Day: July 1, 2022

Never-fail best practices when hiring a security researcher

Micki Boland is a global cyber security warrior and evangelist with Check Point Technologies’ Office of the CTO. Micki has over 20 years in ICT, cyber security, emerging technology and innovation. Micki’s focus is helping customers, system integrators, and service providers reduce risk through the adoption of emerging cyber security technologies. Micki is an ISC2 …

Never-fail best practices when hiring a security researcher Read More »

Wave of Phishing Attacks Possible with OpenSea Data Breach

OpenSea, the largest non-fungible token (NFT) marketplace, disclosed a breach on their blog on June 29, stating that an employee of Customer.io, their email delivery vendor “misused their employee access to download and share email addresses – provided by OpenSea users and subscribers to our newsletter.” They went on to advise users to be alert …

Wave of Phishing Attacks Possible with OpenSea Data Breach Read More »

US DOJ Targets Baller Ape Rug Pull and Other Crypto Fraud

Justice Vows to Clear Up Cryptocurrency Fraud and Market Manipulation Prajeet Nair (@prajeetspeaks) • July 1, 2022     Source: The now-defunct Baller Ape website A Vietnamese man accused of orchestrating the largest non-fungible token rug pull to date faces prosecution in the United States for wire fraud conspiracy and money laundering. See Also: OnDemand …

US DOJ Targets Baller Ape Rug Pull and Other Crypto Fraud Read More »

7 security and technology white papers to read right now

EXECUTIVE SUMMARY: Are you in charge of leading change? Drive sustainable infrastructure development at speed and scale by deploying fully-researched, future-proof policies, processes and products recommended and curated for you by a community of knowledgeable experts. CyberTalk.org’s collection of white papers provides you with out-of-the-box, in-depth risk mitigation and resilience strategies that can help you …

7 security and technology white papers to read right now Read More »

A Guide to Doing a Digital Forensics Examination on Digital Media (USB)

What is digital forensics in forensic science? Digital forensics plays a major role in forensic science. It’s a combination of people, process, technology, and law. Some notable methodologies are used to identify, collect, protect, preserve, analyze, extract, incident activity, recovery, and document a digital evidence report as per regional and international jurisdictions where the cybercrime …

A Guide to Doing a Digital Forensics Examination on Digital Media (USB) Read More »

Review – FAA Announces UAS Beyond Visual LoS Rulemaking Meeting – 7-26-22

Today, the FAA published a notice in the Federal Register (87 FR 39590) announcing a virtual meeting of the Unmanned Aircraft Systems (UAS) Beyond Visual Line of Sight (BVLOS) Aviation Rulemaking Committee (ARC) on July 26th, 2022. The meeting is being conducted to receive public comments on the final report of the ARC. There is …

Review – FAA Announces UAS Beyond Visual LoS Rulemaking Meeting – 7-26-22 Read More »

Someone loaded Doom onto a McDonald's self-order kiosk

For people who have a soft spot for first-person shooter games and hardware hacking, the first question that pops into their mind when stumbling upon any piece of technology is, “Does it run Doom?” People have gotten the classic FPS to work on anything resembling digital technology, including a humble…Read more

ISMG Editors: Russia's War Has Changed the Cyber Landscape

Also: The Impact of Cyber Firm Layoffs; Criminals Offer Bug Bounty Program Anna Delaney (annamadeline) • July 1, 2022     Clockwise, from top left: Anna Delaney, Tom Field, Michael Novinson and Tony Morbin In the latest weekly update, four Information Security Media Group editors discuss important cybersecurity issues, including how Russia’s cyber and kinetic …

ISMG Editors: Russia's War Has Changed the Cyber Landscape Read More »

Okta to Spend $1M Helping Nonprofits Improve Their Security

Grants Will Link Nonprofits with Key Talent to Configure and Manage Security Tools Michael Novinson (MichaelNovinson) • July 1, 2022     Erin Baudo Felder, Okta’s vice president of social impact and sustainability (Image: Okta) Identity titan Okta has awarded slightly more than $1 million in grants to groups focused on connecting nonprofits with the …

