Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Most mobile app users tend to blindly trust that the apps they download from app stores are safe and secure. But that isn’t always the case. To demonstrate the pitfalls and identify vulnerabilities on a large scale, cybersecurity and machine intelligence company CloudSEK recently provided a platform called BeVigil where individuals can search and check…

NSA Offers OT Security Guidance in Wake of SolarWinds Attack

NSA Offers OT Security Guidance in Wake of SolarWinds Attack

Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems Akshaya Asokan (asokan_akshaya) • May 1, 2021     The U.S. National Security Agency is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. See Also:…

Researchers Uncover Iranian State-Sponsored Ransomware Operation

Researchers Uncover Iranian State-Sponsored Ransomware Operation

Researchers Uncover Iranian State-Sponsored Ransomware Operation | IT Security News 3. May 2021 Iran has been linked to yet another state-sponsored ransomware operation through a contracting company based in the country, according to new analysis.“Iran’s Islamic Revolutionary Guard Corps (IRGC) was operating a state-sponsored ransomware campaign through an Iranian contracting company called ‘Emen Net Pasargard’…

Peter Dutton takes aim at China; says Australians are with Morrison government

Peter Dutton takes aim at China; says Australians are with Morrison government

“I think part of the public is frankly ahead of where the public debate is because there’s just so much information available online. People see the reported comments of the ambassador and the vice ambassador here, as well as the spokesman out of Beijing.” He said he wanted to have a “more frank discussion with…

5 Agencies Using Pulse Secure VPNs Possibly Breached

5 Agencies Using Pulse Secure VPNs Possibly Breached

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Suspicious Activity Detected; Investigation Continues Scott Ferguson (Ferguson_Writes) • April 30, 2021     The Cybersecurity and Infrastructure Security Agency is investigating whether five government agencies may have been breached when attackers exploited vulnerabilities in Pulse Connect Secure VPN products, according to…

Tesla cars can be remotely hacked using drone, WIFI dongle

Tesla cars can be remotely hacked using drone, WIFI dongle

Tesla cars can be remotely hacked using drone, WIFI dongle | IT Security News Sponsors Endpoint Cybersecurity www.endpoint-cybersecurity.com – Consulting in building your security products– Employee awareness training– Security tests for applications and pentesting… and more. Daily Summary Categories CategoriesSelect Category(ISC)2 Blog  (323)(ISC)2 Blog infosec  (13)(ISC)² Blog  (348)2020-12-08 – Files for an ISC diary (recent Qakbot activity)  (1)2020-12-11 –…

NSA releases Cybersecurity Advisory on Ensuring Security of Operational Technology > Sixteenth Air Force (Air Forces Cyber) > News

NSA releases Cybersecurity Advisory on Ensuring Security of Operational Technology > Sixteenth Air Force (Air Forces Cyber) > News

/ Published April 29, 2021 FORT MEADE, Md. — The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology” today, for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) operational technology (OT) owners and operators. The CSA details how to…

U.S. probes VPN hack within federal agencies – Security

U.S. probes VPN hack within federal agencies – Security

For at least the third time since the beginning of this year, the U.S. government is investigating a hack against federal agencies that began during the Trump administration but was only recently discovered, according to senior U.S. officials and private sector cyber defenders. It is the latest so-called supply chain cyberattack, highlighting how sophisticated, often…

OT Security Guidance in Wake of SolarWinds Attack

OT Security Guidance in Wake of SolarWinds Attack

Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems Akshaya Asokan (asokan_akshaya) • May 1, 2021     The U.S. National Security Agency is offering operational technology security guidance for the Defense Department as well as third-party military contractors and firms in the wake of the attack that targeted SolarWinds in 2020….