January 8, 2021

Legal recourse? Nissan balances competitive and security fallout from source code leak

News that source code of Nissan North America tools leaked online because of a misconfigured Git server spurs questions not only about potential cyberattacks by bad actors, but also whether competitors could use the sensitive data against the automobile giant.

The post Legal recourse? Nissan balances competitive and security fallout from source code leak appeared first on SC Media.

January 8, 2021

Malware variant becomes world’s most popular, thanks to ransomware surge

Ransomware actors are laundering hundreds of millions of dollars through pseudo-legitimate cryptocurrency exchanges, while early-stage malware that is often used to facilitate their attacks have become the most popular forms of malware in the world.

The post Malware variant becomes world’s most popular, thanks to ransomware surge appeared first on SC Media.

January 8, 2021

Linux machines again targeted by hackers with new memory loader

The Ezuri loader filelessly executes malware on Linux machines from memory, using a technique that is more common in Windows.

The post Linux machines again targeted by hackers with new memory loader appeared first on SC Media.

January 8, 2021

Biden’s pick as White House cyber czar provides critical federal leadership and diversity

When Joe Biden assumes the presidency 13 days from now, as government grapples with fallout from the SolarWinds breach and an attack on the U.S. Capitol, veteran intelligence expert Anne Neuberger likely will be by his side as deputy national security advisor for cybersecurity on the National Security Council (NSC). Naming Neuberger to the newly…

The post Biden’s pick as White House cyber czar provides critical federal leadership and diversity appeared first on SC Media.

January 8, 2021

CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks

The agency has found evidence of authentication token abuse in networks infected with corrupted versions of Orion software and say restoring integrity will require a full network rebuild in certain cases.

The post CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks appeared first on SC Media.

January 7, 2021

Malspam campaign spoofs email chains to install IcedID info-stealer

A phishing campaign has been disguising its spam as an email chain, using messages taken from email clients on previously compromised hosts.

The post Malspam campaign spoofs email chains to install IcedID info-stealer appeared first on SC Media.

January 7, 2021

The physical breach of the Capitol building opens a cybersecurity pandora’s box

The incident, as well as the response among those on Capitol Hill tasked with securing government technology assets, serves as a dramatic and evolving case study for public and private sector entities on the scope of the cybersecurity risk tied to a physical breach.

The post The physical breach of the Capitol building opens a cybersecurity pandora’s box appeared first on SC Media.

January 7, 2021

‘Ghosts of legislations past’: Policy predictions for 2021

If 2020 brought deadlines tied to various privacy and data protection policies, then 2021 means compliance – with less leniency for companies that fall short of regulations.

The post ‘Ghosts of legislations past’: Policy predictions for 2021 appeared first on SC Media.

January 7, 2021

Forrester offers six-step governance, risk and compliance program

In a new report on governance, risk and compliance, Forrester advises top security officials that they have to prepare for more regulations around privacy and personal control over data, especially when it comes to handling medical data during the pandemic.

The post Forrester offers six-step governance, risk and compliance program appeared first on SC Media.