POPULARITY
We are continuing demystifying a couple of terms that folks new to the realm of cyber security often mix up. Those are the terms Exfil or DLP. So by the end of the session you will surely understand where you stand the next time you will hear an Exfil has happened to so and so org or a DLP is require here.Make sure you listen to part 1 beforehand.And as alware before we get into the weeds, lets review the recent top trending news this week. These areBabuk variant decryption key made availableMandiant X account hacked - https://www.bleepingcomputer.com: Decryptor for Babuk ransomware variant released after hacker arrested- https://grahamcluley.com: Security firm Mandiant says it did not have 2FA enabled on its hacked Twitter account - https://www.nomoreransom.org: No-More-Ransom siteBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.
Texas healthcare provider suffer data breach Entire population of Brazil possibly exposed in data leak Decryptor for Tortilla ransomware released Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To see Vanta's platform firsthand and access resources plus a special offer, go to vanta.com/ciso and watch their 3-minute product demo. For the stories behind the headlines, head to CISOseries.com.
A VMConnect supply chain attack is connected to the DPRK. Reports of an aledgedly "fully undetectable information stealer." DB#JAMMER brute forces exposed MSSQL databases. A Cyberattack on a Canadian utility. The state of DevSecOps. A look at hacktivism, today and beyond. Betsy Carmelite from Booz Allen on threat intelligence as part of a third-party risk management program. Our guest is Adam Marré from Arctic Wolf Networks, with an analysis of Chinese cyber tactics. And a free decryptor is released for Key Group ransomware. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/168 Selected reading. VMConnect supply chain attack continues, evidence points to North Korea (ReversingLabs) Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware (Securonix) Montreal electricity organization latest victim in LockBit ransomware spree (Record) LockBit ransomware gang targets electrical infrastructure organization in Montreal (teiss) [Analyst Report] SANS 2023 DevSecOps Survey (Synopsys) SANS 2023 DevSecOps Survey (Application Security Blog) Government Agencies Report New Russian Malware Targets Ukrainian Military (National Security Agency/Central Security Service) Russian military hackers take aim at Ukrainian soldiers' battle plans, US and allies say (CNN) Ukraine: The First Cyber Lessons (AFCEA International) The Return of Hacktivism: A Temporary Reprise or Here for Good? (ReliaQuest) Decrypting Key Group Ransomware: Emerging Financially Motivated Cyber Crime Gang (EclecticIQ) Learn more about your ad choices. Visit megaphone.fm/adchoices
The LastPass data breach built on an earlier attack. Forensic visibility and the Google Cloud Platform. An overview of hacktivist auxiliaries in Russia's war against Ukraine. Dish acknowledges sustaining a cyberattack. MKS Instruments discloses a ransomware incident. Carole Theriault has a lesson about ChatGPT and school systems. Ann Johnson from Afternoon Cyber Tea speaks with Stacy Hughes from Voya Financial about her journey to being CISO. And Bitdefender releases a decryptor for MortalKombat ransomware. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/40 Selected reading. LastPass sustains a second data breach. (CyberWire) Incident 2 – Additional details of the attack (LastPass Support) LastPass Says DevOps Engineer Home Computer Hacked (SecurityWeek) LastPass: Keylogger on home PC led to cracked corporate password vault (Naked Security) LastPass data was stolen by hacking an employee's home computer (The Verge) LastPass says employee's home computer was hacked and corporate vault taken (Ars Technica) LastPass is in Big Trouble (Gizmodo) LastPass: DevOps engineer hacked to steal password vault data in 2022 breach (BleepingComputer) The LastPass security breach is still going from bad to worse (Cybersecurity Connect) Mitiga on forensic