Cyber security aggregate rss news

Cyber security aggregator - feeds history

image for COVID-19 lockdowns s ...

 Special Projects

The effect of COVID-19 has, I think we can all agree, been felt throughout the whole world and throughout all faucets of everyday life. From lockdowns to face masks — we’ve all had to make changes to our everyday life. However, lockdown life was generally predicted to bring about a positive shift in the   show more ...

tech-world for gender equality — by levelling the playing field for women and men in terms of social and family planning. Tradition stereotypes were thought to finally give way. How the journey towards gender equality progressed during the pandemic However, not all is what it appears. A new report from Kaspersky shows that around half of women in the tech space believe that the effects of COVID-19 have actually delayed, rather than enhanced, their career progression. Some of the main reasons around this fall down to day-to-day functions such as home schooling and cleaning being a major part but other issues such as adapting working hours around family life also play a huge part. At the same time the survey conducted revealed that many companies seem to have made a great step towards gender diversity, with seven out of ten women believing that their skills and experience were considered more important than their gender when applying for their first IT or tech role. Also pretty much the same number (69%) of female respondents said that they feel like their opinion would be respected from the very beginning, regardless of their gender. However, male-majority teams still dominate female-majority teams at an almost 5 to 1 ratio, and 44% of women surveyed still believe that men have a faster career progression in their organizations, then women. The pandemic added homeschooling and other challenges to the equation, resulting in 4 out of 10 women saying that they were held back from pursuing career changes these last months due to family or home pressures. The impact of the pandemic on the work culture and policies So what can companies do to make things better for all employees regardless of their gender, who are still having to remote work and also juggle family life? Merici Vinton, Co-Founder and CEO at Ada’s List puts it succinctly: “Companies need to signal, both through culture and policy, that they will give working parents of both genders the flexibility they need during COVID (and beyond).” With the pandemic still continuing to make irreversible changes on the global economy and also people’s work lives, businesses need to adapt to these changes and provide them with the working environments that feel comfortable for them, so that employees can have a better work-life-balance than they did before, or even feel more efficient (which is now true only for 31% of women surveyed). To do that, organizations need to listen to their employees more and make use of the best practices introduced by others. To learn more about this and also read the full report, head here.

image for New Charges Derail C ...

 Ne'er-Do-Well News

A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S. military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. The new charges have derailed plans to deport him under compassionate release because of the   show more ...

COVID-19 pandemic. Ardit Ferizi, a 25-year-old citizen of Kosovo, was slated to be sent home earlier this month after a federal judge signed an order commuting his sentence to time served. The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020. But while Ferizi was in quarantine awaiting deportation the Justice Department unsealed new charges against him, saying he’d conspired from prison with associates on the outside to access stolen data and launder the bitcoin proceeds of his previous crimes. In the years leading up to his arrest, Ferizi was the administrator of a cybercrime forum called Pentagon Crew. He also served as the leader of an ethnic Albanian group of hackers from Kosovo known as Kosova Hacker’s Security (KHS), which focused on compromising government and private websites in Israel, Serbia, Greece, Ukraine and the United States. The Pentagon Crew forum founded by Ferizi. In December 2015, Ferizi was apprehended in Malaysia and extradited to the United States. In January 2016, Ferizi pleaded guilty to providing material support to a terrorist group and to unauthorized access. He admitted to hacking a U.S.-based e-commerce company, stealing personal and financial data on 1,300 government employees, and providing the data to an Islamic State hacking group. Ferizi gave the purloined data to Junaid “Trick” Hussain, a 21-year-old hacker and recruiter for ISIS who published it in August 2015 as part of a directive that ISIS supporters kill the named U.S. military members and government employees. Later that month, Hussain was reportedly killed by a drone strike in Syria. The government says Ferizi and his associates made money by hacking PayPal and other financial accounts, and through pornography sites he allegedly set up mainly to steal personal and financial data from visitors. Junaid Hussain’s Twitter profile photo. Between 2015 and 2019, Ferizi was imprisoned at a facility in Illinois that housed several other notable convicts. For example, prosecutors allege that Ferizi was an associate of Mahmud “Red” Abouhalima, who was serving a 240 year sentence at the prison for his role in the 1993 World Trade Center bombing. Another inmate incarcerated at the same facility was Shawn Bridges, a former U.S. Secret Service agent serving almost eight years for stealing $820,000 worth of bitcoin from online drug dealers while investigating the hidden underground website Silk Road. Prosecutors say Ferizi and Bridges discussed ways to hide their bitcoin. The information about Ferizi’s inmate friends came via a tip from another convict, who told the FBI that Ferizi was allegedly using his access to the prison’s email system to share email and bitcoin account passwords with family members back home. The Justice Department said subpoenas served on Ferizi’s email accounts and interviews with his associates show Ferizi’s brother in Kosovo used the information to “liquidate the proceeds of Ferizi’s previous criminal hacking activities.” [Side note: It may be little more than a coincidence, but my PayPal account was hacked in Dec. 2015 by criminals who social engineered PayPal employees over the phone into changing my password and bypassing multi-factor authentication. The hackers attempted to send my balance to an account tied to Hussain, but the transfer never went through.] Ferizi is being tried in California, but has not yet had an initial appearance in court. He’s charged with one count of aggravated identity theft and one count of wire fraud. If convicted of wire fraud, he faces a maximum penalty of 20 years in prison and a fine of $250,000. If convicted of aggravated identity theft, he faces a mandatory penalty of 2 years in prison in addition to the punishment imposed for a wire fraud conviction.

