Security News

A former Cisco employee who went medieval on his former employer and cost the company millions, has been sentenced to two years in prison and a $15,000 fine. Five months later he used access credentials to get back into Cisco's systems and deleted virtual machines on Webex - borking more than 16,000 WebEx Teams accounts for two weeks in some cases and costing Cisco $2.4m in refunds and repair work.

Christopher Taylor, 57, who "Confessed to disguising malware as recognisable and legitimate computer programs", installed Cybergate on more than 770 people's devices, covertly recording "Images of people in various stages of undress and involved in sexual activity" as Westminster Magistrates' Court found. In spite of claims that Taylor's malware-fuelled spree concerned mainly American citizens, close analysis of his seized laptop by an American expert found that just 7 per cent of his victims were located in the US - with the rest being spread between 37 different countries, including the UK. Taylor himself was suicidal at the thought of being sent to the US, found the judge, as was his disabled wife who had threatened to end her life if her husband, also her main carer, was extradited.

SEE: TechRepublic Premium editorial calendar: IT policies, checklists, toolkits, and research for download. "A lack of a standard for IoT devices brings forth many challenges from a management perspective, in particular security, as we are increasing the attack vector for each new IoT device introduced," said Shash Anand, VP of product strategy at SOTI, an IoT connectivity and management provider. Given the variety of IoT devices and systems around, it will be imperative that IoT standards are universally accepted and integrated across devices.

Secretary of State Mike Pompeo on Wednesday accused U.S. universities of caving to Chinese pressure to blunt or bar criticism of the Chinese Communist Party. Pompeo took aim at universities across the U.S., claiming they refused to address the Trump administration's concerns about China's attempts to influence students and academics.

Group-IB announces that its Threat Intelligence & Attribution system has been found compliant with the recommendations issued by United States Department of Justice for cybersecurity and cyber intelligence companies. The independent assessment of Group-IB Threat Intelligence & Attribution technologies was carried out by one of the Big Four accounting companies and has proved Group-IB's conformity with industry recommendations for gathering cyber threat intelligence data.

The United States and Australia have signed a first-ever bilateral agreement that allows the U.S. Cyber Command and the Information Warfare Division of the Australian Defense Force to jointly develop and share a virtual cyber training platform. The two countries' departments of defense will achieve this by incorporating IWD's feedback into USCYBERCOM's simulated training domain known as the Persistent Cyber Training Environment.

China poses the greatest threat to America and the rest of the free world since World War II, outgoing National Intelligence Director John Ratcliffe said Thursday as the Trump administration ramps up anti-Chinese rhetoric to pressure President-elect Joe Biden to be tough on Beijing. "It offered nothing new but repeated the lies and rumors aimed at smearing China and playing up the China threat by any means," Hua said at a daily briefing on Friday.

In the modern twist on old-fashioned war games, the U.S. military dispatched cyber fighters to Estonia this fall to help the small Baltic nation search out and block potential cyber threats from Russia. The U.S. Cyber Command operation occurred in Estonia from late September to early November, officials from both countries disclosed this week, just as the U.S. was working to safeguard its election systems from foreign interference and to keep coronavirus research from the prying reach of hackers in countries including Russia and China.

The American Civil Liberties Union has sued the US government, claiming Homeland Security agents trampled over people's constitutional rights - by buying phone location data from commercial brokers rather than getting necessary search warrants. "These practices raise serious concerns that federal immigration authorities are evading Fourth Amendment protections for cell phone location information by paying for access instead of obtaining a warrant," the ACLU said in a statement this week.

US securities industry regulator FINRA warned brokerage firms earlier this week of ongoing phishing attacks using a recently registered web domain spoofing a legitimate FINRA website. WHOIS domain data does not provide any information on who registered the phishing domain since all personal information is redacted using the registrar's privacy service.