Security News

The U.S. Federal Communications Commission has added Pacific Network Corp, along with its subsidiary ComNet LLC, and China Unicom Operations Limited, to the list of communications equipment and services that have been deemed a threat to national security. The agency said the companies are subject to the Chinese government's exploitation, influence, and control, and could be forced to comply with requests for intercepting and misrouting communications, without the ability to challenge such requests.

The US Federal Communications Commission has added two Chinese companies to its list of communications equipment suppliers rated a threat to national security: Pacific Network Corp, its wholly owned subsidiary ComNet LLC, and China Unicom. "Earlier this year the FCC revoked China Unicom America's and PacNet/ComNet's authorities to provide service in the United States because of the national security risks they posed to communications in the United States. Now, working with our national security partners, we are taking additional action to close the door to these companies by adding them to the FCC's Covered List," said Chairwoman Jessica Rosenworcel.

According to VMware, such movements were observed in 25% of all attacks. One of the best things that organizations can do to counter these types of attacks is to look for ways to improve overall visibility.

Every new employee brings their own security habits, behavior, and ways of work. Maintain best practices - When new employees join the organization, even if security training is well conducted, they're not on par with their peers.

Zerify announced the findings of a survey that indicate that IT professionals are becoming increasingly concerned about the growing number of cyber threats and foreign attacks capable of impacting video conferencing. NIST developed a framework for zero trust architecture that should be considered for video conferencing.

Acronis researchers have concluded that ransomware continues to be the number one threat to large and medium-sized businesses, including government organizations. This Help Net Security video highlights why organizations and businesses need a more holistic approach to cybersecurity.

Traffers are generally organized as teams and compromise websites in order to hook the traffic and bring the visitors to malicious content. The typical organization for such a team is pretty straightforward: One or several team administrators lead traffers but also handle the malware licenses and the analysis and selling of the logs collected by the traffers.

In this interview for Help Net Security, Katie Taitler, Senior Cybersecurity Strategista at Axonius, talks about cyber threats in the energy sector and what should be improved to make sure this sector is properly guarded. What are the reasons the energy sector is so unprepared for these growing cyber threats?

It can brute force passwords in the 9-12 character range too, if attackers just complement its speed with a few basic rules, masks, and dictionaries. Threat actors could still crack a decent share of passwords, given enough dwell time and contextual information from a compromised environment.

Amongst those frameworks, Sliver appeared in 2019 as an open-source framework available on Github and advertised to security professionals. Sliver supports several different network protocols to communicate between the implant and its C2 server: DNS, HTTP/TLS, MTLS, and TCP might be used.