The White House Is Deciding Whether to Support a Bureau of Cyber Statistics

FBI shares with HIBP 4 million email addresses involved in Emotet attacks | IT Security News 27. April 2021 The FBI has shared with Have I Been Pwned service 4 million email addresses collected by Emotet botnet and employed in malware campaigns. Last week, European law enforcement has conducted an operation aimed at performing a…

Today, the UK government has announced a call for advice on defending against software supply-chain attacks and ways to strengthen IT Managed Service Providers (MSPs) across the country. The move comes after last week when President Biden had issued an executive order to increase cybersecurity defenses across the U.S. The government’s invitation to provide feedback that will be open for…

Breach Notification , Cybercrime , Cybercrime as-a-service University of Hertfordshire Is Among the Latest Victims Akshaya Asokan (asokan_akshaya) • April 17, 2021     The University of Hertfordshire has sustained a cyber incident that severely affected students’ online classes and an assignment submission portal. The university, however, notes the incident did not lead to data…

Fraud Management & Cybercrime , Fraud Risk Management , Incident & Breach Response Faster Detection Is Good News, But More Speed Still Needed, Mandiant Reports Mathew J. Schwartz (euroinfosec) • May 3, 2021     Source: FireEye Mandiant “Dwell time,” which refers to how long hackers hang out in an organization’s network before being discovered,…

3rd Party Risk Management , Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks But Attempts to Manipulate Votes, Change Outcome Were Unsuccessful Scott Ferguson (Ferguson_Writes) • March 16, 2021     A pair of U.S. intelligence agency reports released Tuesday conclude that Russia and Iran tried to interfere in the 2020 presidential election, but attempts…

A group of threat actors maintains an active attack targeting GitHub Actions systems with the intention of extracting cryptocurrency in a hacking variant known as cryptojacking. As you may remember, GitHub Actions is a CI/CD solution that makes it easier to automate particular resource flows, as well as allow for periodic task configuration. Apparently, this…