The effect of COVID-19 has, I think we can all agree, been felt throughout the whole world and throughout all faucets of everyday life. From lockdowns to face masks — we’ve all had to make changes to our everyday life. However, lockdown life was generally predicted to bring about a positive shift in the show more ...
tech-world for gender equality — by levelling the playing field for women and men in terms of social and family planning. Tradition stereotypes were thought to finally give way. How the journey towards gender equality progressed during the pandemic However, not all is what it appears. A new report from Kaspersky shows that around half of women in the tech space believe that the effects of COVID-19 have actually delayed, rather than enhanced, their career progression. Some of the main reasons around this fall down to day-to-day functions such as home schooling and cleaning being a major part but other issues such as adapting working hours around family life also play a huge part. At the same time the survey conducted revealed that many companies seem to have made a great step towards gender diversity, with seven out of ten women believing that their skills and experience were considered more important than their gender when applying for their first IT or tech role. Also pretty much the same number (69%) of female respondents said that they feel like their opinion would be respected from the very beginning, regardless of their gender. However, male-majority teams still dominate female-majority teams at an almost 5 to 1 ratio, and 44% of women surveyed still believe that men have a faster career progression in their organizations, then women. The pandemic added homeschooling and other challenges to the equation, resulting in 4 out of 10 women saying that they were held back from pursuing career changes these last months due to family or home pressures. The impact of the pandemic on the work culture and policies So what can companies do to make things better for all employees regardless of their gender, who are still having to remote work and also juggle family life? Merici Vinton, Co-Founder and CEO at Ada’s List puts it succinctly: “Companies need to signal, both through culture and policy, that they will give working parents of both genders the flexibility they need during COVID (and beyond).” With the pandemic still continuing to make irreversible changes on the global economy and also people’s work lives, businesses need to adapt to these changes and provide them with the working environments that feel comfortable for them, so that employees can have a better work-life-balance than they did before, or even feel more efficient (which is now true only for 31% of women surveyed). To do that, organizations need to listen to their employees more and make use of the best practices introduced by others. To learn more about this and also read the full report, head here.
A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S. military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. The new charges have derailed plans to deport him under compassionate release because of the show more ...
COVID-19 pandemic. Ardit Ferizi, a 25-year-old citizen of Kosovo, was slated to be sent home earlier this month after a federal judge signed an order commuting his sentence to time served. The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020. But while Ferizi was in quarantine awaiting deportation the Justice Department unsealed new charges against him, saying he’d conspired from prison with associates on the outside to access stolen data and launder the bitcoin proceeds of his previous crimes. In the years leading up to his arrest, Ferizi was the administrator of a cybercrime forum called Pentagon Crew. He also served as the leader of an ethnic Albanian group of hackers from Kosovo known as Kosova Hacker’s Security (KHS), which focused on compromising government and private websites in Israel, Serbia, Greece, Ukraine and the United States. The Pentagon Crew forum founded by Ferizi. In December 2015, Ferizi was apprehended in Malaysia and extradited to the United States. In January 2016, Ferizi pleaded guilty to providing material support to a terrorist group and to unauthorized access. He admitted to hacking a U.S.-based e-commerce company, stealing personal and financial data on 1,300 government employees, and providing the data to an Islamic State hacking group. Ferizi gave the purloined data to Junaid “Trick” Hussain, a 21-year-old hacker and recruiter for ISIS who published it in August 2015 as part of a directive that ISIS supporters kill the named U.S. military members and government employees. Later that month, Hussain was reportedly killed by a drone strike in Syria. The government says Ferizi and his associates made money by hacking PayPal and other financial accounts, and through pornography sites he allegedly set up mainly to steal personal and financial data from visitors. Junaid Hussain’s Twitter profile photo. Between 2015 and 2019, Ferizi was imprisoned at a facility in Illinois that housed several other notable convicts. For example, prosecutors allege that Ferizi was an associate of Mahmud “Red” Abouhalima, who was serving a 240 year sentence at the prison for his role in the 1993 World Trade Center bombing. Another inmate incarcerated at the same facility was Shawn Bridges, a former U.S. Secret Service agent serving almost eight years for stealing $820,000 worth of bitcoin from online drug dealers while investigating the hidden underground website Silk Road. Prosecutors say Ferizi and Bridges discussed ways to hide their bitcoin. The information about Ferizi’s inmate friends came via a tip from another convict, who told the FBI that Ferizi was allegedly using his access to the prison’s email system to share email and bitcoin account passwords with family members back home. The Justice Department said subpoenas served on Ferizi’s email accounts and interviews with his associates show Ferizi’s brother in Kosovo used the information to “liquidate the proceeds of Ferizi’s previous criminal hacking activities.” [Side note: It may be little more than a coincidence, but my PayPal account was hacked in Dec. 2015 by criminals who social engineered PayPal employees over the phone into changing my password and bypassing multi-factor authentication. The hackers attempted to send my balance to an account tied to Hussain, but the transfer never went through.] Ferizi is being tried in California, but has not yet had an initial appearance in court. He’s charged with one count of aggravated identity theft and one count of wire fraud. If convicted of wire fraud, he faces a maximum penalty of 20 years in prison and a fine of $250,000. If convicted of aggravated identity theft, he faces a mandatory penalty of 2 years in prison in addition to the punishment imposed for a wire fraud conviction.
