As cyberthreats continue to grow, enterprises like yours are challenged more than ever to protect the business from damage. And threats aren’t going away. By 2021, Cybercrime Magazine predicts a ransomware attack will occur on businesses every 11 seconds, up from every 40 seconds in 2016. What’s more, cybercrime costs are expected to grow to $10.5 trillion by 2025.
Daily Crunch: Apple might be working on a VR headset
A new report suggests there’s a pricey Apple VR headset in the works, Facebook’s Oversight Board will examine one of the social network’s most consequential decisions and we review the Samsung Galaxy S21 Ultra. This is your Daily Crunch for January 21, 2021.
How Bitcoin is helping middle-class users survive the pandemic
Leigh Cuen is a reporter in New York City. Her work has been published by Vice, Business Insider, Newsweek, Teen Vogue, Al Jazeera English, The Jerusalem Post, and many others. Follow her on Instagram at @leighcuen. More posts by this contributor
Regulators may still want to imply Bitcoin is merely a tool for criminals, but for many middle-class users, it’s proving to be a lifeline.
DEF CON 28 Safe Mode IoT Village – Jonathan Stines’ ‘Learning To Use Logic Analyzers’
Many thanks to DEF CON and Conference Speakers for publishing their outstanding presentations; of which, originally appeared at the organization’s DEFCON 28 SAFE MODE Conference, and on the DEF CON YouTube channel. Enjoy!
Blue Cedar partners with Microsoft to combat BYOD issues
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.
DEF CON 28 Safe Mode IoT Village – Kat Fitzgerald’s ‘IoT Honeypots And Taming Rogue Appliances’
Many thanks to DEF CON and Conference Speakers for publishing their outstanding presentations; of which, originally appeared at the organization’s DEFCON 28 SAFE MODE Conference, and on the DEF CON YouTube channel. Enjoy!
Decrypted: With more SolarWinds fallout, Biden picks his cybersecurity team
All change in the capital as the Biden administration takes charge, and thankfully without a hitch (or violence) after the attempted insurrection two weeks earlier.
Trump Hates Cloud, Because China Cyber?
Hidden among the former president’s final executive orders was a juicy time bomb set under American cloud computing companies. Donald Trump declared that outfits such as Amazon Web Services and Microsoft Azure must submit to a pile of new regulations and record-keeping.
FAA Files Reveal a Surprising Threat to Airline Safety: the U.S. Military’s GPS Tests
The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 2
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the first post of our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks with Jake Williams, Founder of Rendition InfoSec. In part two of this blog, Jake shares his best practices on how to structure and evolve red and blue teaming within your organization.
10 Tips to Protect Your Company’s Data in 2021
The amount, complexity, and relevance of the data that companies handle has increased rapidly over the years. Today the data stored by organizations can contain information from buying and selling transactions, market analysis, ideas for future technological innovations, customer, or employee information (salaries, health information) and more.
Bugs Allowed Hackers to Hijack Kindle Accounts With Malicious Ebooks
A series of vulnerabilities in Amazon’s Kindle could have allowed hackers to take control of victims’ devices by sending them a malicious ebook, according to new research.
DNSpooq bugs haunt dnsmasq
The research team at JSOF found seven vulnerabilities in dnsmasq and have dubbed them DNSpooq, collectively. Now, some of you may shrug and move on, probably because you haven’t heard of dnsmasq before. Well, before you go, you should know that dnsmasq is used in a wide variety of phones, routers, and other network devices, besides some Linux distributions like Red-Hat. And that’s just a selection of what may be affected.
New Phishing Attack Impersonates PayPal with Threats of ’Flagged‘ Profiles
Plaid launches FinRise, an incubator for underrepresented fintech founders
Plaid is launching FinRise, a nine-month incubator for early-stage fintech founders from underrepresented backgrounds. Inspired by an internal hackathon amid Black Lives Matter protests last summer, the accelerator is explicitly looking at startups led by Black, Indigenous, and People of Color (BIPOC).
Biden Administration to put Stronger Emphasis on Cyber Security
Two top national security nominees, Retired Army Gen. Lloyd Austin and Avril Haines, have advocated for stronger federal cybersecurity following a supply chain breach that affected several federal agencies. If these nominees are confirmed, they will begin their jobs in the middle of the damage assessment process. The attack has been attributed to Russian hackers, who presumably got access through the SolarWinds breach.
How did SolarWind Hackers evade Detection?
A report from the Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC), and Microsoft Cyber Defence Operations Center (CDOC) details how the SolarWinds hackers managed to remain undetected for so long. The report discloses new details including the steps and tools used to deploy the custom Cobalt Strike loaders (Teardrop, Raindrop, etc.) after the hackers dropped the Solorigate (Sunburst) DLL backdoor.
Phishing Scam Exposes Stolen Passwords
Check Point Research published a blog post on Thursday, explaining the phishing campaign, in which stolen information was discarded on WordPress domains. The attackers had been targeting the construction and energy sectors.
A phishing campaign’s collateral damage: Stolen passwords were publicly searchable
Written by Joe Warminsky
MrbMiner Crypto-Mining Malware Links to Iranian Software Company
A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran.