The United States is launching three new research programs designed to protect America’s critical energy infrastructure systems. The Department of Energy released information on the projects earlier this week, which will be spearheaded by the department’s Office of Cybersecurity, Energy Security, and Emergency Response. The programs will aim to protect the US energy system from…
Breach Notification , Incident & Breach Response , Security Operations Employee and Customer Information Compromised in January Attack; ICO Investigating Mathew J. Schwartz (euroinfosec) • March 23, 2021 The Fat Face store inside the Putney Exchange shopping center in London (Photo: Edward Hands via Wikimedia Commons) British clothing and accessories retailer Fat Face…
Forensics , Fraud Management & Cybercrime , Fraud Risk Management Proofpoint Update Describes the Fraud Tactics Prajeet Nair (@prajeetspeaks) • March 23, 2021 The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources including email, according to researchers at Proofpoint. See Also: Top 50 Security Threats …
Former contractor deleted 1,200 user accounts in revenge. A disgruntled IT contractor worker was sentenced today in federal court for hacking into the server of a Carlsbad, Calif., company and deleting over 1,200 Microsoft user accounts in retaliation for a bad performance review. The unnamed company had to shutter for two days while it dealt…
A Shell logo sits on a totem sign at a Royal Dutch Shell Plc petrol filling station in Cobham, U.K., on Wednesday, Sept. 30, 2020. Royal Dutch Shell Plc will cut as many as 9,000 jobs as Covid-19 accelerates a company-wide restructuring into low-carbon energy. Photographer: Chris Ratcliffe/Bloomberg , Bloomberg (Bloomberg) — Royal Dutch Shell…
An IT contractor who carried out a retaliatory cyber-attack after being fired for underperforming has been sent to prison. Indian national Deepanshu Kher was hired by an American IT consulting firm in 2017. The firm sent Kher to the headquarters of a company in Carlsbad, California, to assist the business with its migration to a…
Another ransomware operation known as ‘Black Kingdom’ is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ransomware. Based on the logs from his honeypots, Hutchins states that the threat actor…
CopperStealer Malware Attacks Facebook and Instagram Business Accounts | IT Security News 23. March 2021 The cybersecurity researchers at Proofpoint have recently issued all the details regarding a new undocumented malware, which is dubbed as “CopperStealer.” According to the report, the threat actors are spreading this undocumented malware via fake software that continuously destroying the…
Cybercrime , Forensics , Fraud Management & Cybercrime Prodaft: APT Group Uses ‘Unprecedented Malware Detection Sandbox’ Prajeet Nair (@prajeetspeaks) • March 22, 2021 SolarWinds attack timeline (Source: Prodaft) Swiss cybersecurity firm Prodaft says it has accessed several servers used by an advanced persistent threat group tied to the SolarWinds supply chain attack. These…
States tend to have a predictable response to gun laws after mass shootings, a law professor says.
