Security News > 2021

In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, which experts say could be exposed to civil and criminal liabilities as a result of DDoS-Guard's business with Hamas.

Cloud-delivered network security startup iboss on Tuesday announced the closing of a new $145 million financing deal to speed up growth in a lucrative market. Iboss, founded by twin brothers Paul and Peter Martini five years ago, previously banked $35 million in venture capital funding from Goldman Sachs.

Isn't it time we stop getting psyched by the bad guys? Here are five steps cybersecurity pros can take now. How human behavior impacts cybersecurity is a hot topic.

Mobile announced that hackers stole part of its customer database thus obtaining personal user information and SIM technical data. This changed on Monday when the company confirmed the massive breach saying that personal data and SIM-related information had been stolen.

If you're still using unsecured copy methods to transfer data to and from client devices, there's no better time to learn SCP. Here's why it's beneficial to encrypt your transfers. As usual, you are pressed for time, so you skip ahead to simply copying the files via a script you've had since the dawn of your IT career to make short work of the transfer process.

Data security solutions provider Netwrix has merged with Stealthbits, a cybersecurity company focused on protecting sensitive data and credentials. Founded in 2006, the Irvine, California-based Netwrix claims to provide over 10,000 organizations around the world with the necessary tools to reclaim control over sensitive, business-critical data, helping them with security and compliance auditing.

A researcher who noted that using the "People Nearby" feature of popular messaging app Telegram exposed the exact location of the user has been told that it's working as expected. Hassan reported the issue in the hope of a bug bounty only to be told: "Users in the People Nearby section intentionally share their location, and this feature is disabled by default. It's expected that determining the exact location is possible under certain conditions."

If you'd rather not have to enter your password every time you open the Bitwarden password manager on your mobile device, Jack Wallen shows you how to enable biometric login. Bitwarden is an open source option that does an outstanding job of keeping your passwords locked away and does so with a user interface that is easy enough for any user, regardless of experience.

The Cyber Unified Coordination Group said today that a Russian-backed Advanced Persistent Threat group is likely behind the SolarWinds hack. The UCG was established by the National Security Council after the SolarWinds supply chain attack to help the intelligence agencies better coordinate the government's response efforts surrounding this ongoing espionage campaign.

Citrix on Monday informed customers that it released firmware updates for its Application Delivery Controller and Gateway products to prevent threat actors from abusing the appliances to launch and amplify distributed denial-of-service attacks. Several people reported a few days before Christmas that they had started seeing DDoS attacks abusing their Citrix ADC and Gateway devices.