Tag: computer
-
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks
by
in SecurityNewsRomanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy on…
-
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
by
in SecurityNews
Tags: access, ai, authentication, best-practice, business, china, cisa, cisco, cloud, computer, control, cyber, cybersecurity, data, data-breach, email, extortion, finance, framework, fraud, google, government, guide, hacker, identity, incident, incident response, infrastructure, intelligence, international, Internet, jobs, korea, kubernetes, law, lessons-learned, linux, login, malicious, microsoft, mobile, monitoring, network, north-korea, office, password, regulation, risk, risk-management, russia, service, software, tactics, technology, threat, tool, updateCheck out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchmarks; and local and state governments’ cyber challenges. Dive…
-
Top 10 data and ethics stories of 2024
by
in SecurityNewsHere are Computer Weekly’s top 10 data and ethics stories of 2024 First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617246/Top-10-data-and-ethics-stories-of-2024
-
Romanian Netwalker ransomware affiliate sentenced to 20 years in prison
by
in SecurityNewsDaniel Christian Hulea, a Romanian man charged for his involvement in NetWalker ransomware attacks, was sentenced to 20 years in prison after pleading guilty to computer fraud conspiracy and wire fraud conspiracy in June. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/romanian-netwalker-ransomware-affiliate-sentenced-to-20-years-in-prison/
-
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617109/Latest-attempt-to-override-UKs-outdated-hacking-law-stalls
-
Ukrainian sentenced to five years in jail for work on Raccoon Stealer
by
in SecurityNewsUkrainian national Mark Sokolovsky was sentenced Wednesday to five years in federal prison for his role in operating Raccoon Infostealer malware, which infiltrated millions of computers worldwide to steal personal data. According to court documents, Sokolovsky, 28, was integral to operations that allowed the leasing of Raccoon Infostealer for $200 per month, payable via cryptocurrency.…
-
US eyes ban on TP-Link routers amid cybersecurity concerns
by
in SecurityNews
Tags: attack, business, china, compliance, computer, corporate, country, cyber, cyberattack, cybercrime, cybersecurity, ddos, defense, espionage, exploit, flaw, government, hacking, infrastructure, intelligence, law, malicious, microsoft, network, risk, router, technology, threat, vulnerability, wifiThe US government is investigating TP-Link, a Chinese company that supplies about 65% of routers for American homes and small businesses, amid concerns about national security risks. Reports suggest these routers have vulnerabilities that cybercriminals exploit to compromise sensitive enterprise data.Investigations by the Commerce, Defense, and Justice Departments indicate that the routers may have been…
-
Ukrainian hacker gets prison for infostealer operations
by
in SecurityNewsUkrainian national Mark Sokolovsky was sentenced to 60 months in federal prison for one count of conspiracy to commit computer intrusion. According to court documents, he … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/19/ukrainian-hacker-prison-infostealer-operations-raccoon-infostealer/
-
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to…
-
Proposed UK White Hat Legal Shield Fails in House of Lords
Amendment to Computer Misuse Act Fails During Bloc Vote. A proposed amendment to British anti-hacking law that would have provided a legal shield to white hat hackers failed Wednesday in the House of Lords. Under the Computer Misuse Act, access to a computer system without adequate consent from the system owner is illegal. First seen…
-
Ground Rule of Cyber Hygiene: Keep Your Password Policy Up to Date
Since the earliest incidents of computer break-ins, experts have maintained that making the internet a safe place is going to be an uphill battle. Their reasons, while largely technical, also encompass human complacency. Research shows that most organizations and users fail to follow the simple practices that make computing safe. In 2024, organizations reported a..…
-
The Security Interviews: Martin Lee, Cisco Talos
by
in SecurityNewsThreat intel expert and author Martin Lee, EMEA technical lead for security research at Cisco Talos, joins Computer Weekly to mark the 35th anniversary of the first ever ransomware attack First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617203/The-Security-Interviews-Martin-Lee-Cisco-Talos
-
Top 10 cyber security stories of 2024
by
in SecurityNewsData breaches, data privacy and protection, and the thorny issue of open source security were all hot topics this year. Meanwhile, security companies frequently found themselves hitting the headlines, and not always for good reasons. Here are Computer Weekly’s top 10 cyber security stories of 2024 First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617185/Top-10-cyber-security-stories-of-2024
-
Top 10 end user computing stories of 2024
by
in SecurityNewsHere are Computer Weekly’s top 10 end user stories of the year, overlooking the growth of new PC form factors and devices equipped with neural processing units for AI acceleration First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366616840/Top-10-end-user-computing-stories-of-2024
-
That cheap webcam? HiatusRAT may be targeting it, FBI warns