visibility and the Google Cloud Platform. (CyberWire) Mitiga Security Advisory: Insufficient Forensic Visibility in GCP Storage (Mitiga) Google Cloud Platform Exfiltration: A Threat Hunting Guide (Mitiga) The Cyber Warfare Report (GroupSense) Dish Network confirms ransomware attack behind multi-day outage (BleepingComputer) DISH tells SEC that ransomware attack caused outages; personal info may have been stolen (The Record from Recorded Future News) Ransomware attack on chip supplier causes delays for semiconductor groups (Financial Times) Bitdefender Releases Decryptor for MortalKombat Ransomware (Bitdefender Labs) Victims of MortalKombat ransomware can now decrypt their locked files for free (The Record from Recorded Future News)
A daily look at the relevant information security news from overnight - 15 July, 2022Episode 266 - 15 July 2022Hive Five Decryptor- https://www.techtarget.com/searchsecurity/news/252522715/Researcher-develops-Hive-ransomware-decryption-tool WordPress Scan - https://www.bleepingcomputer.com/news/security/attackers-scan-16-million-wordpress-sites-for-vulnerable-plugin/SMB H0lyGh0st - https://thehackernews.com/2022/07/north-korean-hackers-targeting-small.htmlSpoofing GitHub Commits- https://www.securityweek.com/supply-chain-attack-technique-spoofs-github-commit-metadata WordPress Phishes PayPal - https://www.bleepingcomputer.com/news/security/paypal-phishing-kit-added-to-hacked-wordpress-sites-for-full-id-theft/Hi, I'm Paul Torgersen. It's Friday July 15th, 2022, and this is a look at the information security news from overnight. From TechTarget.com:A malware researcher known as reecDeep, or reecDeep, I'm sorry if I am mispronouncing your handle, has developed and published a decryption tool on GitHub for version 5 of the Hive ransomware. reecDeep developed the tool with a fellow anonymous malware researcher known as rivitna. The post includes technical details of how Hive v5 works as well as how the researchers developed their brute-force decryption tool. From BleepingComputer.com:Security researchers have detected a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin that allows uploading files without authentication. They were specifically targeting the Kaswara Modern WPBakery Page Builder, which had been abandoned by its author before receiving a patch for a critical severity flaw uncovered last year. Exploitation of the flaw could lead to a complete takeover of the site. From TheHackerNews.com:An emerging threat cluster originating from North Korea, which calls itself H0lyGh0st has been linked to developing and using ransomware with that same payload name targeting small businesses since September of last year. Targeted entities primarily include SMB such as manufacturing organizations, banks, schools, and event and meeting planning companies. From SecurityWeek.com:Security researchers are warning of a new supply chain attack technique that relies on spoofed commit metadata to add legitimacy to malicious GitHub repositories. Threat actors could tamper with commit data so that a repository would appear to be older than it actually is, or that reputable contributors have been involved in its maintenance. And last this week, from BleepingComputer.comA newly discovered phishing kit is targeting PayPal users in an attempt to steal your PII. The kit is hosted on legitimate WordPress websites that have been hacked, which allows it to evade detection, at least for a little while. The threat actor targets poorly secured WordPress sites and brute-forces their log in. They've also done a pretty nice job on the PayPal spoof site, which includes a Captcha challenge for a whiff of legitimacy. The ultimate goal is not only gathering login info, but financial and address details as well. That's all for me. Have a great weekend. Like and subscribe, and until next time, be safe out there.
A New Zealand firm releases a free decryptor tool to fight ransomware, you are not as safe buying an app in the Apple store as you might think, and an online payment fraud will exceed 343 billion dollars next year.
