A controversial proposal put forth by the European Union (EU) to scan users' private messages for detection of child sexual abuse material (CSAM) poses severe risks to end-to-end encryption (E2EE), warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused messaging service of the same name. "Mandating mass scanning of private communications fundamentally undermines encryption. Full Stop," Whittaker said in a statement on 17 June 2024. "Whether this happ
All Articles (2240)
Sort by
The notorious Russia-based ransomware gang Lockbit 3.0 has claimed responsibility for a cyber-attack on the US Federal Reserve. The attack, which was announced on 23 June via a post on a site associated with the ransomware gang, allegedly saw the gang infiltrate the systems of the US Federal Reserve and exfiltrate 33 TB of sensitive banking information.
In the post, which was entitled 'federalreserve.gov', the gang explained how the Federal Reserve is structured, and its role in distributing mo
Back in the 1960’s, there were a string of western movies called Spaghetti Westerns, because they were made in Italy by local directors and producers. In 1966, a famous movie called The Good, the Bad and the Ugly was shown across the US and it became a cult classic, starring a then unknown actor: Clint Eastwood. Below Sentinel Labs exposed modern day hacking robbers, hopefully on their way to US federal prison for a long time.
The Good - Dark Marketplace Operators Face Life Sentences for $
Non-human Identity (NHI) lifecycle firm Entro Security (https://entro.security) has raised $18 million in a Series A funding round led by Dell Technologies Capital and including angel investors. The funds will be used to scale the firm’s global operations, including increasing its headcount from 35 to around 80 by the end of 2024.
Entro’s platform is designed to bring order to the increasingly chaotic management of non-human identities. Identity management has always been problematic, but the g
The LockBit ransomware group has claimed a significant increase in attack volume in May 2024, which would once again make it the most active ransomware gang, a new report from NCC Group shows. The LockBit ransomware operation was disrupted in February when law enforcement agencies in North America, Europe, and Asia seized 34 servers, took over the gang’s Tor-based leak site, froze its cryptocurrency wallets, and collected technical information on the group’s infrastructure.
The US government ha
Qilin, the ransomware group behind an attack that has disrupted healthcare across London, has listed the victim organization Synnovis on its darknet extortion site. The attack earlier this month on Synnovis, a business providing pathology services for hospitals and local clinics in the capital, prompted major disruptions to services, with blood tests in South East London operating at approximately 10% normal capacity. “Half of this capacity has been ringfenced to support patients in the acute
SpaceX is inviting some customers to buy a new Starlink Mini receiver for its satellite broadband service offered as a portable option, with an introductory price tag of $599 in the US.
Customer emails sent by the space company this week invited select customers to buy its latest antenna, described as a "compact, portable kit that can easily fit in a backpack, designed to provide high-speed, low-latency internet on the go."
Stream 4K movies while out camping out, anyone? Cool, huh? The compan
Hospitals and healthcare subsidiaries have been in the cyber security headlines for over a year now. And attacks appear to have not slowed. More than 1,130 planned operations and 2,190 outpatient appointments have been postponed after a cyber-attack hit London area hospitals. The disruption was caused when hackers targeted pathology services provider Synnovis. NHS England said two NHS trusts, King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust, were aff
A cyber-attack on software provider CDK Global upended operations at car dealerships across the US on 19 June. CDK spokesperson Lisa Finney said the company shut down most of its systems “out of an abundance of caution" for customers. By that afternoon, the company had restored its core document management system and digital retailing solutions. "We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online," Fin
Red Sky Alliance often queries various critical infrastructure sectors and associated businesses. This month our researchers took a quick look (snapshot) of the Steel Industry. We used our CTAC analytical service to query various key words to the steel industry. These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments. Red Sky Alliance is providing this list of steel related key words w
A cyber-attack that sent US based Ascension hospitals and health care systems offline in May happened because a worker accidentally downloaded malware, officials said this week. “Clinical operations” were affected at Ascension hospitals and medical centers, which operate in Michigan and 18 other states, when a cyber-attack forced the organization to transition to offline systems in early May. It was later said that the attack was actually a ransomware attack, meaning someone (or a group) brok
The single-vendor SASE market is immature and dynamic but developing rapidly. I&O leaders responsible for networking should work with their security colleagues when selecting SASE vendors and use this research to cut through marketing hype to determine which vendors best suit their needs.
Strategic Planning Assumptions - By 2025, there will be over a 50% increase in vendors with generally available single-vendor SASE offerings compared to mid-2023. By 2026, 60% of new SD-WAN purchases will be
The revelation earlier this year that General Motors had been selling driver behavior patterns to data brokers, who in turn packaged and resold it to insurers, has led at least one of two major data brokers to shut down its related product. That data broker, Verisk, disclosed last month that it has stopped accepting data from car makers and no longer sells the information to insurers, according to the organization Privacy4Cars, which received the response after sending the data broker an inquir
The criminal hacking group ShinyHunters claims it has stolen information, including bank and credit card numbers and staff HR details, from 30 million customers and employees. The stolen information includes bank account data. The hackers belong to the same gang that recently hacked Ticketmaster. The hackers are now trying to sell what they claim is confidential information belonging to millions of Santander’s employees and customers.
Santander, which employs 200,000 staff worldwide, has confirm
In an effort to shore up its reputation in the West, TikTok has taken measures to stop a cyber-attack targeting several brands and celebrity accounts, including news network CNN. A spokesperson for the company said, "We have been collaborating closely with CNN to restore account access and implement enhanced security measures to safeguard their account moving forward." TikTok said the number of accounts compromised is "very small" and it is working with affected account owners to restore acces
Nearly 400,000 people had sensitive healthcare information stolen by hackers during a 2023 cyberattack on a company that supports eye clinics. Colorado-based Panorama Eyecare told regulators in Maine and Massachusetts that 377,911 current and former patients and employees had data stolen; including names, Social Security numbers, dates of birth, license numbers, financial account information, dates of service and medical provider names.
Panorama Eyecare owns or provides services to dozens of op
The US government announced on 05 June 2024 that it had filed a civil forfeiture action to recover more than $5.3 million lost by a Massachusetts workers union in a business email compromise (BEC) scam. The unnamed union in Dorchester lost the money in January 2023 when cybercriminals sent it an email that appeared to come from a trusted investment consulting firm. The scammers used a spoofed email address to trick the workers union into believing that the investment consulting firm was reque
A recent post on ClearanceJobs (https://www.clearancejobs.com), the most significant career network for professionals with federal government security clearance, listed the "10 Highest Paying Tech Jobs in 2024 and Beyond."
What was interesting: 1) The number of these jobs that did not exist 10, five, or even one or two years ago; and 2) How many of the roles are tied to cybersecurity directly or indirectly.[1]
Here is the list (you can check the link above for specific job details):
- Data Scient
The Spam and Open Relay Blocking System (SORBS), a long-time source of information on known sources of spam, widely used to create blocklists, has been shut down by its owner, cyber security software vendor Proofpoint. SORBS provided free access to a DNS-based Block List (DNSBL) that lists over 12 million host servers known to disseminate spam, phishing attacks and other email nasties. The service states its list "typically includes email servers suspected of sending or relaying spam, servers
As the 2024 Paris Summer Olympics approach, a sophisticated Russian disinformation campaign is in high gear to sow confusion, undermine the Games, and dissuade spectators from attending. This is according to a new report from the Microsoft Threat Analysis Center (MTAC) that outlines extensive malign influence efforts emanating from Russia-aligned actors. "In just under three months, after traversing more than 3,000 miles across 450 French towns, the Olympic flame will be lit at the Opening Cer
