Wednesday, December 8, 2021
Internet Storm Center Infocon Status

LATEST

The Register

Virgin Media fined £50,000 after spamming 451,000 who didn’t want marketing emails

Data watchdog shows it's keeping its PECR up British telco Virgin Media is facing a £50k financial penalty after spamming more than 400,000 opted-out customers urging them to sign back up to receive marketing bumf.…
SecurityWeek

Canadian Man Faces Charges in Canada, U.S. for Ransomware Attacks

A Canadian national is facing cybercrime-related charges in the United States and Canada, with authorities saying that he was involved in ransomware attacks. read more
TechRepublic

Cybersecurity: Organizations face key obstacles in adopting zero trust

Security pros surveyed by One Identity cited a lack of clarity, other priorities and a lack of resources as bumps on the road to Zero Trust.

5 Tips to Stay on the Offensive and Safeguard Your Attack Surface

New, global-scale attacks aren't a security problem; they're a big data problem requiring a data-led solution.

Google disrupts major malware distribution network Glupteba

Working with several internet infrastructure and hosting providers, including Cloudflare, Google disrupted the operation of an aggressive Windows botnet known as Glupteba that was being distributed through fake ads. It also served itself as a distribution network for additional...
SecurityWeek

Private Equity Firm Permira to Acquire Mimecast in $5.8 Billion Deal

Mimecast on Tuesday announced that private equity firm Permira wants to acquire it in an all-cash transaction that values the email security company at roughly $5.8 billion. Permira, which plans on taking Mimecast private, has entered into a definitive agreement...
TechRepublic

Telemedicine: Doctors and patients are both worried about privacy and data security

Kaspersky survey finds 34% of telehealth providers admit to a wrong diagnosis due to poor video or photo quality.
SecurityWeek

What a Departure Email Can Teach Us About Security

When someone leaves their job to pursue other opportunities, we often receive an email about their departure. Many times, the departure email praises the person who has given notice. This would seem to be a courteous tradition when someone...
IBM Security

What to Do When a Ransomware Group Disappears

It’s your company’s worst nightmare: attackers managed to sneak ransomware onto your servers. Now, you’re locked out of every file unless you agree to pay whatever price they’re asking. As if the situation couldn’t get any worse, the attackers...
SecurityWeek

QNAP Warns of New Crypto-Mining Malware Targeting NAS Devices

Network-attached storage (NAS) appliance manufacturer QNAP Systems has sounded the alarm on a new wave of attacks targeting NAS devices with a cryptocurrency miner. read more
Computerworld

Designer smartphone hacks will trickle down in 2022

What happens to state-sponsored smartphone hacks when they're uncovered? They get reverse-engineered and enter the cybercrime underworld, of course.There is no ‘safe’ back door The inconvenient truth is there is no such thing as a safe back door into smartphone...
The Hacker News

Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers

Google on Tuesday said it took steps to disrupt the operations of a sophisticated "multi-component" botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin's blockchain...
SecurityWeek

Claroty Raises $400 Million, Acquires Healthcare IoT Security Firm Medigate

Industrial cybersecurity firm Claroty on Wednesday announced that it has raised $400 million in a Series E funding round, and revealed that it has entered an agreement to acquire healthcare IoT security company Medigate. read more
SecurityWeek

'USB Over Ethernet' Driver Vulnerabilities Affected Major Cloud Services

Potentially serious vulnerabilities identified in a library developed by Eltima affected multiple cloud services, according to endpoint security company SentinelOne. read more
SecurityWeek

Identity Verification Company Incode Raises $220 Million at $1.25 Billion Valuation

Identity verification and authentication company Incode this week announced that it has reached unicorn status after closing a $220 million Series B funding round. The new investment, which comes seven months after the company’s Series A funding, has boosted Incode’s...
SecurityWeek

Google Takes Action Against Glupteba Botnet and Its Russian Operators

Google on Tuesday announced that it has taken action to disrupt a botnet named Glupteba and it has filed a lawsuit against its alleged operators in Russia. read more
Infosecurity Magazine

Dramatic Fall in .UK Domain Suspensions

Dramatic Fall in .UK Domain SuspensionsThere was a dramatic fall in the number of .uk domain names suspended for criminal activity in the year up to October 31 2021, new figures from Nominet have shown. Nominet, the organization responsible for the management...
The Hacker News

140,000 Reasons Why Emotet is Piggybacking on TrickBot in its Return from the Dead

The operators of TrickBot malware have infected an estimated 140,000 victims across 149 countries a little over a year after attempts were to dismantle its infrastructure, even as the malware is fast becoming an entry point for Emotet, another...
Infosecurity Magazine

Google Files Lawsuit Against Blockchain Botnet Operators

Google Files Lawsuit Against Blockchain Botnet OperatorsGoogle has filed what it claims to be the first ever lawsuit against a blockchain-based botnet, in a bid to ramp-up the pressure on its likely Russian administrators. Glupteba is comprised of around one...
The Hacker News

[eBook] Guide to Achieving 24×7 Threat Monitoring and Response for Lean IT Security Teams

If there is one thing the past few years have taught the world, it’s that cybercrime never sleeps. For organizations of any size and scope, having around-the-clock protection for their endpoints, networks, and servers is no longer optional, but...
Infosecurity Magazine

French Transport Giant Exposes 57,000 Employees and Source Code

French Transport Giant Exposes 57,000 Employees and Source CodeA state-owned French transportation giant has inadvertently exposed nearly 60,000 employees to identity fraud after leaking their personal information via an unsecured HTTP server, according to researchers. A team at vpnMentor found...
SecurityWeek

Android Security Updates Patch 46 Vulnerabilities

The December 2021 security updates for Android have started rolling out to users with patches for 46 vulnerabilities, including several considered critical severity. read more

How CISOs can drive the security narrative

An eternal discussion in security is whether technology, process or people are the critical element in information security at scale. Most security leaders will tell you it’s the people that matter. Changing people's behavior to care about security practices...

Your Microsoft network is only as secure as your oldest server

Your future IT plans probably include testing and planning on Windows 10 and Windows 11 deployments. You are researching methods for deployment and management including Group Policy and Intune settings. You’ve read about how Windows 10 and Windows 11...
902FollowersFollow

LEADERS

Graham Cluley

Leaked Downing Street video footage exposes staff laughing about party

Once again video has leaked from inside the UK Government that has put it in hot water.
Graham Cluley

Ransomware hits Spar supermarkets and petrol stations

British supermarket Spar has had more than 300 of its convenience stores affected by a ransomware attack, which has forced some to close their doors or only accept cash payments.
Bruce Schneier

Someone Is Running Lots of Tor Relays

Since 2017, someone is running about a thousand — 10% of the total — Tor servers in an attempt to deanonymize the network: Grouping these servers under the KAX17 umbrella, Nusenu says this threat actor has constantly added servers with...

A Password Manager Isn't Just for Christmas, It's for Life (So Here's 50% Off!)

Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineI was having a coffee with a good mate the other day. He's not a techie (he runs a pizza restaurant), but somehow,...
Bruce Schneier

Thieves Using AirTags to “Follow” Cars

From Ontario and not surprising: Since September 2021, officers have investigated five incidents where suspects have placed small tracking devices on high-end vehicles so they can later locate and steal them. Brand name “air tags” are placed in out-of-sight areas...