The widely expected, intense Russian cyber campaign has yet to appear. "Protestware" as a dangerous turn in hacktivism. Information operations and the persistence of independent channels of news. Social media as an opsec problem.Lapsus$ may have hit Microsoft. A second Brazilian gang tries its hand at extortion. A snakey backdoor afflicts French organizations. AD Bryan Vorndran of the FBI Cyber Division on what the agency brings to the table in the cyberspace. Rick Howard considers infrastructure as code. Emsisoft offers a free decryptor for Diavol ransomware. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/54 Selected reading. Volodymyr Zelensky tells Russia to seek ‘meaningful' peace talks or face catastrophic losses (The Telegraph) Cyber threats and the Ukraine conflict (Avast) Cyber ‘cold war' rages online but Russia holds back on massive digital attacks (Times of Israel) Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict (Security Affairs) Former CIA officer shows what a Russian cyberattack on the US would look like (Fox News) EU and US agencies warn that Russia could attack satellite communications networks (Security Affairs) Banks on alert for Russian reprisal cyberattacks on Swift (Ars Technica) Activists are targeting Russians with open-source “protestware” (MIT Technology Review) Cyber warfare gets real for satellite operators (SpaceNews) More Conti ransomware source code leaked on Twitter out of revenge (BleepingComputer) Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers (Vice) Anonymous has unleashed a successful cyberwar to undermine Putin's Ukraine invasion (Fortune) Some Russians are breaking through Putin's digital iron curtain — leading to fights with friends and family (Washington Post) On Russia's VK, anti-war messages defy Vladimir Putin's Ukraine censors (Newsweek) Why Russia's anti-war movement matters (Atlantic Council) Telegram Thrives Amid Russia's Media Crackdown (Wall Street Journal) British soldiers are ordered off WhatsApp amid fears that sensitive military details could be accessed by Russian hackers (Daily Mail) Microsoft Investigating Claim of Breach by Extortion Gang (Vice) Hacking group that went after NVIDIA may have also attacked Microsoft (Windows Central) Microsoft Allegedly Breached by LAPSUS Group (Cyber Kendra) Lapsus$ gang sends a worrying message to would-be criminals (Register) TransUnion cyber attack – hackers demand R225 million ransom (Business Tech). TransUnion Confirms Data Breach at South Africa Business (SecurityWeek) UPDATE | TransUnion believes breach of 54 million SA records unrelated to current hack (Fin24) Banks move to protect consumers in wake of TransUnion cyberattack (TechCentral) Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain (Proofpoint) Emsisoft releases free decryptor for the victims of the Diavol ransomware (Security Affairs)
A malware campaign offers bogus protection against Pegasus surveillance. A new APT, ChamelGang, is found active against targets in at least ten countries. A ransomware gang can't get its decryptor right. A proof-of-concept shows that charges can be made from a non-contact Visa card in an iPhone wallet. David Dufour from Webroot warns of potential perils in cyber insurance. Our guest is Shamla Naidoo from Netskope with advice for cyber innovators .And ransomware may be responsible for a child's death in an Alabama hospital. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/190
Click for links and more info ⬇️⬇️⬇️ 100,000 credentials leaked due to an autodiscover flaw, 3 Apple zero days were published online, and the FBI secretly held a ransomware decryptor key! All that coming up now on ThreatWire. #threatwire #hak5 Links: Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers. Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/2XZqx6Coa2Y Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ Support ThreatWire! https://www.patreon.com/threatwire Follow Shannon on Social Media: https://snubsie.com/links Links: Links: 100k windows exchange emails https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/ https://www.guardicore.com/labs/autodiscovering-the-great-leak/ https://thehackernews.com/2021/09/microsoft-exchange-bug-exposes-100000.html https://arstechnica.com/information-technology/2021/09/exchange-outlook-autodiscover-bug-exposed-100000-email-passwords/ https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/ https://www.blackhat.com/asia-17/briefings/schedule/#all-your-emails-belong-to-us-exploiting-vulnerable-email-clients-via-domain-name-collision-5301 https://github.com/guardicore/labs_campaigns/tree/master/Autodiscover Apple Stuff: https://arstechnica.com/information-technology/2021/09/three-ios-0-days-revealed-by-researcher-frustrated-with-apples-bug-bounty/ https://www.bleepingcomputer.com/news/security/researcher-drops-three-ios-zero-days-that-apple-refused-to-fix/ https://habr.com/en/post/579714/ https://www.vice.com/en/article/k78dpx/researcher-publishes-source-code-for-three-unpatched-iphone-exploits https://habr.com/en/post/580272/ https://www.reddit.com/r/jailbreak/comments/pvaztb/free_release_entitlementfix_workaround_for_the_3/ Ransomware Key https://arstechnica.com/gadgets/2021/07/kaseya-gets-master-decryptor-to-help-customers-still-suffering-from-revil-attack/ https://arstechnica.com/information-technology/2021/09/ransomware-victims-panicked-while-fbi-secretly-held-revil-decryption-key/ https://www.cnet.com/tech/services-and-software/fbi-reportedly-withheld-ransomware-key-from-business-for-3-weeks-in-failed-sting/ https://twitter.com/BitdefenderLabs/status/1438489191491440646?s=20 https://www.washingtonpost.com/national-security/ransomware-fbi-revil-decryption-key/2021/09/21/4a9417d0-f15f-11eb-a452-4da5fe48582d_story.html Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop → http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
What's up, everyone! In this episode, Ryan, Shannon, and LeVon discuss Bitdefender working with law enforcement to create a universal decryptor key for those impacted by ReVil ransomware. Please LISTEN
Ransomware hits an Iowa agricultural cooperative, which doesn't meet, the criminals say, the standard for “critical infrastructure.” US Treasury Department announces steps against ransomware's economic support system. Did Kaseya get its REvil decryptor from the FBI? Ben Yelin describes a major federal court victory for security researchers. Our guest is Dave Stapleton from CyberGRX on the rise of extortionware. And Europol, along with Spanish and Italian police, take down a Camorra cybercrime ring. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/182
A cybersecurity firm published a universal decryption tool to help victims of the REvil ransomware gang recover encrypted files. Anonymous breached a web hosting provider and domain registrar that gave shelter to right-wing websites. And the Department of Justice fined three former NSA employees who worked as hackers-for-hire for a United Arab Emirates firm. Plus, Verizon's Alex Pinto joins to talk about the cybersecurity industry's wittiest report.
