Dragos Announces Record-Setting $110M Investment in Industrial Cybersecurity with Series C Funding

HANOVER, Md.--()-- Dragos, Inc., the global leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments, today announced that it has secured $110 million in Series C funding from investors representing some of the world's largest corporations. The round represents the most substantial investment-to-date for a company in the ICS/OT cybersecurity sector.


FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State

The Silicon Valley company said hackers - almost certainly Russian - made off with tools that could be used to mount new attacks around the world. WASHINGTON - For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be.


Congress prepares to move on NDAA, which is loaded with cyber provisions

Congress this week is slated to pass what just might be the most significant cybersecurity legislation ever. This year's annual defense policy bill, known as the National Defense Authorization Act (NDAA), is loaded with provisions that would reshape the federal bureaucracy on cybersecurity.


Foxconn electronics giant hit by ransomware, $34 million ransom

Foxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices. Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin.


Apple and Google Push Location Tracker X-Mode Out of App Stores

Do you work at X-Mode? Did you used to? Do you know anything else about the sale of location data? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de , or email joseph.cox@vice.com .


‎Naked Security: S3 Ep8: A conversation with Katie Moussouris on Apple Podcasts

‎How do you go from pentester to creator of Microsoft's bug bounty program? Find out from hacker and vulnerability disclosure pioneer, Katie Moussouris. Join us for a fascinating interview with Katie about her journey, the bugs in bug bounty programs, and the people who inspired her along the way. W...

Apple Podcasts


TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs).


InfoSec for Philabundance, organized by Austin DeArman

Help raise money for Philabundance - the Philadelphia area's largest food bank - hit by a cyber attack this year. I'll match first $500 in donations. This week, I saw a story that Philabundance - the Philadelphia area's largest food bank - was hit by a cyberattack earlier this year to the tune of almost $1,000,000 (Story here - https://www.inquirer.com/business/philabundance-cybertheft-nearly-1-million-20201201.html).


Analysis | The Cybersecurity 202: The Biden administration will probably get a White House cyber czar

The incoming Biden administration will likely include a White House cybersecurity director who will coordinate government efforts to secure the nation against hacking. Congress wants to make sure of it. The position, which is mandated in the final draft of a $1 trillion must-pass bipartisan defense policy bill, would mark a major reversal from the Trump administration, which eliminated a similar but less powerful cyber coordinator post in 2018.

Washington Post

Microsoft introduces steps to improve internet routing security

The internet runs on the Border Gateway Protocol (BGP). A network or autonomous system (AS) is bound to trust, accept, and propagate the routes advertised by its peers without questioning its provenance. That is the strength of BGP and allows the internet to update quickly and heal failures.


Protecting Security Researchers

At Dropbox, we encourage, support, and celebrate independent open security research. One way we do this is via our bug bounty program. We recently tripled our rewards to industry leading values. We also celebrated some of the amazing hacker community results with top-up bonuses, where we retroactively issued additional rewards for particularly unusual, clever, or high-impact findings.


NSA warns of Russian government-backed hackers aiming at US defense sector targets

Written by Shannon Vavra Dec 7, 2020 | CYBERSCOOP The National Security Agency issued an alert Monday warning U.S. defense contractors to be on alert for Russian state-sponsored hackers exploiting a recently announced vulnerability.


Norway says Russian hacking group APT28 is behind August 2020 Parliament hack | ZDNet

APT28, one of Russia's military hacking units, was most likely responsible for hacking the email accounts of the Norwegian Parliament, the Norwegian police secret service (PST) said today. Cyberwar and the Future of Cybersecurity Today's security threats have expanded in scope and seriousness.