f1tym1

Written by Zaid Shoorbajee
Oct 23, 2018 | CYBERSCOOP

Written by Sean Lyngaas
Oct 23, 2018 | CYBERSCOOP

A Russian-owned research institute very likely helped build tools used by an infamous hacking group that caused a petrochemical plant in Saudi Arabia to shut down last year, cybersecurity company FireEye said Tuesday.

News broke this afternoon that one of the UK’s leading supermarkets Morrisons will potentially be required to pay out a ‘vast’ sum to employees following a 2014 security breach which seen the payroll details of 100,000 members of staff leaked.

Over the last few weeks, Radware has been tracking a significant Credential Stuffing Campaign targeting the financial industry in the United States and Europe.

The hackers who created a malware that is believed to have sabotaged a Saudi Arabia petrochemical plant last year were working for the Russian government, according to a new report by a cybersecurity firm.

Christopher Gleeson, manager of messaging and Collaboration for the Robert H. Smith School of Business at the University of Maryland, knows that establishing a solid data protection plan is a standard best practice, even when using G Suite for Education. The centerpiece of any good data protection plan is a backup and recovery solution, without which data loss would be an ever-present threat to the hard work faculty and students do every day. Christopher went looking for an answer to the data protection problem and found Spanning Backup, a backup and recovery solution for G Suite.

In what’s becoming a bit of a trend in modern technical incompetence, yet another company has left oodles of private company data sitting openly accessible on an Amazon cloud server.

Industry vets and students alike crammed into UCLA’s historic Royce Hall last week for TC Sessions: AR/VR, our one-day event on the fast-moving (and hype-plagued) industry and the people in it. Disney, Snap, Oculus and more stopped by to chat and show off their latest; if you didn’t happen to be in LA that day, read on and find out what we learned — and follow the links to watch the interviews and panels yourself.

Overview

In a previous blog post we detailed the TRITON
intrusion that impacted industrial control systems (ICS) at a
critical infrastructure facility. We now track this activity set as
TEMP.Veles. In this blog post we provide additional information
linking TEMP.Veles and their activity surrounding the TRITON intrusion
to a Russian government-owned research institute.

Burning malware is like Hercules fighting the nine-headed Hydra. For every head he cuts off, two more grow back in its place. That’s the lesson from a new report by Cylance today, and one both enterprise network defenders—and the public at large—should pay attention to.

The hackers who tried to make a Saudi Arabia petrochemical plant explode in 2017 were working for the Russian government, according to a new report by a cybersecurity firm.

There’s a war brewing to become the cloud pharmacy for men’s health. Roman, which launched last year offering erectile dysfunctional medication and recently added a ‘quit smoking’ kit, is taking on $97 million-funded Hims for the hair loss market. Today, Roman launched four new products it hopes to cross-sell to users through a unified telemedicine subscription and pill delivery app. It now sells meds for premature ejaculation, oral herpes, genital herpes, and hair loss at what’s often a deep discount versus your local drug store. And for those who are too far gone, it’s launching a “Bald Is Beautiful, Too” microsite for finding the best razors, lotions, and head shaving tips.

Written by Sean Lyngaas
Oct 23, 2018 | CYBERSCOOP

Some former National Security Agency officials have strongly criticized ex-NSA Director Adm. Michael Rogers’ decision to join the advisory board of a venture capital firm that is closely linked with an Israeli intelligence agency.

*** This is a Security Bloggers Network syndicated blog from Vaporstream authored by The Vaporstream Team. Read the original post at: https://www.vaporstream.com/blog/incident-response-secure-communication/

Apple CEO Tim Cook is expected to endorse the idea of a “comprehensive federal privacy law” for the U.S. in a keynote speech tomorrow.

The intelligence in this weekís iteration discuss the following threats: APT, Cryptomining, Data breach, DDoS, Spear phishing, and Vulnerabilities. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.

This week Okeke was sentenced to 45 months in prison.  Onuama will be sentenced on October 30th. 

In years past, it was a challenge for organizations across every industry to ensure they were protected against the risks of – and ready to respond to – a cybersecurity incident. Decision-makers and IT administrators alike followed the advice of experts and worked to create strong safeguards and response and recovery plans.