This week Aaran Leyland joins as a guest host and talks: the true cost of hacking social network accounts, OnlyFans rescinds policy changes, IoT Camera Flaws, & the Ragnarok Decryptor release, along with the show Wrap Ups for this week! Show Notes: https://securityweekly.com/swn146 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week Aaran Leyland joins as a guest host and talks: the true cost of hacking social network accounts, OnlyFans rescinds policy changes, IoT Camera Flaws, & the Ragnarok Decryptor release, along with the show Wrap Ups for this week! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn146
This week Aaran Leyland joins as a guest host and talks: the true cost of hacking social network accounts, OnlyFans rescinds policy changes, IoT Camera Flaws, & the Ragnarok Decryptor release, along with the show Wrap Ups for this week! Show Notes: https://securityweekly.com/swn146 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Triden Group: Security Squad Podcast Episode 16. This week, the squad covers the latest on the Akamai outage, Kaseya's REvil decryptor release, and DNS management.
Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit
Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit
Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit
Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and Xerox Printers is exploitable. Windows' Process Hacker. "GoLang" gains supply chain security features at GitHub. Closing the Loop. SeriousSAM & PetitPotam. We invite you to read our show notes at https://www.grc.com/sn/SN-829-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: business.eset.com/twit Melissa.com/twit
Two things to know today Semiconductor shortage, business travel, and virtual doctors visits… a market perspective https://www.reuters.com/technology/car-chip-shortage-abate-smartphones-could-be-next-industry-execs-2021-07-23 https://www.axios.com/newsletters/axios-closer-3deb9439-e340-49d2-a082-b489d821c6c2.html?chunk=0&utm_term=emshare#story0 https://www.thurrott.com/hardware/253559/intel-reports-record-revenues-from-pcs https://www.zdnet.com/article/what-airlines-are-saying-about-the-return-of-business-travel/#ftag=RSSbaffb68 https://www.axios.com/newsletters/axios-closer-3856f576-557f-4e4f-a81c-2417210b8d97.html?chunk=0&utm_term=emshare#story0 https://www.axios.com/newsletters/axios-whats-next-85d8a6e5-3582-4170-b5e4-f62486572f80.html?chunk=0&utm_term=emshare#story0 AND A tale of two ransomwares. https://www.bleepingcomputer.com/news/security/no-more-ransom-saves-almost-1-billion-in-ransomware-payments-in-5-years/ https://www.bleepingcomputer.com/news/security/kaseya-obtains-universal-decryptor-for-revil-ransomware-victims/ Want to get the show on your podcast app, or get the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://shop.spreadshirt.com/mspradio Follow us on: Facebook: https://www.facebook.com/mspradionews/ Twitter: https://twitter.com/mspradionews/ Instagram: https://www.instagram.com/mspradio/ LinkedIn: https://www.linkedin.com/company/28908079/
This week Javvad and Erich discuss some of the hottest stories of the past week, including the sentancing of a swatter, the release of a Kaseya universal ransomware decryptor, a $50m demand (possibly being delivered by bicycle), MosaicLoader punishes pirates, the (ISC)2 learning portal for CISSP's and other members and an insurtech startup that joins the 'unsecured S3 bucket' club. All of this and more. Please like, subscribe and share. Story links and chapter listing is below. Serial Swatter Who Caused Death Gets Five Years in Prison https://krebsonsecurity.com/2021/07/serial-swatter-who-caused-death-gets-five-years-in-prison/ Kaseya obtains universal decryptor for REvil ransomware victims https://www.bleepingcomputer.com/news/security/kaseya-obtains-universal-decryptor-for-revil-ransomware-victims/ Hackers reportedly demand $50m from Saudi Aramco over data leak https://www.bbc.com/news/business-57924355 New MosaicLoader malware targets software pirates via online ads https://www.bleepingcomputer.com/news/security/new-mosaicloader-malware-targets-software-pirates-via-online-ads/ An insurtech startup exposed thousands of sensitive insurance applications