It is the time of year when that little snitch, “The Elf on the Shelf” returns to the bane of most children. Luckily that tattletale only works for a couple of weeks a year and then is returned to a box in the attic. There is a new “Elf” in town, who will never take a day off. Do you think there are limits to what your employer can see you do online? Some new Microsoft updates may make you think a little more about that. It may be that you think your employer is doing evil, unspeakable, or m
All Articles (2242)
Sort by
Insurance 101: Income (premiums) must exceed outgoings (claims) by around 30% (operating costs + profit). If claims increase, so must premiums for the insurance model to remain viable. And for the insurance companies to remain solvent and in business.
Cyber Insurance 102: The cost of cybercrime is rising dramatically and has been doing so consistently for many years. Continually increasing premiums to counter continuously increasing claims is ultimately unsustainable. Soon, the cost of insur
Cybersecurity threats, risks and challenges are often different depending on various international locations. Cyber-attack targets vary based on local resources and means to exploit vulnerabilities. Cyber criminals and nation-state attackers zero in on specific nations, companies and organizations for varying incentives. Additionally, the COVID-19 pandemic amplified and intensified cybersecurity threats. Since 2019, attackers have launch remote work-enabled attacks or social engineering att
There was an old 60’s movie called, The Spy who came in from the Cold. Well the FBI could be sidelined in new cybersecurity legislation and left out in the cyber security cold. In the view of America’s most powerful law enforcement agency, that could be a big problem.
In testimony to the US Congress, the current assistant director of the FBI’s Cyber Division, said that the Biden administration is “troubled” by legislation proposed by the US Senate and House Homeland Security committees requiri
US college campus delivery robots are making an impact. Delivery robot vendors are making a play for campuses across the country to establish a new market in a defined and structured environment, free of much of the regulatory complications of municipalities and ordinances. But what about cyber threats and hacking of these new helpers? The robots are no different from anyother cyber challenges.
Starship Technologies is delivering 30 autonomous robots for food service to South Dakota State Un
Activity Summary - Week Ending on 12 November 2021:
- Red Sky Alliance identified 27,845 connections from new IP’s checking in with our Sinkholes
- Analysts identified 3,224 new IP addresses participating in various Botnets
- Sality remains the top Malware Variant at 24,282 Observation
- Chaos Ransomware
- Fake Ecommerce and Black Friday
- Robinhood Hit (Again)
- CISA 22-01
- Ukraine & Gamaredon SSU Arrests
- Pakistan and Russia
- Cyber Attack US Federal Indictments
- FIN7 still Kicking Around
Link to full repo
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to U.S. Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape including ransomware attacks believed to be regularly carried out from Russian soil.
Readers can see the current state of cyber security for federal agencies HERE
Blinken formally announced the office whi
Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. A ransomware group tied to Russia claims to have stolen data from the National Rifle Association (NRA) in a ransomware attack on the controversial gun-rights group, which has declined to comment on the situation.
The Grief ransomware gang listed the NRA as a victim of its nefarious activity on its data-leak site. Brett Callow, a threat ana
With the ability to largely secure critical infrastructure from ground level attacks and a current strong focus on cybersecurity, a potential new attack vector from the air is being presented with the wide availability of citizen drones.
Originally reported through Popular Mechanics[1] who obtained reports in a 28 October 2021 US government bulletin, media describes a crashed drone found on the roof of a building next to a Pennsylvania substation in July 2020. Experts believe the drone was like
Ransomware has been a cyber security issue for the past several years and somewhat hits its peak - with the Colonial Pipeline ransomware attack. Ransomware is defined as a form of malicious software that is designed to restrict users from accessing their computers or files stored on computers until they pay a ransom to cybercriminals.
