Home

January 13, 2021

Ubiquiti urges password reset, 2fa after breach

IoT networking device vendor Ubiquiti experienced a breach of a web portal it uses to manage remote devices and as a support portal. The web servers stored information pertaining to user profiles for the account.ui.com portal that Ubiquiti makes available to customers who bought one of its router or webcam products, a ZDNet report said.…

The post Ubiquiti urges password reset, 2fa after breach appeared first on SC Media.

January 12, 2021

Complexity and cost chip away at SOCs’ perceived return on investment

51% of 17,200 surveyed IT and security practitioners said that
their SOC’s ROI has gotten worse.

The post Complexity and cost chip away at SOCs’ perceived return on investment appeared first on SC Media.

January 12, 2021

SolarWinds attackers suspected in Microsoft authentication compromise

Mimecast issued a new certificate and is urging affected customers to delete the old one after Microsoft warned of a compromise.

The post SolarWinds attackers suspected in Microsoft authentication compromise appeared first on SC Media.

January 12, 2021

‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform

In theory they know better. But Users naïvely trust workplace communications platforms, despite phishing and impersonation threats.

The post ‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform appeared first on SC Media.

January 11, 2021

DarkSide decryptor unlocks systems without ransom payment – for now

The decryptor works for all current DarkSide infections, but that will likely change soon as the group reacts and adapts to the disclosure.

The post DarkSide decryptor unlocks systems without ransom payment – for now appeared first on SC Media.

January 11, 2021

Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group

While researchers may want to invest time and energy towards attributing the latest high-profile attack to a particular adversary, more productive is the ability to see similarities in the underlying techniques employed in the attack were to prior attacks.

The post Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group appeared first on SC Media.

January 11, 2021

Feds will weigh whether cyber best practices were followed when assessing HIPAA fines

Organizations that can show they did their due diligence in protecting medical information will be better off, should a breach occur.

The post Feds will weigh whether cyber best practices were followed when assessing HIPAA fines appeared first on SC Media.

January 11, 2021

SolarWinds hack is the perfect foreword to new book on history’s biggest breaches

SC Media spoke to author and former CISO Neil Daswani about his upcoming new book "Big Breaches: Cybersecurity Lessons for Everyone."

The post SolarWinds hack is the perfect foreword to new book on history’s biggest breaches appeared first on SC Media.

January 8, 2021

Legal recourse? Nissan balances competitive and security fallout from source code leak

News that source code of Nissan North America tools leaked online because of a misconfigured Git server spurs questions not only about potential cyberattacks by bad actors, but also whether competitors could use the sensitive data against the automobile giant.

The post Legal recourse? Nissan balances competitive and security fallout from source code leak appeared first on SC Media.