Breach

January 25, 2021

Does cybersecurity need its own Fauci?

SC Media spoke to Ron Gula, former NSA hacker and cybersecurity investor through Gula Tech Adventures, who has advised Congress and the White House, about what President Joe Biden's first 100 days in office should look like from a cyber perspective.

The post Does cybersecurity need its own Fauci? appeared first on SC Media.

January 23, 2021

SonicWall network attacked via zero days in its VPN and secure access solutions

Cybersecurity firm SonicWall disclosed Friday night that hackers attacked the company’s internal networks by first exploiting zero-day vulnerabilities in its very own secure remote access products. SC Media received an anonymous tip Friday that SonicWall had suffered an attack, but did not get confirmation ahead of the disclosure by the company. SonicWall, whose product line…

The post SonicWall network attacked via zero days in its VPN and secure access solutions appeared first on SC Media.

January 21, 2021

Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems

Based on the malware features, the researchers said the attackers use the compromised systems for further attacks, spreading laterally across the victim company’s network, or launching attacks on outside targets while masquerading as the compromised company.

The post Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems appeared first on SC Media.

January 20, 2021

With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge

Washington, D.C. is on high alert, extending a special designation for security that always applies to inaugurations to Jan. 21, and calling in the National Guard. But in the wake of the attack on the Capitol, protection of digital assets is paramount.

The post With all eyes on the inauguration, lessons in the convergence of physical and digital security emerge appeared first on SC Media.

January 20, 2021

SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

Tactics expose the need for organizations to develop cohesive playbooks for breaches affecting hybrid environments.

The post SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach appeared first on SC Media.

January 19, 2021

Fourth SolarWinds malware strain shows diversity of tactics, need to focus on detection, response

Researchers have found a fourth strain of malware – Raindrop – that was used in the SolarWinds supply chain attack, a loader similar to the Teardrop tool. But while Teardrop was delivered by the original Sunburst backdoor in early July 2020, Raindrop was used just under two weeks later for spreading laterally across the victim’s…

The post Fourth SolarWinds malware strain shows diversity of tactics, need to focus on detection, response appeared first on SC Media.

January 13, 2021

Ubiquiti urges password reset, 2fa after breach

IoT networking device vendor Ubiquiti experienced a breach of a web portal it uses to manage remote devices and as a support portal. The web servers stored information pertaining to user profiles for the account.ui.com portal that Ubiquiti makes available to customers who bought one of its router or webcam products, a ZDNet report said.…

The post Ubiquiti urges password reset, 2fa after breach appeared first on SC Media.

January 11, 2021

Feds will weigh whether cyber best practices were followed when assessing HIPAA fines

Organizations that can show they did their due diligence in protecting medical information will be better off, should a breach occur.

The post Feds will weigh whether cyber best practices were followed when assessing HIPAA fines appeared first on SC Media.

January 11, 2021

SolarWinds hack is the perfect foreword to new book on history’s biggest breaches

SC Media spoke to author and former CISO Neil Daswani about his upcoming new book "Big Breaches: Cybersecurity Lessons for Everyone."

The post SolarWinds hack is the perfect foreword to new book on history’s biggest breaches appeared first on SC Media.