Ransomware typically operates via the cryptovirology methods or using cryptography (encryption) to design powerful malicious software. The software then uses sym
Organizations need to have better plans in place to prevent cyberattacks, but they should be more transparent about when they do fall victim to hackers in order to prevent others from meeting the same fate, according to the former head of the US National Security Agency (NSA). As director of the NSA and Commander of US Cyber Command from 2014 to 2018, Admiral Michael S. Rogers oversaw cybersecurity during a period of time when the threat of cyberattacks from criminals and foreign government-ba
Robinhood was known for “Stealing from the Rich, and Giving to the Poor.” Not so in the last two years. For the second time Robinhood Markets Inc. has been attacked by cyber criminals. Robinhood said personal information of about 7 million people, which is approximately a third of its customers, was compromised in a data breach last week. The bad actors then demanded a ransom payment. The intruder obtained email addresses of about 5 million people as well as full names for a separate group
Area Maritime Security Committees 2020 Annual Report – Challenges, Suggestions, Accomplishments, and Best Practices. The Office of Port and Facility Compliance is pleased to announce the publication of a consolidated report[1] on the status and work completed in 2020 by Area Maritime Security Committees. Area Maritime Security Committees 2020 Annual ReportArea Maritime Security Committees 2020 Annual Report.[2]
Area Maritime Security Committees (AMSCs) provide a valuable forum to discuss and a
During October 2021, the cyber sector celebrated the 18th year of the Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month. Under the slogan “Do Your Part #BeCyberSmart”, the Cybersecurity and Infrastructure Security Agency (CISA) together with the National Cyber Security Alliance (NCSA) each year encourage individuals and organizations to own their role in protecting cyberspace by emphasizing personal accountability and the importance of taking pr
Activity Summary - Week Ending on 5 November 2021:
- Red Sky Alliance identified 18,221 connections from new IP’s checking in with our Sinkholes
- Analysts identified 5,681 new IP addresses participating in various Botnets
- Sality remains the top Malware Variant at 16191 Observation
- UpdateAgent Variant (Wizard Update)
- NPM Library Hijacked
- Black Friday and Cyber Monday
- Squid Games
- High/Low Risk Countries
- Nuclear Ransomware
- Lockean in France
- Tobacco Company being Hit
Link to full report: IR-21-309-00
Cybersecurity researchers are warning about a rise in cyber criminals going after mobile devices as a means of gaining entry to networks. There has been a surge in mobile phishing attacks targeting the energy sector as cyber attackers attempt to break into networks used to provide services including electricity and gas.
The energy industry is highly critical, providing people with vital services required for everyday use. That role makes it a prime target for cyber criminals. That risk was de
The secure messaging service Signal[1] has released the details of a search warrant it received from the Santa Clara, California Police which shows the efforts US law enforcement agencies will go to force online platforms into disclosing the personal information of their users. In the search warrant, the police sought to get the name, street address, telephone number, and email address of a specific Signal user, which is not necessarily unusual. It also wanted billing records, the dates of whe
CISA issued Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities to evolve the approach to vulnerability management and keeping pace with threat activity. The directive establishes a CISA managed catalog of known exploited vulnerabilities and requires federal civilian agencies to identify and remediate these vulnerabilities on their information systems.
Although BOD 22-01 requires action from federal civilian agencies only, CISA strongly re
Cyber threat actors must hate children this year. Ferrara Candy the company that makes Nerds, Laffy Taffy, Now and Laters, SweetTarts, Jaw Busters, Nips, Runts and Gobstoppers announced that it was hit with a ransomware attack just weeks before it prepares for one of its biggest holidays, Halloween. The Illinois-based company released a statement that on 09 October 2021, they "disrupted a ransomware attack" that encrypted some of their systems.
"Upon discovery, we immediately responded to secu
Activity Summary - Week Ending on 27 October 2021:
- Red Sky Alliance identified 36,141 connections from new IP’s checking in with our Sinkholes
- Analysts identified 41,071 new IP addresses participating in various Botnets
- Sality remains the top Malware Variant at 32074 times seen
- Harvester Part II
- Vulnerability on Confluence Server
- EntroLink
- Russia, Russia, Russia
- Iranian Gas Stations
- Walmart
- COP = Climate Activism escalation
- Climate and Animal Rights Activists join Forces to eliminate Meat
Link
