Security News > 2023 > February
Digital forensics is growing while being more tied with incident response, according to the latest State of Enterprise Digital Forensics and Incident Response survey from Magnet Forensics. Digital forensics increasingly involved with incident response.
Pics A Massachusetts man accused of using his job as a city's assistant facilities director to hide a cryptocurrency mining operation in the crawlspace of a school has surrendered himself to authorities on Friday morning after skipping his Thursday arraignment. A judge issued a default warrant for Nadeam Nahas' arrest yesterday on charges of fraudulent use of electricity and vandalizing a school, in relation with the cryptomining operation discovered under Cohasset Middle/High School in December, 2021.
The US Department of Justice asked the judge hearing its antitrust case against Google to sanction the search advertising giant for destruction of evidence. The case has since progressed into the discovery phase and now the DoJ contends that Google has ignored its responsibility to preserve evidence relevant to the case.
This video of a modern large squid processing ship is a bit gory, but also interesting. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Mass media and publishing giant News Corporation says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. This was revealed in data breach notification letters sent to employees affected by the data breach, who had some of their personal and health information accessed, while the threat actors had access to an email and document storage system used by several News Corp businesses.
Mass media and publishing giant News Corporation says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. This was revealed in data breach notification letters sent to employees affected by the data breach, who had some of their personal and health information accessed, while the threat actors had access to an email and document storage system used by several News Corp businesses.
Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023. Last week, the university sent data breach notification letters to those who submitted personal and health information as part of the graduate application to its Department of Economics, informing them that their info was accessed without authorization.
Threat watchers have spotted new cybersecurity exploits illustrating the protean nature of hacks as malware groups adapt and find new opportunities in dynamic link libraries and common vulnerabilities and exposures. Figure A. Zugec said Bitdefender has seen a large spike in the use of this tactic "Due to the fact that DLL sideloading allows the threat actors to stay hidden. Many endpoint security solutions are going to see that the DLL files are executable, signed, for example, by Microsoft or by any big name company known to be trusted. But, this trusted library is going to load malicious code."
Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor, it's just one of the many processors of a system-on-chip that cater to various tasks like cellular communications and multimedia processing.
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan and Slack, it's clear that SaaS apps are a prime target for cyberattacks. Join us for an upcoming webinar that will equip you with the insights you need to overcome the top SaaS challenges of 2023.