https://techcrunch.com/2021/07/16/backnine-insurance-applications-exposed/ Other mentions: Dark Patterns https://www.darkpatterns.org/ (ISC)2 Learning Portal https://learn.isc2.org Contents of this video: 00:00 - Javvad's Minecraft-esque Intro 02:22 - Black Hat Conference and COVID Thoughts 06:00 - Serial Swatter Who Caused Death Gets Five Years in Prison 10:32 - Kaseya obtains universal decryptor for REvil ransomware victims 14:54 - Hackers reportedly demand $50m from Saudi Aramco over data leak 20:05 - New MosaicLoader malware targets software pirates via online ads 25:54 - The (ISC)2 Learning Portal and What They Are Doing Right 30:38 - An insurtech startup exposed thousands of sensitive insurance applications 34:53 - Closing and Profound Insight from Erich
The Olympics are underway, and the authorities are on the alert for cyberattacks. Kaseya has a decryptor for the REvil ransomware, but it hasn't said how it got the key. NSO Group says it's not responsible for customer misuse of its Pegasus intercept tool. US policy toward Chinese cyber activities shows continuity, with some diplomatic intensification, but hawks would like to see more action. Our guest Jack Williams from Hexagon joins Dave to discuss the promises and challenges of smart cities. Podcast partner Chris Novak of Verizon talks about advancing incident response. And Dutch police make arrests in their investigation of the Fraud Family. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/141
Kaseya gets its hands on a universal decryptor for REvil ransomware, GM’s Super Cruise is getting a big upgrade next year, and Alphabet launches a new subsidiary for industrial robot software. MP3 Please SUBSCRIBE HERE. You can get an ad-free feed of Daily Tech Headlines for $3 a month here. A special thanks to allContinue reading "Kaseya Obtains Universal Decryptor for REvil Ransomware – DTH"
Cloudflare says that reported Ukrainian breaches aren’t its issue. Trend Micro describes a new and unusually capable strain of malware. Garmin is reported to have obtained a decryptor for WastedLocker ransomware. Third-party risk continues in the news, as do misconfigured databases that expose personal information. Huawei’s CFO alleges misconduct by Canadian police and intelligence agencies. Ben Yelin examines the EFF's online Atlas of Surveillance. Dave DeWalt with SafeGuard Cyber on the evolving threat landscape as folks return to the workplace. And the Twitter incident seems to have been a problem waiting to appear. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/145
Gadget Talk - Building an LED Code Decryptor #gadgettalk #geocaching
A daily look at the relevant information security news from overnight.Episode 213 - 10 December 2019Ryuk flaw - https://www.zdnet.com/article/ryuk-ransomware-contains-a-bug-causing-data-loss-for-some-victims/Snatch trick - https://www.bleepingcomputer.com/news/security/snatch-ransomware-reboots-to-windows-safe-mode-to-bypass-av-tools/iPR nightmare - https://threatpost.com/ge-dunkin-forever21-internal-doc-leak/150920/Birth to death exposed - https://techcrunch.com/2019/12/09/birth-certificate-applications-exposed/Pensacola attack - https://www.scmagazine.com/home/security-news/pensacola-hit-with-cyberattack-hours-after-shooting-at-naval-base/
A daily look at the relevant information security news from overnight.Episode 172 - 11 October 2019Nemty decryptor - https://www.bleepingcomputer.com/news/security/nemty-ransomware-decryptor-released-recover-files-for-free/Apple zero-day - https://www.scmagazine.com/home/security-news/ransomware/bitpaymer-ransomware-attackers-exploit-apple-flaw-to-bypass-detection/iTerm2 critical - https://www.zdnet.com/article/patch-now-mac-users-critical-7-year-old-flaw-in-open-source-macos-app-iterm2/Attor attack - https://threatpost.com/sophisticated-spy-kit-russians-gsm-plugin/149095/Cyberoam vulnerability - https://techcrunch.com/2019/10/10/cyberoam-firewall-network-hackers/