by
in SecurityNewsWebcams have been a key part of business and home offices everywhere, especially since the COVID pandemic hit. But they are not often high-quality products, especially if used only sporadically, as many consumers and remote workers are content with a cheap one from China. This not only causes regular hardware problems, but it can also be…
-
5 Modern Computer Safety Tips You Should Know About
by
in SecurityNewsProtecting your computer in the hyper-connected world of today goes beyond merely preventing bothersome viruses. Smarter, quicker, and far more invasive than ever before are modern dangers. Cybercriminals no longer depend on simple strategies; they leverage flaws, fool unsuspecting consumers,… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/5-modern-computer-safety-tips-you-should-know-about/
-
Detection Engineer’s Guide to Powershell Remoting
by
in SecurityNews
Tags: access, attack, automation, computer, control, credentials, crowdstrike, cyberattack, data, detection, edr, endpoint, exploit, firewall, guide, hacker, malicious, microsoft, mitre, monitoring, network, penetration-testing, powershell, risk, service, siem, threat, tool, update, windowsPowershell Remoting is a powerful feature in Windows that enables IT administrators to remotely execute commands, manage configurations, and automate tasks across multiple systems in a network. Utilizing Windows Remote Management (WinRM), it facilitates efficient management by allowing centralized control over endpoints, making it an essential tool for system administrators to streamline operations and maintain…
-
Misconfiguration Manager: Detection Updates
by
in SecurityNewsTL;DR: The Misconfiguration Manager DETECT section has been updated with relevant guidance to help defensive operators identify the most prolific attack techniques from the Misconfiguration Manager project. Background If you have been following SpecterOps’s offensive security research over the last few years, you may have noticed our interest in targeting attack paths leveraging Microsoft’s Configuration Manager…
-
Texas Tech University System data breach impacts 1.4 million patients
by
in SecurityNewsThe Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/texas-tech-university-system-data-breach-impacts-14-million-patients/
-
Computer Misuse Act reform gains traction in Parliament
by
in SecurityNewsAn amendment to the proposed Data (Access and Use) Bill that will right a 35 year-old wrong and protect security professionals from criminalisation is to be debated at Westminster First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617262/Computer-Misuse-Act-reform-gains-traction-in-Parliament
-
Russia focuses cyber attacks on Ukraine rather than West despite rising tension
Computer Weekly talks to GCHQ’s National Cyber Security Centre operations director Paul Chichester and former NCSC chief executive Ciaran Martin on Russia, China and Salt Typhoon First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617232/Russia-focuses-cyber-attacks-on-Ukraine-rather-than-West-despite-rising-tension
-
BadRAM Attack Breaches AMD Secure VMs with $10 Device
by
in SecurityNewsResearchers have uncovered a vulnerability that allows attackers to compromise AMD’s Secure Encrypted Virtualization (SEV) technology using a $10 device. This breakthrough exposes a previously underexplored weakness in memory module security, specifically in cloud computing environments where SEV is widely used to protect sensitive data, which is shared on the BadRAM page. Modern computers depend…
-
Attackers can abuse the Windows UI Automation framework to steal data from apps
by
in SecurityNewsAn accessibility feature built into Windows to facilitate the use of computers by people with disabilities can be abused by malware to steal data from other applications or control them in malicious ways that evades detection by most endpoint protection systems.The Windows UI Automation framework has existed since the days of Windows XP and provides…
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
-
Post-Quantum Cryptography: The Implications of Google’s Willow and Other Quantum Computers for Cybersecurity
by
in SecurityNewsQuantum computing was long considered to be part of a distant future. However, it is quickly becoming a reality. Google’s recent announcement of its Willow quantum computing chip is a breakthrough generating significant media attention and questions about the implications for cybersecurity. Google’s Willow advancements are significant because of two major breakthroughs critical to the……
-
Black Hat Europe preview: Cryptographic protocol attacks and AI in the spotlight
by
in SecurityNews
Tags: access, ai, application-security, attack, authentication, backdoor, best-practice, computer, conference, control, cybercrime, cybersecurity, data, dns, encryption, exploit, finance, github, government, hacker, healthcare, identity, injection, Internet, LLM, malicious, microsoft, mitigation, office, open-source, radius, RedTeam, risk, service, sophos, technology, tool, training, vulnerability, vulnerability-management, windowsThis week in London Black Hat Europe will feature a diverse range of talks and presentations covering the latest developments in cybersecurity.The opening keynote on Wednesday will be delivered by Frédérick Douzet, a professor of geopolitics at the University of Paris 8, and director of the French Institute of Geopolitics research team. No preview is…