#LORCALive: Nation State Cooperation Essential to Fighting Scourge of Cybercrime

#LORCALive: Nation State Cooperation Essential to Fighting Scourge of Cybercrime

#LORCALive: Nation State Cooperation Essential to Fighting Scourge of Cybercrime | IT Security News Sponsors Endpoint Cybersecurity www.endpoint-cybersecurity.com – Consulting in building your security products– Employee awareness training– Security tests for applications and pentesting… and more. Daily Summary Categories CategoriesSelect Category(ISC)2 Blog  (323)(ISC)2 Blog infosec  (13)(ISC)² Blog  (333)2020-12-08 – Files for an ISC diary (recent Qakbot activity)  (1)2020-12-11 –…

NIST issues draft election security framework — Defense Systems

NIST issues draft election security framework — Defense Systems

Cyber NIST issues draft election security framework By Justin Katz Mar 31, 2021 To help local election officials prepare for and respond to cyber threats, the National Institute of Standards and Technology has published a draft framework that takes NIST’s pre-existing cybersecurity best practices and applies them to the voting equipment and information systems…

PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code – KK Hack Labs

PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code – KK Hack Labs

In yet another instance of a software supply chain attack, someone hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code.The two malicious commits were pushed to the self-hosted “php-src” repository hosted on the git.php.net server, illicitly using the names of Rasmus…

As SolarWinds Announces More Patches, Analysts Offer Advice

As SolarWinds Announces More Patches, Analysts Offer Advice

Application Security , Governance & Risk Management , IT Risk Management Experts Note Patching Alone Will Not Mitigate Threats Akshaya Asokan (asokan_akshaya) • March 31, 2021     Although SolarWinds has released a second round of patches for flaws in its Orion network monitoring platform that was targeted in a supply chain attack, some security…

NIST Drafts Elections Security Guidance

NIST Drafts Elections Security Guidance

Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime Agency Describes How to Apply Its Cybersecurity Framework Scott Ferguson (Ferguson_Writes) • March 30, 2021     The National Institute of Standards and Technology has drafted guidelines for how to use its cybersecurity framework to address cyberthreats and other security issues that can…

Fintech Platform MobiKwik Denies 8.2 TB Data Breach

Fintech Platform MobiKwik Denies 8.2 TB Data Breach

Indian payment services provider MobiKwik continues to deny reports of a massive security breach impacting millions of customers, despite multiple independent cybersecurity researchers claiming otherwise. Earlier this month, the company took to Twitter to accuse “a media-crazed so-called security researcher” of falsely reporting it had been subject to a security breach. MobiKwik claimed at the…

Hackers are implanting multiple backdoors at industrial targets in Japan – KK Hack Labs

Hackers are implanting multiple backdoors at industrial targets in Japan – KK Hack Labs

Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan.Dubbed “A41APT” by Kaspersky researchers, the findings delve into a new slew of attacks undertaken by APT10 (aka Stone Panda or Cicada) using previously undocumented malware to deliver

Microsoft Exchange attacks increase while WannaCry gets a restart

Microsoft Exchange attacks increase while WannaCry gets a restart

The recently patched vulnerabilities in Microsoft Exchange have sparked new interest among cybercriminals, who increased the volume of attacks focusing on this particular vector. While ransomware attacks have increased in frequency in the past six months, cybersecurity company Check Point last week noticed a surge in incidents targeting Microsoft Exchange servers vulnerable to the so-called…