Trending Now
LATEST
Joker's Stash, The Largest Carding Marketplace, Announces Shutdown
Joker's Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021.
In a message board post on a Russian-language underground cybercrime forum, the operator of...
Iconic BugTraq security mailing list shuts down after 27 years
BugTraq launched in November 1993 and it was one of the first mailing lists dedicated to disclosing vulnerabilities.
Weekly Update 226
Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineA little bit of a change of pace this week with the video being solely on the events unfolding around removing content, people...
FIN11 e-crime group shifted to CL0P ransomware and big game hunting
The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise.
“Several...
Joker's Stash, the internet's largest carding forum, is shutting down
Joker's Stash to shut down on February 15, 2021.
Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles
President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical...
Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine
Enlarge (credit: Getty Images)
Last month, the makers of one of the most promising coronavirus vaccines reported that hackers stole confidential documents they had submitted to a European Union regulatory body. On Friday, word emerged that the hackers...
Friday Squid Blogging: China Launches Six New Squid Jigging Vessels
From Pingtan Marine Enterprise:
The 6 large-scale squid jigging vessels are normally operating vessels that returned to China earlier this year from the waters of Southwest Atlantic Ocean for maintenance and repair. These vessels left the port of Mawei on...
NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks
NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks. @mjb CreativeCommons (Credit: CC BY-NC-ND 2.0)
The National Security Agency is recommending that security teams use designated DNS resolvers to lockdown DNS...
There Was Definitely Harm Done – PSW #680
This week, we welcome Ryan Noon, Co-Founder and CEO from Material Security, joins us first, to discuss Beyond Phishing Blockers: risks to email, phishing, and beyond! Next up, Jon Gorenflo, Founder & Principal Consultant of Fundamental Security LLC, to...
Surge in remotely hosted phish images? Some say it’s business as usual
Vade Secure analyzed 26.2 million remote images in November 2020 while blocking 262 million emails containing malicious, remotely hosted images. (Sean Gallup/Getty Images)
A new report suggests that 2020 saw an increase in phishing emails that relied on remotely-hosted images...
NSA Releases Guidance on Encrypted DNS in Enterprise Environments
Original release date: January 15, 2021The National Security Agency (NSA) has released an information sheet with guidance on adopting encrypted Domain Name System (DNS) over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), referred to as DNS over HTTPS...
NSA Appoint Rob Joyce as Cyber Director
Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA's top representative in the UK.
NSA Appoints Rob Joyce as Cyber Director
Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA's top representative in the UK.
Bad Flaw in Windows 10 Also Affects Chrome Browser
Security researchers are demonstrating how you can use the Windows 10 flaw, CVE-2020-0601, to spoof the trusted digital certificates for official website domains on Google's Chrome browser. These same certificates can warn you about hacking attempts.
Easing into the new year with a modest January Patch Tuesday
Microsoft rolled into 2021 with a fairly benign update cycle for Windows and Microsoft Office systems, delivering 83 updates for January. Yes, there is an update to Windows defender (CVE-2021-1647) that has been reported as exploited. Yes, there has...
Charming Kitten’s smishing and phishing. Solorigate updates. Supply chain attacks and the convergence of espionage and crime. Greed-bait. Ring patches bug. Best practices from NSA, CISA.
Well-constructed phishing and smishing are reported out of Tehran. Estimates of SolarWinds compromise insurance payouts. Notes from industry on the convergence of criminal and espionage TTPs. Social engineering hooks baited with...
Intel unveils ransomware-fighting CPUs
Intel unveiled new anti-ransomware capabilities for its 11th generation Core vPro processors, requiring little from security chiefs to reap the rewards.
The new processors, which Intel announced during the CES conference earlier this week, provide two additional boosts for existing security products: access to processor-level data to determine ransomware attacks in progress, and the use of...
Managing Cybersecurity Costs: Bake These Ingredients Into Your Annual Budget
As businesses across all industries evolve, once discretionary expenses become operating costs. Insurance coverage, for example, is pretty much ‘a must’ across many industries. The latest may be cybersecurity costs, because protecting your most important currency, information, requires ongoing...
7MS #450: DIY Pentest Dropbox Tips – part 4
SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit SafePass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!
Hey friends! We're continuing...
Signal boost: Secure chat app is wobbly at the moment. Not surprising after gaining 30m+ users in a week, though
Install base explodes following WhatsApp 'privacy' update, Musk endorsement Signal is experiencing a partial outage as tens of millions of netizens flood the free secure messaging service.…
Florida Man Cyberstalked Survivor of Murder Attempt
Florida Man Cyberstalked Survivor of Murder AttemptA man from Florida has admitted cyberstalking a woman who survived a violent attack in her childhood that left another young girl dead.
Alvin Willie George of Cross City pleaded guilty to two counts of cyberstalking...
Tens of Vulnerabilities in Siemens PLM Products Allow Code Execution
Siemens this week informed customers that some of its product development solutions are affected by a total of nearly two dozen vulnerabilities that can be exploited for arbitrary code execution using malicious files.
read more
How to check if someone else accessed your Google account
Review your recent Gmail access, browser sign-in history, and Google account activity to make sure no one other than you has used your account.
Data Security Startup Qohash Raises $6 Million
Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.
read more
LEADERS
Weekly Update 226
Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineA little bit of a change of pace this week with the video being solely on the events unfolding around removing content, people...
Friday Squid Blogging: China Launches Six New Squid Jigging Vessels
From Pingtan Marine Enterprise:
The 6 large-scale squid jigging vessels are normally operating vessels that returned to China earlier this year from the waters of Southwest Atlantic Ocean for maintenance and repair. These vessels left the port of Mawei on...
Click Here to Kill Everybody Sale
For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping.
Note that I have had occasional problems with international shipping. The book just disappears somewhere in the process....
Cell Phone Location Privacy
We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out a way to fix that. “Pretty Good Phone Privacy” (PGPP) protects...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak:
I’m speaking (online) as part of Western Washington University’s Internet Studies Lecture Series on January 20, 2021.
I’m speaking at ITY Denmark on February 2, 2021. Details...