A daily look at the relevant information security news from overnight.Million exposed - https://www.bleepingcomputer.com/news/security/1-million-people-had-their-medical-data-exposed-in-t-ora-breach/TwitterKit - https://threatpost.com/vulnerable-twitter-api-leaves-millions-open-to-attack/148945/Mushtik hacked - https://www.zdnet.com/article/white-hat-hacks-muhstik-ransomware-gang-and-releases-decryption-keys/HildaCrypt keys - https://www.bleepingcomputer.com/news/security/hildacrypt-ransomware-developer-releases-decryption-keys/DCH Pays ransom - https://www.scmagazine.com/home/security-news/ransomware/dch-health-system-pays-ransomware-attackers-in-bid-to-restore-operations/VPNs vulnerable - https://www.technadu.com/british-spy-agency-vulnerabilities-three-vpns/81976/
Hostinger resets passwords after a breach. Arkose finds that more than half the social media logins they investigated during the recent quarter were fraudulent. US State governors seem likely to call on the National Guard to help with cyber incidents. A new phishing campaign is distributing the Quasar RAT. A new ransomware strain, Nemty, is out in the wild. Fortnite account encrypted? Emsisoft can help. And who knew that hedge funds liked bananas. David Dufour from Webroot on company cyber security assessments. Carole Theriault speaks with Omar Yaacoubi from Barac on the growth in encrypted hacks, and how they use metadata to detect and analyze them. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/August/CyberWire_2019_08_27.html Support our show
I've got some Ransomware news for you if you own a NAS. I'll tell you how to prepare yourself for that. Also, what I picked up on Amazon Prime Day, and two very cool things for the smart home. Lastly, what I've been up to for the past two months! Links I used for this show: https://www.synology.com/en-us/company/news/article/2019JulyRansomware/Synology%C2%AE%20Urges%20All%20Users%20to%20Take%20Immediate%20Action%20to%20Protect%20Data%20from%20Ransomware%20Attack https://www.synology.com/en-us/solution/ransomware https://www.bleepingcomputer.com/news/security/attackers-are-wiping-iomega-nas-devices-leaving-ransom-notes/ https://www.bleepingcomputer.com/ransomware/decryptor/ech0raix-ransomware-decryptor-restores-qnap-files-for-free/ https://www.ezzwave.com/z-wave-products/ https://www.amazon.com/GE-Enbrighten-SimpleWire-SmartThings-46203/dp/B07RRD92T8/ref=sr11?keywords=simplewire&qid=1565966390&s=gateway&sr=8-1 https://tynick.com/blog/08-11-2019/getting-started-with-actiontiles-for-smartthings/
Sprint warns of data breach. Eclypsium announces discovery of server firmware supply chain problems. Bluetooth Low Energy may be less secure than thought. Congress hears about US census cybersecurity. Ransomware and continuity of operations. The FBI offers help decrypting GandCrab-affected files. Venafi on why financial services are especially affected by certificate issues. Congress asks to see NSPM 13. And an arrest is made in Bulgaria’s tax agency hack. Ben Yelin from UMD CHHS on the DOJ being required to make public attempts to break encryption in Facebook Messenger. Tamika Smith speaks with Alex Guirakhoo from Digital Shadows about scammers registering fake domains to try to capitalize on Facebook’s Libra cryptocurrency plans. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/July/CyberWire_2019_07_17.html Support our show
The retirement of GandCrab’s hoods may have been exaggerated. Video conferencing tools RingCentral and Zhumu may have picked up Zoom’s issues in the tech they licensed. Broadcom’s projected acquisition of Symantec is on hold, at least for now. One Silicon Valley executive calls another company “treasonous.” The US FCC wants to reign in robo-calls. And there’s a free decryptor out for Ims0rry ransomware. Emily Wilson from Terbium Labs on recent Terbium research on transnational crime. Guest is Wim Coekaerts from Oracle on security in the age of AI. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/July/CyberWire_2019_07_16.html Support our show
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Critical Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707 Bitdefender Releases GandCrap Decryptor https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behind/ Google Launches New Deceptive Site Protections in Chrome https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Critical Firefox Update https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707 Bitdefender Releases GandCrap Decryptor https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behind/ Google Launches New Deceptive Site Protections in Chrome https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html
