Security and Windows TCO
-
Silicon Angle ☛ Human error cited as key cause of data breach at Japanese electronics company Casio
Japanese electronic company Casio Computer Co. Ltd. has suffered a data breach, and the company warned that data from customers in Japan and internationally has been stolen.
-
Hong Kong Free Press ☛ Hong Kong tech firm Sphero suffers massive, alleged data theft – details of a million students, educators leaked
Sphero – a Hong Kong manufacturer of programmable robots and educational tools – has suffered an apparent security breach exposing the personal data of a million educators and students. On Monday, antivirus review website SafetyDetectives reported that sensitive data, appearing to belong to Sphero users, had been stolen and published online.
-
Security Week ☛ US Government Releases Anti-Phishing Guidance
CISA, NSA, FBI, and MS-ISAC have released guidance and prevention recommendations on common phishing techniques.
-
Security Week ☛ Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000
The number of Cisco devices hacked via the CVE-2023-20198 zero-day has reached 40,000, including many in the US.
-
Windows TCO
-
Security Week ☛ North Korean Hackers Exploiting Recent TeamCity Vulnerability [Ed: Microsoft is not the authority in security, Microsoft is the worst culprit, which moreover puts back doors in everything, causing ruinous and expensive breaches (then Microsoft gets paid more to sort out its own mess)]
Multiple North Korean hacking groups have exploited a recent TeamCity vulnerability and Microsoft warns of potential supply chain attacks.
-
Data Breaches ☛ Another small firm suffers a serious ransomware attack: Cadre Services gets mauled by AlphV
The firm’s negotiator, who would later identify himself as the IT manager, “Jason,” continued to insist that the company could not afford $300,000 and said the bosses were offering $25,000.00. The affiliate responded by pointing out that they could access the bank account and see that there was $190,000.00 in it.
-
Security Week ☛ Operations of Healthcare Solutions Giant Henry Schein Disrupted by Cyberattack
Healthcare solutions giant Henry Schein has disclosed a cybersecurity incident that disrupted operations and possibly led to a data breach.
-
-
Integrity/Availability/Authenticity
-
DomainTools ☛ Less Phishing, More Cat Pictures
Phishing—a scourge of the modern Internet. We endure it so that we have all of the other benefits of being online, such as connecting with family and friends, accelerating business, and, of course, viewing cute cat pictures.
Being forewarned is being forearmed. In this post for CISA’s Cybersecurity Awareness Month, we will review what phishing is as well as the underlying issue of social engineering, complete with additional examples throughout history. We will conclude with ways you and your organization can stay safe out there.
-
Silicon Angle ☛ KeePass users targeted: Attackers leverage Google Ads for deceptive campaign
A new report from cybersecurity software firm Malwarebytes Inc. today details a “malvertising” attack that exploits Google LLC ads to trick users into visiting a fake site for the open-source password management KeePass. -
Bruce Schneier ☛ Former Uber CISO Appealing His Conviction
Joe Sullivan, Uber’s CEO during their 2016 data breach, is appealing his conviction.
Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company’s data security and privacy practices. The government argued that Sullivan should have informed the FTC of the 2016 incident, but instead went out of his way to conceal it from them.
Prosecutors also accused Sullivan of attempting to conceal the breach itself by paying $100,000 to buy the silence of the two hackers behind the compromise. Sullivan had characterized the payment as a bug bounty similar to ones that other companies routinely make to researchers who report vulnerabilities and other security issues to them. [...]
-