Security News

X, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys. The passkeys will be linked to the iOS device they're generated on and will significantly reduce the risk of breaches by providing protection against phishing attacks and blocking unauthorized access attempts.

A 32-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for the individual's criminal work as a "High-level hacker" in the financially motivated group FIN7. FIN7 has been attributed to a number of attacks that have led to the theft of more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations in the U.S, costing the victims $1 billion in losses.

Yaroslav Vasinskyi, a Ukrainian national, linked to the Russia-based REvil ransomware group has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July. The 22-year-old had been previously arrested in Poland in October 2021, prompting the U.S. Justice Department to file charges of conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering.

The global holiday season is upon us with Diwali happening now, Thanksgiving the end of the month, and then on to Christmas and New Years! But before we all start celebrating, we have November 2021 Patch Tuesday coming this week, which is an important one for many industries particularly retail. November 2021 Patch Tuesday forecast Microsoft addressed 79 unique CVEs last month and I expect that number to remain high.

America's plan to compete with China includes a call for the land of the free to dominate tech standards bodies, especially for 5G, and to appoint an ambassador level official to lead a new "Technology Partnership Office" that Washington will use to drive tech collaboration among like-minded nations. Released last Thursday by the Senate Foreign Relations Committee, and expected to have bipartisan support, the draft Strategic Competition Act of 2021 offers 281 pages of policy aimed at "Ensuring the United States is postured to compete with China for decades to come," in the words of ranking member US Senator Jim Risch.

Supporters of defeated American president Donald Trump this morning stormed the capital's legislative halls, shutting down the process to confirm his replacement. Within minutes of the president speaking at a rally on the nearby Mall in Washington DC, in which he urged his followers to march to the Capitol and put a stop to Joe Biden being officially approved as the next national leader by lawmakers, fights broke out on the steps of the building as thousands attempted to force their way past the relatively few cops present and break into the building.

Taking an identity-centric approach to modern security architecture helps organizations protect the weapons that are being used against us - the identity itself - But are federal agencies ready to shift to an identity-centric security model? In 2019, the United States, White House's Office of Management and Budget released M-19-17, the ICAM Modernization Strategy - the memo outlines the objectives for securing federal IT systems, including a common vision for using identity and access management controls.

An Indian national on Monday was sentenced to 20 years in prison in the Southern District of Texas for operating and funding India-based call centers that defrauded US victims out of millions of dollars between 2013 and 2016. The first-ever large-scale, multi-jurisdictional investigation targeting the India call center scam industry saw the US Department of Homeland Security and Treasury Inspector General for Tax Administration charging Patel and 60 co-conspirators for orchestrating a "Complex scheme" that involved employees based out of call centers in Ahmedabad masquerading as officials from the IRS and US Citizenship and Immigration Services.

Rootstock Software and Nagarro announced the two companies are entering a partnership to penetrate the cloud ERP market in the United States, Nordics, DACH, and Middle East regions. "Viyom Jain, Global Business Unit Head, CRM & ERP at Nagarro, said,"With Industry 4.0, a cloud strategy with a 360-degree view of customers and business intelligence tools is crucial to the new enterprise.

A Cypriot national was extradited to the United States last week to face charges related to various computer intrusions, including the hacking into Ripoff Report. The man, Joshua Polloso Epifaniou, 21, a resident of Nicosia, Cyprus, was arrested in Cyprus in February 2018 and is the first Cypriot national to be extradited from the country to the United States.