Security News > 2022

A former Department of Homeland Security official pleaded guilty today to stealing confidential and proprietary software and sensitive databases from the US government containing employees' personal identifying information. 61-year-old Charles Kumar Edwards coordinated the scheme while working for DHS-OIG as an employee and a former acting inspector general between February 2008 and December 2013.

The Russian FSB has identified the entire criminal enterprise known as "REvil". Police raids on 25 addresses in at least Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk.

Discussions on this topic took place during the Open Source Software Security Summit convened by the Biden administration on Thursday. Participants focused on three topics: preventing security defects and vulnerabilities in open source software, improving the process for finding security flaws and fixing them, and shrinking the time needed to deliver and deploy fixes.

More than a dozen members of the REvil ransomware group have been arrested courtesy of the Russian government. The Biden administration has been pressuring Russia to take ransomware and its perpetrators seriously, especially amid allegations that groups like REvil have operated with at least the tacit permission of the former Soviet Union.

A team of researchers at the Universities of Arizona, Georgia, and South Florida, have developed a machine-learning-based CAPTCHA solver that they claim can overcome 94.4% of real challenges on dark websites. The collection of cyber-threat intelligence from illicit dark web markets and forums becomes challenging and expensive, as employees have to be involved in the CAPTCHA solving step.

This is a current list of where and when I am scheduled to speak: I’m giving an online-only talk on “Securing a World of Physically Capable Computers” as part of Teleport’s Security Visionaries...

Hensoldt, a multinational defense contractor headquartered in Germany, has confirmed that some of its UK subsidiary's systems were compromised in a ransomware attack. While the company is yet to issue a public statement regarding this incident, the Lorenz ransomware gang has already claimed the attack.

A top underground market for buying and selling stolen credit-card details, UniCC, has announced it's shutting down operations. The site accounted for about 30 percent of carding scam business and, since it was launched in 2013, handled about $358 million in cryptocurrency transactions, according to the Elliptic Threat Intel team, which published the announcement from UniCC leadership.

Moving legacy data and other assets to the cloud is perceived by many organizations as a way to better manage risks, improve efficiency, trim costs and comply with regulatory requirements. As many legacy technologies were designed for on-premises use, migrating them to the cloud can be a challenging process.

Intel has removed support for SGX in 12th Generation Intel Core 11000 and 12000 processors, rendering modern PCs unable to playback Blu-ray disks in 4K resolution. This technical problem arises from the fact that Blu-ray disks require Digital Rights Management, which needs the presence of SGX to work.