Indelible discovered the “PushBug” campaign, which is a highly resilient operation, spread across more than 100 domains and installing browser-based activity that is difficult to detect.
During a routine dark web monitoring, researchers from Cyble found a leak of over 500,000 records of C-level executives from Capital Economics on a Russian-speaking forum.
The maintainers of OpenWRT, an open-source project that provides free and customizable firmware for home routers, have disclosed a security breach that took place over the weekend.
Excellus Health Plan, Inc. has agreed to pay $5.1m to the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) to settle potential HIPAA violations.
The UK’s Ministry of Defense (MoD) experienced an 18% rise in personal data loss incidents in the financial year 2019/20, according to official figures analyzed by the Parliament Street Think Tank.
Joker’s Stash, which is by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021.
Forums of the Windows utility developer IObit were hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.
The company wrote to customers mid-last week to inform them of a "breach of security resulting in the unauthorised access to data from our user database," according to the email seen by The Register.
Microsoft is stepping up security for users of Microsoft Defender for Endpoint by changing a key setting, switching the default from optional automatic malware fixes to fully automatic remediation.
Symantec identified another malware strain that was used during the SolarWinds supply chain attack, bringing the total number to four, after the likes of Sunspot, Sunburst (Solorigate), and Teardrop.
Its current targets include TerraMaster data storage units, web applications built on top of the Zend PHP Framework, and websites running the Liferay Portal content management system.
The governor of New Zealand's Reserve Bank, the nation's central bank, says he "personally owns" responsibility for a data breach that exposed private and sensitive stakeholder information.
Google Cloud's first chief information security office (CISO) has revealed that Google's cloud venture does use software from vendor, SolarWinds, but says its use was "limited and contained".
The flaws, collectively called "DNSpooq" by Israeli research firm JSOF, echoes previously disclosed weaknesses in the DNS architecture, making Dnsmasq servers powerless against a range of attacks.
Infosec researchers recently found a zero-day flaw in Windows 10, including the latest version, that allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.
A new Russian cybercrime outfit dubbed Classiscam has been found to have enabled theft of millions of dollars through a new scam-as-a-service operation.
Attackers often target DNS via attacks such as tunneling, phishing, hijacking, cache poisoning, and DDoS, however, other attack methods have also been observed.
Since Active Directory is used as a source from which to sync to other identity stores, any tampering with Active Directory can cause a devastating ripple effect across your identity infrastructure.
Using the ongoing adoption of the REAL ID Act of 2005 in an attempt to make the scam sound legitimate, the attackers have used three specific text phishing messages, the New York State DMV said.
FireEye released a free tool on GitHub named Azure AD Investigator that can help companies determine if the SolarWinds hackers (aka UNC2452) used any of their attack techniques inside their networks.
The theft occurred after hackers infiltrated the Wentworth IT system and sent out a post to members, seemingly demanding a payment in bitcoins, a cyber currency, to “recover files”.
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
Ubuntu Security Notice 4699-1 - It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose sensitive information.
Red Hat Security Advisory 2021-0190-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. Issues addressed include denial of service and integer overflow vulnerabilities.
Red Hat Security Advisory 2021-0151-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2021-0152-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2021-0150-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2021-0187-01 - Red Hat OpenShift Virtualization release 2.5.3 is now available with updates to packages and images that fix several bugs and security issues. Issues addressed include denial of service and integer overflow vulnerabilities.
Ubuntu Security Notice 4698-1 - Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that show more ...
Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
Red Hat Security Advisory 2021-0189-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2021-0183-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2021-0184-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
Ubuntu Security Notice 4697-1 - It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. It was discovered that Pillow show more ...
incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.
Red Hat Security Advisory 2021-0037-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.12.
Red Hat Security Advisory 2021-0039-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Red Hat Security Advisory 2021-0167-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.
An ongoing malware campaign has been found exploiting recently disclosed vulnerabilities in Linux devices to co-opt the systems into an IRC botnet for launching distributed denial-of-service (DDoS) attacks and mining Monero cryptocurrency. The attacks involve a new malware variant called "FreakOut" that leverages newly patched flaws in TerraMaster, Laminas Project (formerly Zend Framework), and
Cybersecurity researchers have uncovered multiple vulnerabilities in Dnsmasq, a popular open-source software used for caching Domain Name System (DNS) responses, thereby potentially allowing an adversary to mount DNS cache poisoning attacks and remotely execute malicious code. The seven flaws, collectively called "DNSpooq" by Israeli research firm JSOF, echoes previously disclosed weaknesses in
Cybersecurity is hard. For a CISO that faces the cyber threat landscape with a small security team, the challenge is compounded. Compared to CISOs at large enterprises, CISOs small to medium-sized enterprises (SMEs) have smaller teams with less expertise, smaller budgets for technology and outside services, and are more involved in day-to-day protection activities. CISOs at SMEs are
Cybersecurity researchers have unearthed a fourth new malware strain—designed to spread the malware onto other computers in victims' networks—which was deployed as part of the SolarWinds supply chain attack disclosed late last year. Dubbed "Raindrop" by Broadcom-owned Symantec, the malware joins the likes of other malicious implants such as Sunspot, Sunburst (or Solorigate), and Teardrop that
The Scottish Environment Protection Agency (SEPA) has confirmed that it is continuing to respond to an ongoing ransomware attack that has encrypted files, disrupted systems and seen 1.2 GB of data stolen by cybercriminals. Read more in my article on the Hot for Security blog.