Security News

Uber's security compromise earlier this month is an unfortunate result of concerns left over from an attack the company sustained in 2016 when a pair of hackers outside of Uber accessed user data that was stored on a 3rd-party server. While MFA can guard against attacks using stolen credentials, that doesn't protect against what could happen if a hacker has credentials and uses them for a more advanced attack.

Election workers in US battleground states have been hit by a surge in phishing and malware-laced emails in the run up to their primaries and the upcoming 2022 midterm elections. That's according to Trellix security researchers, who said malicious emails sent to Arizona county election workers rose 78 percent, from 617 to 1,101, between the first and second quarter of the year, ahead of the state's August 2 primary.

Feds also said the biz sucked at policing transactions for suspicious activity – as if! Bittrex will cough up $53 million after being accused of flouting US sanctions and breaking federal money...

Russian miscreants claimed responsibility for knocking more than a dozen US airports' websites offline on Monday morning in what appeared to be a large-scale, distributed-denial-of-service attack. A spokesperson for the US Transportation Security Administration, when reached by The Register, said to contact the airports directly about the issue.

The pro-Russian hacktivist group 'KillNet' is claiming large-scale distributed denial-of-service attacks against websites of several major airports in the U.S., making them unaccessible.The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services.

The pro-Russian hacktivist group 'KillNet' has carried out large-scale DDoS attacks against several U.S. airports' websites, taking many of them offline. The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services.

Unlike the email ecosystem, where anybody can email anybody, messaging and social media apps such as WhatsApp are based on closed groups. The companies are Rockey Tech HK Ltd, Beijing Luokai Technology Co. Ltd, and Chitchat Technology Ltd. The brand names under which WhatsApp alleges they peddled fake apps and addons are HeyMods, Highlight Mobi, and HeyWhatsApp.

In a notice of proposed rulemaking published earlier this week, the DoE said the time was right "To establish rules for incentive-based rate treatments" for utilities making investments in cybersecurity technology. The DoE said these included products and services, and information like plans, policies, procedures and other info related to cybersecurity tech.

Three US national security agencies - CISA, the FBI and the NSA - on Thursday issued a joint advisory naming the 20 infosec exploited by state-sponsored Chinese threat actors since 2020. The Cybersecurity and Infrastructure Security Agency, National Security Agency and Federal Bureau of Investigation stated they collectively consider the People's Republic of China state-sponsored cyber activities as "Being one of the largest and most dynamic threats to U.S. government and civilian networks."

How do you best spend a cybersecurity budget you have long been hoping you'd get? That's the question state, local, and territorial governments are starting to ask themselves in the wake of a major September announcement from the Department of Homeland Security. DHS will be doling out $1 billion in funding over the next four years as part of a first-of-its-kind cybersecurity grant program specifically aimed at SLT governments.