Day: July 21, 2022

Huntress Buys Security Training Provider Curricula for $22M

Security Awareness Programs & Computer-based Training , Training & Security Leadership Firm’s Largest Acquisition to Extend User Education to Small to Midsized Clients Michael Novinson (MichaelNovinson) • July 21, 2022     Kyle Hanslovan, co-founder and CEO, Huntress (Image: Huntress) Managed security platform stalwart Huntress has made the largest acquisition in its eight-year history, scooping …

Huntress Buys Security Training Provider Curricula for $22M Read More »

Senet collaborates with Iota Communications to deliver wireless networks for smart infrastructure sensors

Senet and Iota Communications announced a partnership to deliver LoRaWAN through both 915 MHz unlicensed spectrum and through IotaComm’s 800 MHz FCC-licensed spectrum network connectivity. The initial use cases will be focused on Smart Building, Smart City, and Critical Infrastructure applications. With this collaboration, and in addition to its use of the Senet platform for …

Senet collaborates with Iota Communications to deliver wireless networks for smart infrastructure sensors Read More »

Acrisure acquires Catalyst Technology Group and ITS to expand its cyber services offering

Acrisure announced that it has acquired two Managed Service Providers (MSP) within its Cyber Services division: Catalyst Technology Group and ITS Inc. Catalyst Technology Group, based in Indianapolis, Indiana, offers small-and-medium size businesses enterprise-class IT support with a specialty in streamlining processes for greater customer ease. ITS Inc., based in Bar Mills, Maine, provides IBM …

Acrisure acquires Catalyst Technology Group and ITS to expand its cyber services offering Read More »

Anvilogic raises $25 million to modernize security operations

Anvilogic announced the company’s $25 million Series B funding led by Outpost Ventures, a Neuberger Berman fund, with participation from Xerox Ventures, G Squared, Foundation Capital, Point72 Ventures and Cervin Ventures. This round brings Anvilogic’s total funding to $40 million. “In this emerging new world of cloud-first applications and multi-cloud workloads, it’s important to bring …

Anvilogic raises $25 million to modernize security operations Read More »

Review – 5 Advisories and 1 Update Published – 7-21-22

Today, CISA’s NCCIC-ICS published five control system security advisories for products from AutomationDirect, Mitsubishi Electric, Rockwell Automation, Johnson Controls, and ABB. They also published an update for products from Rockwell. AutomationDirect Advisory – This advisory describes a cleartext transmission of sensitive information vulnerability in the AutomationDirect Stride Field I/O product. Mitsubishi Advisory – This advisory …

Review – 5 Advisories and 1 Update Published – 7-21-22 Read More »

ZEDEDA raises $26 million to accelerate research and development

ZEDEDA announced that it has closed $26 million in Series B funding, capping a period of exponential growth. The broad range of new and existing investors — including Coast Range Capital, Lux Capital, Energize Ventures, Almaz Capital, Porsche Ventures, Chevron Technology Ventures, Juniper Networks, Rockwell Automation, Samsung Next and EDF North America Ventures — signals …

ZEDEDA raises $26 million to accelerate research and development Read More »

Ex-Coinbase manager charged in first-ever crypto insider trading case

A now-former Coinbase manager, his brother, and a friend were today charged with wire fraud conspiracy and wire fraud in connection with the first-ever cryptocurrency insider trading scheme in the US. Ishan Wahi, a 32-year-old ex-product manager at Coinbase Global who lives in Seattle, Washington, and his 26-year-old brother Nikhil Wahi, also from Seattle, were …

Ex-Coinbase manager charged in first-ever crypto insider trading case Read More »

Researchers uncover potential ransomware network with U.S. connections

Written by AJ Vicens Jul 21, 2022 | CYBERSCOOP Typically, when it comes to ransomware, researcher and cybersecurity companies scramble after attacks to understand the origin of the malware that infected systems and locked crucial data. But researchers with Censys, a firm that indexes devices connected to the internet, said Thursday they’ve flipped the typical …

Researchers uncover potential ransomware network with U.S. connections Read More »

Russian Hackers Target Ukrainian Software Company

With the Russian invasion still underway in Ukraine, Ukrainians practically face new cyber threats everyday. There has been a constant back-and-forth between both sides, taking turns targeting critical organizations in each other’s countries. Most recently, Russian threat actors have taken aim at a large software development company in Ukraine that is utilized by various government …

Russian Hackers Target Ukrainian Software Company Read More »

New Amendments to Intermediary Rules threaten Free Speech in India

EFF joined the Association of Progressive Communications (APC) and other digital rights organizations from around the world, urging the Indian government to withdraw its new amendment to Intermediary Guidelines and Digital Media Ethics Code (2021 IT Rules). EFF has already expressed its concerns about IT Rules’ chilling effect on Internet users’ freedom of expression and …

New Amendments to Intermediary Rules threaten Free Speech in India Read More »

Critical Vulnerability in Popular GPS Tracker Lets Hackers Remotely Control Vehicles

The MV720 GPS tracker is manufactured by a China-based company MiCODUS which was informed about the flaws back in September 2021 yet it has not fixed the issue. Cybersecurity startup BitSight has identified six flaws in the GPS tracker MV720 manufactured by China-based MiCODUS. According to the IT security researchers at BitSight the critical security …

Critical Vulnerability in Popular GPS Tracker Lets Hackers Remotely Control Vehicles Read More »

