Written by Tim Starks Jun 29, 2021 | CYBERSCOOP A ransomware group that targets billion-dollar companies — but that has stubbornly defied attribution consensus among cybersecurity researchers — has claimed at least seven victims since its discovery late last year. What’s more, it has taken additional steps in an apparent bid to baffle investigators who…
Application Security , Governance & Risk Management , Identity & Access Management Agency Warns of Impact on National Security Dan Gunderman (dangun127) • July 2, 2021 Failure to take very basic security steps – such as avoiding using end-of-life software and default passwords – can create serious national security risks, the Cybersecurity and…
Softpedia News / Security 1. July 2021 This article has been indexed from Softpedia News / Security Cybercriminals commonly employed this double-encryption service when attempting to evade identification while engaged in destructive actions. Law enforcement has successfully gained access to DoubleVPN’s servers and customer logs, according to Cybersecurity News. Dual-encryption data transfer is one of…
A hot potato: It’s not the first time IT admins and users have been alerted to a flaw in the Windows Print Spooler service. The latest 0-day vulnerability in this Windows component was apparently meant to be detailed in the upcoming annual Black Hat security conference, however, security researchers accidentally posted a proof-of-concept prematurely, and…
Cyber Hassan, Cornyn float bill to create new federal cybersecurity training programs By Natalie Alms Jun 29, 2021 Sens. Maggie Hassan (D-N.H.) and John Cornyn (R-Texas) introduced a bill on Thursday that would create two new cybersecurity training programs aimed at increasing the federal government’s cyber workforce. The bill, called the Federal Cybersecurity…
Researchers from a Hong Kong based security vendor accidentally published a proof-of-concept for a new and unpatched vulnerability affecting the Print Spooler service on all current versions of Windows, sparking concerns that ransomware criminals could add the bug to their arsenals. The exploit allows for both local privilege escalation and remote code execution and was…
When Microsoft debuted Windows 11 at the end of last week, the company heralded the usual advancements in efficiency and design that come with any new operating system. But Windows 11 also comes with a less welcome tick: stricter-than-usual hardware requirements for which PCs can actually run it. Because of what Microsoft has described as…
Executive Summary Informations Name CVE-2021-22380 First vendor Publication 2021-06-30 Vendor Cve Last vendor Modification 2021-06-30 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Sen. Maggie Hassan Sen. Maggie Hassan, D-N.H., and John Cornyn, R-Texas, have presented a bill that aims to fortify the federal government’s workforce of cyber professionals. The Federal Cybersecurity Workforce Expansion Act would establish two cyber training programs: one with the Cybersecurity and Infrastructure Security Agency (CISA) and the other with the Department of Veterans…
American and British intelligence agencies said Thursday that Russian military intelligence conducted at least a year-and-a-half-long “brute force” cyber campaign targeting the cloud and network services of U.S. and global organizations. The cyber campaign went after government and military organizations, political parties and consultants, think tanks, law firms, media companies, educational institutions, defense contractors, logistics…