Okta to Spend $1M Helping Nonprofits Improve Their Security Read More »

Indian Stock Exchanges Have 6 Hours to Report Cyber Incident

Critical Infrastructure Security SEBI Says Incidents in Protected Systems Must Also Be Reported to NCIIPC Mihir Bagwe (MihirBagwe) • July 1, 2022     Indian stock brokers and trading houses now come under an expansive cybersecurity incident reporting mandate requiring them to notify the Securities and Exchange Board of India within six hours of detecting …

Indian Stock Exchanges Have 6 Hours to Report Cyber Incident Read More »

Friday Squid Blogging: Multiplexing SQUIDs for X-ray Telescopes

Friday Squid Blogging: Multiplexing SQUIDs for X-ray Telescopes NASA is researching new techniques for multiplexing SQUIDs—that’s superconducting quantum interference devices—for X-ray observatories. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Tags: squid Sidebar photo of …

Friday Squid Blogging: Multiplexing SQUIDs for X-ray Telescopes Read More »

Norton Fights Columbia's Atty Award Bid After Patent Verdict

By Britain Eakin (July 1, 2022, 9:05 PM EDT) — NortonLifeLock Inc. and Columbia University filed a flurry of responses and oppositions Friday after the university won $185 million in May over two anti-malware patents, with the cybersecurity company opposing Columbia’s motion for attorney fees and enhanced damages, and the university fighting Norton’s bid for …

Norton Fights Columbia's Atty Award Bid After Patent Verdict Read More »

Report Claims Coinbase Selling User Geolocation Data to ICE

Tech Inquiry’s Jack Paulson has shared startling details about a 3-year contract between the US Department of Homeland Security (DHS) and crypto exchange Coinbase in its report. According to the contract details accessed by Tech Inquiry’s researcher, under this $1.36 million contract, Coinbase’s Coinbase Tracer (previously Coinbase Analytics) will provide crypto users’ data to the US Immigrations …

Report Claims Coinbase Selling User Geolocation Data to ICE Read More »

Cyberattack shuts down unemployment, labor websites across the US

A cyberattack on a software company almost a week ago continues to ripple through labor and workforce agencies in a number of US states, cutting off people from such services as unemployment benefits and job-seeking programs. Labor departments and related agencies in at least nine states have been impacted. According to the Louisiana Workforce Commission …

Cyberattack shuts down unemployment, labor websites across the US Read More »

Key Lawmaker: Digital Passport Only Way to Deter Crypto Use for Ransomware Attacks

During a hearing that highlighted the dual-sided implications technology often creates for privacy and security, Rep. Bill Foster, D-Ill., promoted the idea of regulating cryptocurrency exchanges by implementing a digital passport, saying it’s the only way to make the industry less attractive to perpetrators of ransomware attacks and other transnational crime. “You’re ultimately going to …

Key Lawmaker: Digital Passport Only Way to Deter Crypto Use for Ransomware Attacks Read More »

Notes on cyber conflict. Lazarus Group blamed for the Harmony cryptocurrency heist. MedusaLocker warning. Observation of the C2C market. The Crypto Queen cracks the FBI’s Ten Most Wanted.

An update on the DDoS attack against Norway. NATO’s resolutions on cyber security. North Korea seems to be behind the Harmony cryptocurrency heist. MedusaLocker warninga. Microsoft sees improvements in a gang’s technique. Google blocks underworld domains. The Israeli-Iranian conflict in cyberspace. Chris Novak from Verizon with his take on this year’s DBIR. Our guest is …

Notes on cyber conflict. Lazarus Group blamed for the Harmony cryptocurrency heist. MedusaLocker warning. Observation of the C2C market. The Crypto Queen cracks the FBI’s Ten Most Wanted. Read More »

SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide

Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. Researchers from Kaspersky Lab have discovered a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. “In early 2022, we investigated one such IIS backdoor: SessionManager. In late April 2022, …

SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide Read More »