Week of Data Dumps, Part 1 – device names

Reversing is not only hours spent analyzing code. It’s also about collecting interesting data so that it can be used to quickly determine other programs’ functionality in the future. Recognizing unique strings, GUIDs (classes, interfaces, references to strings, classes of devices, etc.), device names, exported and imported APIs , referenced API names that get resolved …

Week of Data Dumps, Part 1 – device names Read More »

Battling Moscow's hackers prior to invasion gave Kyiv 'full dress rehearsal' for today's cyber warfare

Written by Suzanne Smalley Jul 21, 2022 | CYBERSCOOP Ukraine has long been on the front line of many of the most devastating cyberattacks attributed to Russian state-sponsored hackers, from a 2015 power grid attack to the infamous 2017 NotPetya malware infections that spread around the world and caused billions of dollars in damages. More …

Battling Moscow's hackers prior to invasion gave Kyiv 'full dress rehearsal' for today's cyber warfare Read More »

Security considerations for telehealth businesses

Devin Partida writes about cyber security and technology. She is also the Editor-in-Chief of ReHack.com. During the pandemic, telehealth garnered extensive attention due to its unparalleled functionality and efficacy as a healthcare resource. When hospitals and doctors’ offices were flooded with patients exhibiting severe coronavirus symptoms, and people were told to stay home if they showed …

Security considerations for telehealth businesses Read More »

Ransomware attacks slowing as 2022 wears on

Total ransomware attacks for the second quarter of 2022 totaled 574, representing a 34% slowdown compared to the first quarter of the year, according to a report released Thursday by GuidePoint Research. The most impacted industries were manufacturing and construction, GuidePoint’s report said, accounting for 18.3% of all claimed attacks during the quarter. The tech …

Ransomware attacks slowing as 2022 wears on Read More »

US Cyber Command spots another 20 malware strains targeting Ukraine

US Cyber Command has disclosed 20 new strains of malware among the numerous software nasties and cyberattacks being used against Ukrainian targets over the last few months. In an alert this week, the Pentagon’s cyberspace wing made public indicators of compromise (IOC) associated with various malware strains that were found in Ukrainian networks by the …

US Cyber Command spots another 20 malware strains targeting Ukraine Read More »

Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene

A previously unknown macOS spyware has surfaced in a highly targeted campaign, which exfiltrates documents, keystrokes, screen captures, and more from Apple machines. Interestingly, it exclusively uses public cloud-storage services for housing payloads and for command-and-control (C2) communications — an unusual design choice that makes it difficult to trace and analyze the threat. Dubbed CloudMensis …

Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene Read More »

ADPPA Helps Protect Civil Rights for All Americans

Today, The Hill published an op-ed from the Future of Privacy Forum’s (FPF) Senior Policy Counsel for Data, Decision Making, and Artificial Intelligence Bertram Lee. The piece highlighted that privacy, particularly in the context of digital services, electronic data flows, and personal data, is a civil right. Yesterday, the House Energy and Commerce Committee voted …

ADPPA Helps Protect Civil Rights for All Americans Read More »

Official: White House to Meet with Rail Industry Before Issuing Cybersecurity Rules

The White House plans to consult with leaders of the rail industry next month on a new cybersecurity directive, according to Deputy National Security Advisor for Cyber and Emerging Tech Anne Neuberger.   Speaking at the Aspen Security Forum Wednesday, Neuberger said security directives the administration issued for the pipeline sector last year—in response to a …

Official: White House to Meet with Rail Industry Before Issuing Cybersecurity Rules Read More »

Threat actors target software firm in Ukraine using GoMet backdoor

Threat actors targeted a large software development company in Ukraine using the GoMet backdoor. Researchers from Cisco Talos discovered an uncommon piece of malware that was employed in an attack against a large Ukrainian software development company. The software development company produces software that is used by various state organizations in Ukraine. Researchers believe that …

Threat actors target software firm in Ukraine using GoMet backdoor Read More »

Authentication Weakness Responsible For 80% Of Financial Breaches

Financial institutions in the U.S. and Europe experienced an average of 3.4 significant cyber breaches in the last 12 months, according to a new report by passwordless company Hypr. (Photo by Leon Neal/Getty Images) Despite the ongoing move to multi-factor authentication (MFA), the financial sector still faces a significant problem when it comes to breaches …

Authentication Weakness Responsible For 80% Of Financial Breaches Read More »

Notes on the underworld: emerging, enduring, and vanishing gangs, and their C2C markets. More spearphishing of Ukrainian targets. US CYBERCOM releases IOCs obtained from Ukrainian networks.

A criminal talent broker emerges. Developing threats to financial institutions. Phishing through PayPal. Lessons to be learned from LAPSUS$, post-flameout. More spearphishing of Ukrainian targets. US Cyber Command releases IOCs obtained from Ukrainian networks. Johannes Ullrich from SANS on the value of  keeping technology simple. Our guests are Carla Plummer and Akilah Tunsill from the …

Notes on the underworld: emerging, enduring, and vanishing gangs, and their C2C markets. More spearphishing of Ukrainian targets. US CYBERCOM releases IOCs obtained from Ukrainian networks. Read More »

More Quantum-Focused Legislation Aims to Implement Stronger Cryptography Standards

Cookie List A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. …

More Quantum-Focused Legislation Aims to Implement Stronger Cryptography Standards Read More »