 Incident Response, Learnings

Excellus Health Plan, Inc. has agreed to pay $5.1m to the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) to settle potential HIPAA violations.

 Incident Response, Learnings

The governor of New Zealand's Reserve Bank, the nation's central bank, says he "personally owns" responsibility for a data breach that exposed private and sensitive stakeholder information.

 Malware and Vulnerabilities

Infosec researchers recently found a zero-day flaw in Windows 10, including the latest version, that allows attackers to corrupt an NTFS-formatted hard drive with a one-line command.

 Expert Blogs and Opinion

Since Active Directory is used as a source from which to sync to other identity stores, any tampering with Active Directory can cause a devastating ripple effect across your identity infrastructure.

 Feed

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

 Feed

Ubuntu Security Notice 4699-1 - It was discovered that Apache Log4net incorrectly handled certain configuration files. An attacker could possibly use this issue to expose sensitive information.

 Feed

Red Hat Security Advisory 2021-0190-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. Issues addressed include denial of service and integer overflow vulnerabilities.

 Feed

Red Hat Security Advisory 2021-0187-01 - Red Hat OpenShift Virtualization release 2.5.3 is now available with updates to packages and images that fix several bugs and security issues. Issues addressed include denial of service and integer overflow vulnerabilities.

 Feed

Ubuntu Security Notice 4698-1 - Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that   show more ...

Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

 Feed

Red Hat Security Advisory 2021-0189-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2021-0183-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.

 Feed

Ubuntu Security Notice 4697-1 - It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. It was discovered that Pillow   show more ...

incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. Various other issues were also addressed.

 Feed

Red Hat Security Advisory 2021-0037-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.12.

 Feed

Red Hat Security Advisory 2021-0039-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

 Feed

An ongoing malware campaign has been found exploiting recently disclosed vulnerabilities in Linux devices to co-opt the systems into an IRC botnet for launching distributed denial-of-service (DDoS) attacks and mining Monero cryptocurrency. The attacks involve a new malware variant called "FreakOut" that leverages newly patched flaws in TerraMaster, Laminas Project (formerly Zend Framework), and

 Feed

Cybersecurity researchers have uncovered multiple vulnerabilities in Dnsmasq, a popular open-source software used for caching Domain Name System (DNS) responses, thereby potentially allowing an adversary to mount DNS cache poisoning attacks and remotely execute malicious code. The seven flaws, collectively called "DNSpooq" by Israeli research firm JSOF, echoes previously disclosed weaknesses in

 Feed

Cybersecurity is hard. For a CISO that faces the cyber threat landscape with a small security team, the challenge is compounded. Compared to CISOs at large enterprises, CISOs small to medium-sized enterprises (SMEs) have smaller teams with less expertise, smaller budgets for technology and outside services, and are more involved in day-to-day protection activities. CISOs at SMEs are

 Feed

Cybersecurity researchers have unearthed a fourth new malware strain—designed to spread the malware onto other computers in victims' networks—which was deployed as part of the SolarWinds supply chain attack disclosed late last year. Dubbed "Raindrop" by Broadcom-owned Symantec, the malware joins the likes of other malicious implants such as Sunspot, Sunburst (or Solorigate), and Teardrop that

2021-01
Aggregator history
Tuesday, January 19
FRI
SAT
SUN
MON
TUE
WED
THU
JanuaryFebruaryMarch