The Biden administration last week expanded a Trump-era list of Chinese companies that Americans can’t invest in because of purported links to the Chinese military and surveillance. Companies on the list include telecom equipment maker Huawei and Chinese oil company China National Offshore Oil Corp. On Tuesday, the Senate passed a bill that aims to…
Loading Once officials identified the address, or “wallet”, that DarkSide had used to collect the payment, it sought permission from a judge in the Northern District of California to seize the funds from the wallet, the New York Times reported. The filing said the “cryptocurrency address” was located in the Northern District of California. The…
Application Security , Governance & Risk Management , Next-Generation Technologies & Secure Development None Are Rated Critical, But Analysts Say Patching Each Is Important Doug Olenick (DougOlenick) • June 9, 2021 Microsoft’s June Patch Tuesday contained patches for six zero-day vulnerabilities being exploited in the wild, including two flaws detected by Kaspersky that…
Summary: A potential security vulnerability in the Intel® Server Platform Services (SPS) may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-0051 Description: Improper input validation in the Intel(R) SPS versions before SPS_E5_04.
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Company’s IT Team Was Unaware the VPN Exploited to Gain Entry Existed Doug Olenick (DougOlenick) • June 8, 2021 Colonial Pipeline Co. CEO Joseph Blount testifying on Tuesday before the Senate Homeland Security and Governmental Affairs Committee Colonial Pipeline Co. CEO Joseph Blount defended his…
A reverse engineer has discovered what is claimed to be “the first known malware targeting Windows containers to compromise cloud environments,” a sentence to put any system administrator on edge. Building on work published in December of last year on reverse-engineering Windows containers, security researcher Daniel Prizmant’s latest discovery – made during his day job…
Application Security , Critical Infrastructure Security , Cybercrime Security Agency Will Use Bugcrowd, EnDyna for Platform Scott Ferguson (Ferguson_Writes) • June 8, 2021 The U.S. Cybersecurity and Infrastructure Security Agency is preparing to expand its vulnerability research and disclosure program, which is now mandatory for nearly all executive branch agencies within the federal…
The way coronavirus vaccines are being distributed to lower-income countries will be the key issue at the upcoming G7 summit, a former UK ambassador to the US has said. Sir Nigel Sheinwald told BBC World News a clear statement of intent “in terms of money on the table” was needed from G7 countries to kickstart…
Cybercrime , Fraud Management & Cybercrime , Network Detection & Response ExtraHop’s Executive Suite Will Retain Its Roles Doug Olenick (DougOlenick) • June 9, 2021 ExtraHop announced Tuesday it has entered into a definitive agreement to be acquired by the private equity firms Bain Capital Private Equity and Crosspoint Capital Partners for $900…
United States trucks and military vehicles maker Navistar International Corporation has confirmed a cyberattack that resulted in some data being stolen. On Monday, in a Form 8-K filing with the Securities and Exchange Commission (SEC), Navistar said it learned of a credible potential cybersecurity threat to its information technology system on May 20, 2021. Navistar…
