Security News > 2020 > November

The FBI and Spokane police are now investigating an incident in which the Gonzaga University Black Student Union was hacked during a Zoom meeting and bombarded with racial and homophobic slurs. The incident occurred last Sunday during a virtual call among members of the Black Student Union.

A report published on Thursday by industrial cybersecurity firm Dragos reveals that the manufacturing sector has been attacked by five threat groups that have been known to target industrial environments. According to Dragos, the manufacturing sector faces increasing risk of cyberattacks, including attacks whose goal may be to cause disruption to industrial processes and ones aimed at collecting valuable information.

Because of the CISA's support of a fair election process, the White House is expected to call for Krebs' resignation, according to a Reuters report, citing sources close to the CISA chief. Upon hearing the news, lawmakers and other observers took to Twitter and to praise the job Krebs has done as CISA director, nothing how he put aside partisanship to work for a common goal to protect U.S. cybersecurity infrastructure and the election process.

More than 1,500 fraudulent votes were cast in the early hours of Monday in the country's annual bird election, briefly pushing the Little-Spotted Kiwi to the top of the leaderboard, organizers and environmental organization Forest & Bird announced Tuesday. Those votes - which were discovered by the election's official scrutineers - have since been removed.

A new mercenary hacker group tracked as CostaRicto by BlackBerry researchers is selling its services to entities requiring APT-level hacking expertise in cyber-espionage campaigns spanning the globe and targeting a multitude of industry sectors. Their attacks focused on South Asia provides some hints at CostaRicto's base of operations from where they launch cyber-espionage campaigns on behalf of customers.

Two election committees of the U.S. Department of Homeland Security issued a joint statement on Thursday saying there was no evidence of voting systems being compromised, noting that the recent election "Was the most secure in American history." "Other security measures like pre-election testing, state certification of voting equipment, and the U.S. Election Assistance Commission's certification of voting equipment help to build additional confidence in the voting systems used in 2020.".

Group-IB has opened the doors of its European headquarters in Amsterdam, which will serve as a central hub for the company's research into the European threat landscape. The Amsterdam office, located at Prinsengracht 919, is set to intensify the strong European cyber threat knowledge Group-IB had previously, broaden the company's global threat hunting infrastructure and strengthen the on-the-ground support for the company's customer base in the region, which, among others, includes major banks of the Netherlands.

While Jupyter's purpose is to collect data from various software, the malicious code supporting its delivery can also be used to create a backdoor on an infected system. A variant of the malware emerged during an incident response engagement in October at a University in the U.S. But forensic data indicates that earlier versions have been developed since May. Researchers at cybersecurity company Morphisec discovered that the developers of the attack kit were highly active, some components receiving more than nine updates in a single month.

That group is the hacker and cyber attacker fraternity, which has spotted that the sudden switch to remote working arrangements has delivered them a much wider attack surface to target, while security pros are stretched thinner than ever. By thinking like them before you start to fight back, which is what we'll be showing you how to do in our webcast How I'd Attack You, on November 18 at 0900 PT. The Register's own one-man attack surface Tim Phillips will be joined by Dan Fein and Mariana Pereira of cyber defence specialists Darktrace.

Let's face it, because of the pandemic a lot of companies were caught off guard with insufficient plans for data protection and disaster recovery. They secure infrastructure, ensure apps are available and data is safe in case of a large-scale disaster.