Jury Convicts Chinese Spy Of Attempted Espionage, IP Theft Read More »

The Week in Ransomware – November 5th 2021 – Placing bounties

Law enforcement continues to keep up the pressure on ransomware operations with infrastructure hacks and million-dollar rewards, leading to the shut down of criminal operations. Due to this increased pressure by law enforcement, the BlackMatter (DarkSide) ransomware gang announced to affiliates that they were shutting down this week after members were missing. BleepingComputer later discovered that BlackMatter …

The Week in Ransomware – November 5th 2021 – Placing bounties Read More »

PII and personal data of 200K Australians leaked by marketing company Acquirely

The security teams of vpnMentor, in charge of the renowned researcher Noam Rotem reported the detection of a massive data breach from the Australian firm Acquirely, dedicated to the development of marketing software. A considerable part of this company’s work is the collection of data from public sources, so the leak includes all kinds of …

PII and personal data of 200K Australians leaked by marketing company Acquirely Read More »

1st Circ. Won't Delete 10-Year Sentence For 'Hacktivist'

By Lauren Berg (November 5, 2021, 9:34 PM EDT) — The First Circuit on Friday affirmed the conviction and 10-year sentence of a self-described “hacktivist” who in 2014 infiltrated the computer system at a renowned Boston hospital and a family support organization, saying he hasn’t shown his right to a speedy trial was hindered. Martin …

1st Circ. Won't Delete 10-Year Sentence For 'Hacktivist' Read More »

Friday Squid Blogging: Squid Game Cryptocurrency Was a Scam

The Squid Game cryptocurrency was a complete scam: The SQUID cryptocurrency peaked at a price of $2,861 before plummeting to $0 around 5:40 a.m. ET., according to the website CoinMarketCap. This kind of theft, commonly called a “rug pull” by crypto investors, happens when the creators of the crypto quickly cash out their coins for …

Friday Squid Blogging: Squid Game Cryptocurrency Was a Scam Read More »

Insurers A Key Piece Of Infrastructure Cyberattack Defense

By Angela Childers (November 5, 2021, 8:51 PM EDT) — Several high-profile cyberattacks in the past 18 months have increased government scrutiny and led insurers to tighten cyber policy underwriting, but experts say the insurance industry also has a role to play in improving the cybersecurity of critical infrastructure companies. Colonial Pipeline Co. was hit …

Insurers A Key Piece Of Infrastructure Cyberattack Defense Read More »

Tor-Rootkit – A Python 3 Standalone Windows 10 / Linux Rootkit Using Tor

A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get’s established over the tor network. Disclaimer Use for educational purposes only. How to use Clone the repo and change directory: git clone https://github.com/emcruise/TorRootkit.gitcd ./tor-rootkit Build docker container: docker build -t listener . Run docker container: docker run -v $(pwd)/executables:/executables/ -it listener Deploy …

Tor-Rootkit – A Python 3 Standalone Windows 10 / Linux Rootkit Using Tor Read More »

$10 million reward for DarkSide info. BlackMatter members expected to resurface. Ukraine outlines Russia’s FSB cyber ops. Persistent engagement as deterrence. Arrest in Crossfire Hurricane inquiry.

The US offers a reward of up to ten million dollars for information leading to the identification or location of the leaders of the DarkSide ransomware gang. Researchers expect BlackMatter’s nominally retired operators to resurface in other criminal organizations. Ukraine outlines Russian FSB cyber operations during the hybrid war that’s been waged since 2014. Deterrence …

$10 million reward for DarkSide info. BlackMatter members expected to resurface. Ukraine outlines Russia’s FSB cyber ops. Persistent engagement as deterrence. Arrest in Crossfire Hurricane inquiry. Read More »