President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical that the newfound funding focus on cybersecurity will be enough to
Data Breach
FIN11 e-crime group shifted to clop ransomware and big game hunting
The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise. “Several of their recent ransom notes explicitly name data stolen from workstations
With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?
Insured losses from the SolarWinds breach will likely come in around $90 million, according to estimates from a pair of security companies, who claim insurers may have dodged “a catastrophic financial incident.” While newly minted partners BitSight and Kovrr expect the number of SolarWinds victims to grow in the upcoming months,
Perils of coding errors play out in Parler slip up
A coding slip up made by social media site Parler offers practical lessons to the broader security community about the reputation fallout and even legal and competitive ramifications that can come with a failure in security protocols. This week, users of Parler learned researcher had archived nearly all the posts
‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform
Pictured: a building at Microsoft Corporation headquarters in Redmond, Washington. (Coolcaesar/CC BY-SA 4.0via Wikimedia Commons) Microsoft Teams is prone to the same phishing hazards, impersonation scams and privacy violations as email is, yet many users naïvely treat this and other workplace communications platforms with inherent trust. As a result, they often
Malware variant becomes world’s most popular, thanks to ransomware surge
Ransomware actors are laundering hundreds of millions of dollars through pseudo-legitimate cryptocurrency exchanges, while early-stage malware that is often used to facilitate their attacks have become the most popular forms of malware in the world. According to new analysis from Check Point, Emotet was the most popular malware variant in December,
Legal recourse? Nissan balances competitive and security fallout from source code leak
News that source code of Nissan North America tools leaked online because of a misconfigured Git server spurs questions not only about potential cyberattacks by bad actors, but also whether competitors could use the sensitive data against the automobile giant. Nissan offerings associated with the leaked source code ran the gamut
Linux machines again targeted by hackers with new memory loader
Linux-based machines are no longer considered a major deterrent for cybercriminal groups, who are embracing the operating system as a target.(Solo se puede ser libre Cuándo no se tiene nada que perder/phylevn/CC BY 2.0) Linux-based machines are no longer considered a major deterrent for cybercriminal groups, who are embracing the operating
‘Ghosts of legislations past’: Policy predictions for 2021
If 2020 brought deadlines tied to various privacy and data protection policies, then 2021 means compliance – with less leniency for companies that fall short of regulations. And with a new administration, all eyes are on potential shifts or enhancements to legislation and standards. As part of our year in review,
Survey says, women in cyber make 31 percent less than men
In this photo illustration, a virtual map of the internet is projected onto a woman. A 2020 survey of infosec professionals found that U.S.-based male respondents take home 31 percent more than women peers per year. (Leon Neal/Getty Images) A 2020 survey of infosec professionals found that U.S.-based male