WSJ News Exclusive | Iranian Hackers Broke Into Newspaper Publisher Lee Enterprises Ahead of 2020 Election

WASHINGTON-Iranian hackers last year infiltrated the computer systems of Lee Enterprises Inc., a major American media company that publishes dozens of daily newspapers across the U.S., as part of a broader effort to spread disinformation about the 2020 presidential election, according to people familiar with the matter.


Amazon's Dark Secret: It Has Failed to Protect Your Data

On September 26, 2018, a row of tech executives filed into a marble- and wood-paneled hearing room and sat down behind a row of tabletop microphones and tiny water bottles. They had all been called to testify before the US Senate Commerce Committee on a dry subject-the safekeeping and privacy of customer data-that had recently been making large numbers of people mad as hell.


Insurers run from ransomware cover as losses mount

LONDON, Nov 19 (Reuters) - Insurers have halved the amount of cyber cover they provide to customers after the pandemic and home-working drove a surge in ransomware attacks that left them smarting from hefty payouts. Faced with increased demand, major European and U.S.


Computer-Security Incident Notification Final Rule

The Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System (Board), and the Office of the Comptroller of the Currency (OCC) (collectively, the agencies) have issued a joint final rule to establish computer-security incident notification requirements for banking organizations and their bank service providers.


Enduring Security Framework Releases Part II of Security Guidance for 5G Cloud Infrastruct

FORT MEADE, Md. - As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published guidance today to mitigate cyber threats within 5G cloud infrastructure. Securely Isolate Network Resources examines threats to 5G container-centric or hybrid container/virtual network, also known as Pods.

National Security Agency/Central Security Service

The UK's NCSC warns over 4,000 online stores that their customers' information is being compromised by attacks exploiting unpatched Magecart software

Sergiu Gatlan / BleepingComputer: The UK's NCSC warns over 4,000 online stores that their customers' information is being compromised by attacks exploiting unpatched Magecart software


Shop Safely | CISA

The holiday season is a prime time for hackers, scammers, and online thieves. While millions of Americans will be online looking for the best gifts and Cyber Monday deals, hackers will be looking to take advantage of unsuspecting shoppers by searching for weaknesses in their devices or internet connections or attempting to extract personal and financial information through fake websites or charities.


Android APT spyware, targeting Middle East victims, enhances evasiveness

Newly-discovered variants of an Android spyware that previously was attributed to an advanced persistent threat actor group called C-23 (also known as GnatSpy, FrozenCell, or VAMP) have incorporated new features into their malicious apps that make them more resilient to actions by users, who might try to remove them manually, and to security and web hosting companies that attempt to block access to, or shut down, their command-and-control server domains.

Sophos News

An in-depth look at hacking back, active defense, and cyber letters of marque - MalwareTech

There has been much discussion in cyber security about the possibility of enabling the private sector to engage in active cyber defense, or colloquially "hacking back". Several house bills have been introduced to study or enable this, such as the "Study on Cyber-Attack Response Options Act" and "Active Cyber Defense ...


NSA's Cybersecurity Collaboration Center marks a shift in spy agency's public profile

In a government that has no shortage of public-private partnerships, information sharing vehicles and nerve centers with industry, the NSA's Cybersecurity Collaboration Center is trying to stick out by offering its unique technical and intelligence capabilities to companies under siege from foreign hackers and ransomware gangs.

SC Media