In today’s podcast, we hear an update on Venezuela and its power outages. Amplification of social media posts as a form of mass persuasion. A look at how control of the Internet has replaced control of the radio station as a move in civil war and coup or counter-coup planning. Asian game makers get backdoored out of China. Decryptors are out for BigBobRoss ransomware. Senator Warren versus Facebook, and Facebook versus itself. And Sir Tim Berners-Lee on the Web’s 30th birthday. Joe Carrigan from JHU ISI with an early look at NSA’s Ghidra reverse engineering tool. Guest is Dr. Phyllis Schneck from Promontory Financial Group (an IBM company) on regulation in cyber security, a preview of her talk at the upcoming JHU Annual Cybersecurity Conference for Executives. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/March/CyberWire_2019_03_12.html Support our show
In today’s podcast, we hear that Microsoft has disclosed a Fancy Bear sighting, snuffling around Atlanticist think tanks in Europe. Ukraine says, in effect, see, we told you so. Speaking of bears, it seems that North Korea’s Hidden Cobra may be striking at the biggest bear of them all, going after Russian targets. There’s new decryptor available for GandCrab ransomware. Citizen Lab and NSO Group’s new partial owner exchange notes. A look at a ransomware help desk. Mike Benjamin from CenturyLink with an update on the Necurs botnet. Guest is Tommy McDowell from the R-CISC (the retail ISAC) on the importance of sharing threat data.
In today's podcast, we hear that British Airways' breach has gotten bigger. Mexico's financial institutions say they've contained the anomalies in interbank transfer systems. "Demonbot" is infesting poorly secured Hadoop servers. Google receives criticism for slow action against ad fraud. Bitdefender and Romanian police produce a decryptor for GandCrab ransomware. Discussion of a "Civilian Cybersecurity Corps:" are white hats the radio hams of the Twenty-first Century? Daniel Prince from Lancaster University joins us to talk about quantum hardware primitives. And Britney Hommertzheim, director of information security at AMC Theaters, sits down with Dave to talk about building partnerships within your organization to strengthen security’s role. For links to all the stories mentioned in today' podcast, check out today's Daily Briefing: https://thecyberwire.com/issues/issues2018/October/CyberWire_2018_10_26.html
In today's podcast we hear that Ukraine has warned that Russia is preparing a coordinated attack against Ukrainian financial and energy infrastructure. China appears to be stepping up surveillance of the Tibetan diaspora. Cisco's Talos unit has a free decryptor for Thanatos ransomware. Facebook's self-audit of data usage proves both more difficult and more skeleton-rattling than hoped. Norwegian consumer watchdogs find that Facebook and Google nudge users away from privacy. An alt-coin sting against drug dealers. Mike Benjamin from CenturyLink on Malspam, and how it differs from run of the mill spam. Guest is Jaime Blasco from AlienVault on the security implications of using open source tools.
Tons and tons of Ransomware and Cisco! All that and more with Aaron Lyons on Hack Naked News! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Hack_Naked_TV_October_11_2016 Visit http://hacknaked.tv to get all the latest episodes!
Tons and tons of Ransomware and Cisco! All that and more with Aaron Lyons on Hack Naked News! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Hack_Naked_TV_October_11_2016 Visit http://hacknaked.tv to get all the latest episodes!
Tons and tons of Ransomware and Cisco! All that and more with Aaron Lyons on Hack Naked News! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Hack_Naked_TV_October_11_2016 Visit http://hacknaked.tv to get all the latest episodes!
Tons and tons of Ransomware and Cisco! All that and more with Aaron Lyons on Hack Naked News! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Hack_Naked_TV_October_11_2016 Visit http://hacknaked.tv to get all the latest episodes!