Cyber Essentials is a UK government scheme that outlines the basic steps that organisations can take to secure their systems. Implementing its five controls effectively will help you prevent about 80% of cyber attacks. In…
Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer
Wired is reporting on a company called Mollitiam Industries: Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files,…
The Story of the 2011 RSA Hack
Really good long article about the Chinese hacking of RSA, Inc. They were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come.Read more: schneier.com
The Misaligned Incentives for Cloud Security
Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and US federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the Russians’ success was…
Tesla Remotely Hacked from a Drone
This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that…
When AIs Start Hacking
If you don’t have enough to worry about already, consider a world where AIs are hackers. Hacking is as old as humanity. We are creative problem solvers. We exploit loopholes, manipulate systems, and strive for…
Malware Hidden in Call of Duty Cheating Software
News article: Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go…
Backdoor Found in Codecov Bash Uploader
Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed the attackers to export information stored in…
Biden Administration Imposes Sanctions on Russia for SolarWinds
On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposed a series of sanctions designed to punish the country for the attack and…