How Data Brokers Sell Access to the Backbone of the Internet

Image: Cathryn Virginia/Motherboard Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. Do you work at a company that handles netflow data? Do you work at an ISP distributing that data? Or do you know anything else about the trade of netflow data?


Researcher's First Hack Was to Make Minesweeper Incredibly Easy to Beat

Unlike some other hackers and security researchers, Ophir Harpaz did not get into hacking by breaking into her school's network when she was a teenager. Harpaz, who is now a security researcher at cybersecurity firm Guardicore, was already working in tech and had a degree in computer science when she got curious about hacking.


Cybersecurity jobs: This is what we're getting wrong when hiring - and here's how to fix it | ZDNet

Cybersecurity expertise is in high demand. Faced with threats like phishing, ransomware and data breaches, businesses need information security staff on their teams to help protect their networks from attacks. While the intention to build and improve cybersecurity teams is there, recent research demonstrates how businesses often make mistakes when hiring, leading to difficulties recruiting and retaining IT security staff.


T-Mobile: Breach Exposed SSN/DOB of 40M+ People

T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver's license/ID information of more than 40 million current, former or prospective customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer records went up for sale in the cybercrime underground.


Automating security assessments using Cloud Katana | Microsoft Security Blog

Today, we are open-sourcing Cloud Katana, a cloud-native tool under development, to automate simulation steps on-demand in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built on the top of Azure Functions that expedites the research process and validation of security controls.

Microsoft Security Blog

Hacking History

So far, over three **million** pages of FBI records identified, funds have been raised for 124,250. Over 6,700 have been released so far - with much, **much** more pending.


RansomClave project uses Intel SGX enclaves for ransomware attacks

Academics have developed a proof-of-concept ransomware strain that uses highly secure Intel SGX enclaves to hide and keep encryption keys safe from the prying eyes of security tools. Named RansomClave, the project was developed by Alpesh Bhudia, Daniel O'Keeffe, Daniele Sgandurra, and Darren Hurley-Smith, all four from the University of London.

The Record by Recorded Future

OK, so you stole $600m-plus from us, how about you be our Chief Security Advisor, Poly Network asks thief

The mysterious thief who stole $600m-plus in cryptocurrencies from Poly Network has been offered the role of Chief Security Advisor at the Chinese blockchain biz. It's been a rollercoaster ride lately for Poly Network. The outfit builds software that handles the exchange of crypto-currencies and other assests between various blockchains.


The 5×5-If it blinks, it sinks: Adventures in securing operational technology

Thu, Jul 22, 2021 The 5×5 by Will Loomis, Simon Handler Related Experts: Andy Bochman, Operational technology (OT) cybersecurity encompasses the software, hardware, policies, personnel, and services deployed to protect physical systems. These systems comprise the backbone of national critical infrastructure and represent tangible links between society and its digital tools and data.

Atlantic Council

Office 365 Remains a Target for Cyber-criminals

Since launching a decade ago, Microsoft Office 365 has become ingrained in the lives of millions of working individuals, with n early 200,000 businesses using Office 365 in the UK alone. Without question, the UK workforce logs on in the morning and starts up any number of Microsoft systems, including emails, Excel spreadsheets and Word documents.

Infosecurity Magazine