Networking device maker SonicWall said on Friday night that it is investigating a security breach of its internal network after detecting what it described as a "coordinated attack." In a short statement posted on its knowledgebase portal, the company said that "highly sophisticated threat actors" targeted its internal systems by "exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products."
In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies.
Cyber Minds: Insights on cybersecurity across the cloud, data, artificial intelligence, blockchain, and IoT to keep you cyber safe [Rubinoff, Shira] on Amazon.com. *FREE* shipping on qualifying offers. Cyber Minds: Insights on cybersecurity across the cloud, data, artificial intelligence, blockchain, and IoT to keep you cyber safe
Apple has released iOS 14.4 with security fixes for three vulnerabilities, said to be under active attack by hackers. The technology giant said in its security update pages for iOS and iPadOS 14.4 that the three bugs affecting iPhones and iPads "may have been actively exploited."
A shipment of laptops supplied to British schoolkids by the Department for Education to help them learn under lockdown came preloaded with malware, The Register can reveal. The affected laptops, supplied to schools under the government's Get Help With Technology (GHWT) scheme, which started last year, came bundled with the Gamarue malware - an old remote access worm from the 2010s.
In addition to targeting users via social engineering, we have also observed several cases where researchers have been compromised after visiting the actors' blog. In each of these cases, the researchers have followed a link on Twitter to a write-up hosted on blog.br0vvnn[.]io, and shortly thereafter, a malicious service was installed on the researcher's system and an in-memory backdoor would begin beaconing to an actor-owned command and control server.
Members of Congress on both sides of the aisle have posed the question of whether the recent SolarWinds cyberattack was an act of war. Democratic Sen. Dick Durbin and Republican Sen. Mitt Romney shared these concerns.
Staying secure online during these turbulent times is not to be taken lightly. The bad actors are more prevalent and sophisticated and EVERYONE is a potential target. The tools and approaches they utilize make it much easier and likely for you to become compromised.
The former top cybersecurity official on Joe Biden's presidential campaign said late Monday that he is now in charge of helping protect the federal government's sprawling bureaucracy from hackers. Chris DeRusha, also a former White House cybersecurity official in the Obama administration, announced his appointment as the federal government's new chief information security officer on LinkedIn.
The pandemic-led jump in homeworking has not only resulted in more opportunities for hackers to exploit, it has also increased demand for more cyber security analysts. "People are starting to understand the role of cyber security in a business, there is much more interest," says Clar Rosso, chief executive of (ISC)², a non-profit group specialising in cyber security training.
There will be no "reset" of the American relationship with Moscow, administration officials say. But in an era of constant confrontation in cyberspace, the president seeks to avoid a nuclear arms race.
Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action. Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET.
Every time someone picks up a mouse, they make a choice to either strengthen or lessen our security posture. The security team can impact these choices through culture. For a long time, however, it was difficult to know what had to be present to create and manage security culture.
President Biden's decision to begin his term with an order to investigate Russian hacking and election interference is a dramatic elevation of cybersecurity issues in U.S. national security policy. As Biden seeks to extend a treaty limiting the world's largest nuclear arsenals - with just days before it expires - he is also preparing to punish Russia for its behavior in cyberspace.