Professor CyberRisk

Sanctions for Russia, FBI Hacks US systems, and the Electric grid got lucky

– www.scmagazine.com: As US takes sweeping action against Russia for years of hacking, industry skeptical of impact – www.darkreading.com: FBI Operation Remotely Removes Web Shells From Exchange Servers – www.bleepingcomputer.com: CISA gives federal agencies until Friday to patch Exchange servers – www.zdnet.com: Google Project Zero testing 30-day grace period on bug details to boost user…

Read More

Your Health Insurance, Facebook, and LinkedIn all got Hacked

This past week had a bunch of large scale hits with potentially 700 million people being hacked (not all this week, some as early as 2019). – thehill.com: Major DC insurance provider hacked by ‘foreign cybercriminals’ – www.bleepingcomputer.com: North Korean hackers use new Vyveva malware to attack freighters – www.darkreading.com: LinkedIn Phishing Ramps Up With…

Read More

DHS emails hacked by SolarWinds, DPRK Actors created a Fake security Company, Space X gets encrypted

Lots happening this week, as I welcome in my new students to this term. Solarwinds fall out still happening, along with changes at the company, multi university hacks reported, North Korea is still being tricky, another water treatment plan was hacked (although in the past), Ubiquity has a whistle blower, and Space X encrypted their…

Read More

A Quick Overview of Teaching a (my) cybersecurity class

Taking a break from the reoccuing nightmare that is cybersecurity, and doing a quick high level overview of teaching cybersecurity, specifically my class. Which happens to start back up on 6 April 2021. — This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app — Send in a voice message:…

Read More

Solarwinds takes more source code, Exchange Ransomware, 4.2 Billion lost to internet crime in 2020

– www.zdnet.com: Mimecast reveals source code theft in SolarWinds hack – www.bleepingcomputer.com: CISA releases new SolarWinds malicious activity detection tool – www.zdnet.com: Microsoft investigates potential ties between partner security firm, Exchange Server attack code lea – arstechnica.com: Exchange servers first compromised by Chinese hackers hit with ransomware – www.bleepingcomputer.com: FBI: Over $4.2 billion officially lost…

Read More

Yet another Cyber Nightmare, potentially 100,000s exchange servers compromised world wide

This week focused heavily on the hack of 2021, at least 10 APTs are exploiting Microsoft Exchange Server vulnerabilities across the globe, oh and 150,000 security cameras were also breached… – www.cyberscoop.com: At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns – www.cyberscoop.com: Amid widespread Exchange Server attacks, Microsoft issues patch…

Read More

India Power Hacked by the PRC, New Microsoft Zero-days, and PLCs have Hardcoded vulnerabilities

– www.scmagazine.com: China’s new cyber tactic: targeting critical infrastructure – www.forbes.com: Hackers Break Into ‘Biochemical Systems’ At Oxford University Lab Studying Covid-19 – arstechnica.com: Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10 – www.theregister.com: Chinese businessman plotted with GE insider to steal transistor secrets, say Feds – www.darkreading.com: Microsoft…

Read More

The FED has an outrage, Defense Contractors targeted, new Mac malware, and NIST updates the Smart Grid Framework

– www.bleepingcomputer.com: Federal Reserve nationwide outage impacts US banking system – www.bleepingcomputer.com: TD Bank suffered systemwide banking outage, services now recovered – www.scmagazine.com: ThreatNeedle malware tied to year-long North Korean espionage campaign against global defense industry – www.cyberscoop.com: Plane-maker Bombardier discloses breach after stolen data surfaces – threatpost.com: Mysterious Silver Sparrow Malware Found Nesting on…

Read More

Microsoft Source Code was taken, FS-ISAC members targeted, M1 Malware, and DOJ gets a win…sorta

– www.bleepingcomputer.com: Microsoft: SolarWinds hackers downloaded Azure, Exchange source code – www.cyberscoop.com: White House warns SolarWinds breach cleanup will take time – threatpost.com: Florida Water Plant Hack: Leaked Credentials Found in Breach Database – www.zdnet.com: Singtel hit by third-party vendor’s security breach, customer data may be leaked – statescoop.com: Washington state looks to consolidate cybersecurity…

Read More

Hackers attempt to poison water supplies, get into nuclear plans, windows has a 10 year old vulnerability, and 60 Million in bitcoin may be lost forever

This week we go after Critical Infrastructure hacks, the majority of windows computers have likely had a vulnerability for over a decade, and 60 million in bitcoin may be locked away forever – www.vice.com: Hacker Tried to Poison Florida City’s Water Supply, Police Say – www.wired.com: A Hacker Tried to Poison a Florida City’s Water…

Read More
WordPress Appliance - Powered by TurnKey Linux