CVE-2021-1522
CVE-2021-1522
Новые DNS-бреши открывают дверь для кибершпионажа на уровне стран
Исследователи из антивирусной компании ESET рассказали о набирающем обороты виде онлайн-мошенничества с сим-картами. С помощью новой схемы злоумышленники могут получить доступ к телефонному номеру жертвы и перевести его деньги из банковских приложений. «Фишка» нового подхода в комбинации уже известных ранее мошеннических уловок, и, как предупредили в ESET, такой обман на практике очень сложно доказать. Всё…
Hackers Target Critical Infrastructure in Southeast Asia
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Symantec: China-Linked Actors Investigate SCADA Systems Akshaya Asokan (asokan_akshaya) • August 7, 2021 An unidentified hacking group with suspected China ties is targeting critical infrastructure in South East Asia as part of a cyberespionage campaign to exfiltrate information about the victim’s SCADA systems. says a…
Is Darknet Forum Ransomware Chatter Ban Having an Impact?
Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Report: XSS and Exploit Forum Members Using Workarounds to Violate the Ban Doug Olenick (DougOlenick) • August 6, 2021 A forum user receives a warning for attempting to trade ransomware. (Source: Digital Shadows) The decision by the Russian-speaking darknet forums XSS and Exploit…
Hackers Target Critical Infrastructure in Southeast Asia
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Symantec: China-Linked Actors Investigate SCADA Systems Akshaya Asokan (asokan_akshaya) • August 7, 2021 An unidentified hacking group with suspected China ties is targeting critical infrastructure in South East Asia as part of a cyberespionage campaign to exfiltrate information about the victim’s SCADA systems. says a…
The State Department and 3 Other US Agencies Earn a D For Cybersecurity
An anonymous reader quotes a report from Ars Technica: Cybersecurity at eight federal agencies is so poor that four of them earned grades of D, three got Cs, and only one received a B in a report issued Tuesday by a US Senate Committee. “It is clear that the data entrusted to these eight key…
CISA’s launches joint cyber defense effort — GCN
CISA’s launches joint cyber defense effort By Chris Riotta Aug 06, 2021 The Joint Cyber Defense Collaborative, a new initiative launched Aug. 5 by the Cybersecurity and Infrastructure Security Agency, aims to help the U.S. defend against cyber threats to critical infrastructure. The JCDC plans to unify cyber defense by leading the development…
Is Darknet Forum Ransomware Chatter Ban Having an Impact?
Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Report: XSS and Exploit Forum Members Using Workarounds to Violate the Ban Doug Olenick (DougOlenick) • August 6, 2021 A forum user receives a warning for attempting to trade ransomware. (Source: Digital Shadows) The decision by the Russian-speaking darknet forums XSS and Exploit…
ISMG Editors’ Panel: Government Cybersecurity Challenges
Business Continuity Management / Disaster Recovery , COVID-19 , Governance & Risk Management Also: Dealing With COVID-19 Business Recovery; Zynga Case Goes to Arbitration Anna Delaney (annamadeline) • August 6, 2021 Clockwise, from top left: Tom Field, Anna Delaney, Tony Morbin and Mathew Schwartz In the latest weekly update,…
Risk in OT and IIoT
Critical Infrastructure Security , Endpoint Security , Governance & Risk Management CEO and CISO Panel Discusses Critical Infrastructure Protection Tom Field (SecurityEditor) • August 6, 2021 OT, IoT, IIoT – each has critical distinctions, and each is increasingly vital to protecting the world’s critical infrastructure from crippling cyberattacks. In a…