Yearly Archives: 2021
Sunspot malware scoured servers for SolarWinds builds that it could weaponize
Software company says 2 customer inquires, in hindsight, appear linked to supply-chain attack
The post Sunspot malware scoured servers for SolarWinds builds that it could weaponize appeared first on SC Media.
Digital nationalism and the complexity of emerging threats for multinational companies
Nicolas Reys of Control Risks spoke with SC Media about how companies can position themselves to rebound from a year complicated by the pandemic, climate change challenges and deteriorating U.S.-China relations.
The post Digital nationalism and the complexity of emerging threats for multinational companies appeared first on SC Media.
Perils of coding errors play out in Parler slip up
Applied to internet applications in general, the IDOR problems that led to the Parler exposure could extend to anything stored sequentially and not secured individually — receipts, posts, and in many instances entire accounts.
The post Perils of coding errors play out in Parler slip up appeared first on SC Media.
Ubiquiti urges password reset, 2fa after breach
IoT networking device vendor Ubiquiti experienced a breach of a web portal it uses to manage remote devices and as a support portal. The web servers stored information pertaining to user profiles for the account.ui.com portal that Ubiquiti makes available to customers who bought one of its router or webcam products, a ZDNet report said.…
The post Ubiquiti urges password reset, 2fa after breach appeared first on SC Media.
Complexity and cost chip away at SOCs’ perceived return on investment
51% of 17,200 surveyed IT and security practitioners said that
their SOC’s ROI has gotten worse.
The post Complexity and cost chip away at SOCs’ perceived return on investment appeared first on SC Media.
SolarWinds attackers suspected in Microsoft authentication compromise
Mimecast issued a new certificate and is urging affected customers to delete the old one after Microsoft warned of a compromise.
The post SolarWinds attackers suspected in Microsoft authentication compromise appeared first on SC Media.
‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform
In theory they know better. But Users naïvely trust workplace communications platforms, despite phishing and impersonation threats.
The post ‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform appeared first on SC Media.
DarkSide decryptor unlocks systems without ransom payment – for now
The decryptor works for all current DarkSide infections, but that will likely change soon as the group reacts and adapts to the disclosure.
The post DarkSide decryptor unlocks systems without ransom payment – for now appeared first on SC Media.
Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group
While researchers may want to invest time and energy towards attributing the latest high-profile attack to a particular adversary, more productive is the ability to see similarities in the underlying techniques employed in the attack were to prior attacks.
The post Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group appeared first on SC Media.