Tuesday, March 19, 2019

Industrial Cybersecurity Firm Nozomi Launches Research Department

Industrial cybersecurity solutions provider Nozomi Networks on Tuesday announced the formal launch of the company’s research department, Nozomi Networks Labs. read more

Cloudflare Launches New HTTPS Interception Detection Tools

Security services provider Cloudflare on Monday announced the release of two new tools related to HTTPS interception detection.  read more

Mobile App Security Firm Blue Cedar Raises $17 Million

Blue Cedar, a San Francisco-based company that specializes in securing mobile applications, on Tuesday announced that it raised $17 million in a Series B funding round. read more

Microsoft Dominates 2018’s Most Exploited Vulnerabilities

Eight of the top ten most exploited vulnerabilities in 2018 affected Microsoft products. Only one -- but the second most exploited -- was an Adobe vulnerability. The last one, ranking at the ninth most exploited vulnerability of 2018, was...

Researcher Finds Novel Bug Class in Windows Kernel

A security researcher working with Google Project Zero has discovered a novel bug class that impacts Windows and some of its drivers.  read more

Aluminum Giant Norsk Hydro Hit by Ransomware

Norwegian metals and energy giant Norsk Hydro, one of the world’s biggest aluminum producers, has been hit by a ransomware attack that has impacted operations, forcing the company to resort to manual processes. read more

Norway’s Norsk Hydro Hit by ‘Extensive’ Cyberattack

One of the world's biggest aluminium producers, Norway's Norsk Hydro, said Tuesday it had been hit by a cyber-attack of unknown origin. "Hydro became victim of an extensive cyberattack in the early hours of Tuesday, impacting operations in several of...

From Traffic Cop to Fleet Manager, DLP Evolves Beyond the Perimeter

Perimeter-based DLP Enforcement Has Increasingly Taken a Backseat to Host-based Implementations read more

Google Open Sources Sandboxed API

Google on Monday announced that it has made available its Sandboxed API as open source in an effort to make it easier for software developers to create secure products. read more

New Mirai Variant Targets Enterprise IoT Devices

A recently discovered variant of the infamous Mirai botnet is targeting devices specifically intended for businesses, potentially signaling a focus toward enterprise.  read more

Slack Introduces Enterprise Key Management Tool

Slack on Monday announced the introduction of Enterprise Key Management, an Enterprise Grid add-on feature that gives customers complete control over their encryption keys. read more

‘Shameless’ Scammers Seek to Cash in on Christchurch Massacre

Scammers are trying to cash in on the Christchurch mosque massacres, using phishing emails with links to fake bank accounts to ensnare people keen to donate, New Zealand's cyber security body said Monday. read more

Android Q Brings New Privacy and Security Features

Released in Beta 1 last week, the latest Android iteration (Android Q) arrived with new privacy protection improvements and other security enhancements.  read more

EU Adopts New Response Protocol for Major Cyberattacks

Europol on Monday announced the adoption of a new protocol for how law enforcement authorities in the European Union and beyond will respond to major cross-border cyberattacks. read more

Not All Context in Threat Intelligence is Created Equal

Context has always been a critical delineator in threat intelligence. It’s what distinguishes data from information, information from intelligence, and the meaningless from the meaningful. But while the importance of context is irrefutable, there seems to be less of...

Chrome, Firefox Get Windows Defender Application Guard Extensions

Microsoft is extending the protection capabilities of Windows Defender Application Guard with the release of browser extensions for Chrome and Firefox.  read more

Australia’s Intelligence Agency Publishes its Vulnerability Disclosure Process

The Australian Signals Directorate (ASD), Australia's intelligence agency responsible for foreign signals intelligence, has joined America's NSA and the UK's GCHQ in publishing an account of its vulnerabilities disclosure process. All three agencies are part of the Five Eyes...

Beto O’Rourke ‘Mortified’ Over Articles Written as Teen Member of Cult of the Dead Cow Hacker Group

Democratic presidential candidate Beto O’Rourke expressed regret Friday over writings he contributed as a teenage member of the Cult of the Dead Cow hacker group. read more

Dragos Acquires NexDefense, Releases Free ICS Assessment Tools

Industrial cybersecurity firm Dragos on Monday announced the acquisition of NexDefense, a company that specializes in visibility technology for industrial control systems (ICS), and the launch of free ICS security assessment tools. read more

Ukraine Ready to Take on Russian Election Hackers

At the headquarters of Ukraine's SBU security service more than a dozen local and Western security experts watch a simulated foreign cyber attack on several big screens ahead of this month's presidential vote. read more
SC Magazine

Norwegian aluminum producer Norsk Hydro hit by an unspecified cyberattack

Norwegian aluminum producer Norsk Hydro was hit by a cyber attack which began Monday evening and escalated into the night. The Norwegian National Security Authority (NSM) declined to comment on what type of attack it was but said the extent...
SC Magazine

Glitch exposes Sprint customer data to other users

A bug has allowed some Sprint customers to see the personal data of other customers from their online accounts. The information visible includes names, cell phone numbers as well as calls made by other users and, and a Tech Crunch report cited...

6 Ways Mature DevOps Teams Are Killing It in Security

New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
The Register

Ransomware drops the Lillehammer on Norsk Hydro: Aluminium giant forced into manual mode after systems scrambled

Norway the power and metals wrangler could have seen this one coming Norwegian power and metals giant Norsk Hydro is battling an extensive ransomware infection on its computers.…

Old Tech Spills Digital Dirt on Past Owners

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.