Cybercrime , Endpoint Security , Fraud Management & Cybercrime Manufacturing and IT Systems Disrupted Doug Olenick (DougOlenick) • March 23, 2021 Message displayed on Sierra Wireless website (Update: On Friday, Sierra Wireless said it had partially recovered from a ransomware attack that took place earlier this week, enabling it to restart its production…
The hackers were using malware campaigns to target iOS and Android devices used by Uyghurs living outside China including journalists. Facebook has removed accounts of hackers possibly backed by the Chinese government for targeting Uyghur community members living abroad. According to Facebook’s Head of Cyber Espionage Investigations, Mike Dvilyanski, and Head of Security Policy, Nathaniel…
By Jack M. Germain Mar 26, 2021 7:51 AM PT Cloud cybersecurity — or a lack of it — is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud…
Breach Notification , Incident & Breach Response , Security Operations So Are We Supposed to Keep This Data Breach Notification Just Between Us Friends? Mathew J. Schwartz (euroinfosec) • March 26, 2021 (See update on Fat Face paying a $2 million ransom.) See Also: Live Webinar | Mitigating the Risks Associated with Remote…
Enterprise Vulnerabilities From DHS/US-CERT’s National Vulnerability Database CVE-2020-19625PUBLISHED: 2021-03-26 Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter. CVE-2020-19626PUBLISHED: 2021-03-26 Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new….
Free and and fair trade is in the European Union’s DNA, but the EU will have to take measures if AstraZeneca does not deliver the agreed quantities of Covid-19 vaccinations, an Austrian MEP says. Export controls or even export bans should be considered if that does not work, Angelika Winzig told BBC World News. The…
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
3rd Party Risk Management , Endpoint Security , Governance & Risk Management Editors Address Exchange Hacks, Insider Threats and More Anna Delaney (annamadeline) • March 26, 2021 Clockwise, from top left: Nick Holland, Anna Delaney, Mathew Schwartz and Tom Field Four editors at Information Security Media Group discuss the…
Prince Albert II of Monaco – one of the world’s richest royals – has weighed in on the controversial interview that Prince Harry and Meghan Markle gave to Oprah Winfrey. The Duke and Duchess of Sussex had opened up to the US interviewer about a range of personal topics, including racism and mental health. But…
Cybercrime , Fraud Management & Cybercrime , Malware as-a-Service Accenture Describes Highly Targeted Campaign Akshaya Asokan (asokan_akshaya) • March 25, 2021 A Hades ransom note (Source: Accenture) A previously unknown threat group is deploying Hades ransomware as part of an ongoing campaign that has already targeted three U.S. companies, Accenture’s cyberthreat intelligence group…
