Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by “highly sophisticated threat actors” exploiting what appear to be zero-day vulnerabilities affecting some of the company’s products.
Author: Blog
Experts Detail A Recent Remotely Exploitable Windows Vulnerability
More details have emerged about a security feature bypass vulnerability in Windows NT LAN Manager (NTLM) that was addressed by Microsoft as part of its monthly Patch Tuesday updates earlier this month.
Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product
SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems.
“Cyber Threat Hunting Services Market SWOT Analysis, Outlook, By Top Key Players IBM …
… CapGemini Kaspersky Symantec CB ThreatSight CrowdStrike Clearnetwork CyberDefenses Cybereason HORNE Cyber Hunters.AI Ingalls MDR …
Global Managed Detection and Response (MDR) Service Market 2020 Growth Potential …
Global Managed Detection and Response (MDR) Service Market 2020 … comprises of major players like: eSentire, AT&T, Blackpoint Cyber, Cisco, …
Secureworks Connect to Unite 1200 Security Professionals as Threat Actors Exploit Silos and …
Secureworks Connect to Unite 1,200 Security Professionals as Threat Actors Exploit … Transforming Your MSSP Business – Maureen Perrelli, Secureworks chief … Any future product, service, feature, benefit or related specification …
Intelligence Analysts Use US Smartphone Location Data Without Warrants, Memo Says
An anonymous reader quotes a report from The New York Times: A military arm of the intelligence community buys commercially available databases containing location data from smartphone apps and searches it for Americans’ past movements without a warrant, according to an unclassified memo obtained by The New York Times. Defense Intelligence Agency analysts have searched for the movements of Americans within a commercial database in five investigations over the past two and a half years, agency officials disclosed in a memo they wrote for Senator Ron Wyden, Democrat of Oregon.
The disclosure sheds light on an emerging loophole in privacy law during the digital age: In a landmark 2018 ruling known as the Carpenter decision, the Supreme Court held that the Constitution requires the government to obtain a warrant to compel phone companies to turn over location data about their customers. But the government can instead buy similar data from a broker — and does not believe it needs a warrant to do so. “D.I.A. does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially available data for intelligence purposes,” the agency memo said.
Daily Crunch: Alphabet shuts down Loon
Alphabet pulls the plug on its internet balloon company, Apple is reportedly developing a new MacBook Air and Google threatens to pull out of Australia. This is your Daily Crunch for January 22, 2021.
How Is This a Good Idea: Car Dashboard Video Games
DIA uses purchased phone location data without warrants
Written by Shannon Vavra
In the Pandemic Era, Proof Digital Identity with Continuous Authentication & Behavioral Biometrics
This past November at the 2020 ISMG Virtual Cybersecurity & Fraud Summit in Washington D.C., I presented on how organizations can make digital identity both user-friendly and near-impenetrable. My session, Proofing Digital Identity with Continuous Authentication & Behavioral Biometrics considered how behavioral biometrics offers a better balancing-act between security, privacy, compliance, and user experience.
Extra Crunch roundup: Digital health VC survey, edtech M&A, deep tech marketing, more
I had my first telehealth consultation last year, and there’s a high probability that you did, too. Since the pandemic began, consumer adoption of remote healthcare has increased 300%.
Automate your way to success with Cisco SecureX
Take back control with an integrated security platform
In a makeshift SOC in the corner of his home, Matt starts his day with an alarm going off on his computer. There are four monitors ganged together, multiple consoles on each one of them, and numerous empty coffee mugs. This probably draws a snapshot of what’s been real for many of us. On top of the never-ending list of alerts in his inbox every morning, he is building playbooks, threat hunting, scanning news for the latest attack updates, and investigating alerts. Coffee stopped working a couple of hours ago. Matt wished he had more time in the day.… and it’s only 9 AM.
From Google Cloud Blog: “New whitepaper: Designing and deploying a data security strategy with…
From Google Cloud Blog: “New whitepaper: Designing and deploying a data security strategy with Google Cloud”
Here is another very fun resource we created (jointly with Andrew Lance from Sidechain), a paper on designing and running data security strategy on Google Cloud.
DEF CON 28 Safe Mode IoT Village – Parker Wiksell’s ‘Vulnerability Trends In The Supply Chain’
Many thanks to DEF CON and Conference Speakers for publishing their outstanding presentations; of which, originally appeared at the organization’s DEFCON 28 SAFE MODE Conference, and on the DEF CON YouTube channel. Enjoy!
Nobody — And We Mean Nobody — Was Consistently Great Like Hank Aaron
Henry “Hank” Aaron, who died Friday at the age of 86, was a Hall of Famer’s Hall of Famer. He reached international renown in 1974 by breaking Babe Ruth’s all-time home run mark, which had stood unchallenged for four decades, but that was just the crowning achievement of a career that spanned 23 years and saw Aaron set all manner of records. Along the way, few players have ever garnered more respect from their peers: “Aaron is the best ball player of my era,” Mickey Mantle once said.
How Tech Is Revitalizing the Medical Product Approval Process
Chrome wants to make your passwords stronger
A common sentiment, shared by many people down the years, is that storing passwords in browsers is a bad idea. Malware, for example, would specifically target password storage in browsers and plunder everything in sight.
DEF CON 28 Safe Mode IoT Village – Garrett Enochs’ ‘Introduction To U Boot Interaction And Hacking’
Many thanks to DEF CON and Conference Speakers for publishing their outstanding presentations; of which, originally appeared at the organization’s DEFCON 28 SAFE MODE Conference, and on the DEF CON YouTube channel. Enjoy!
People Are So, So Mad at GameStop Investors and FinTok Influencers
One of the stranger parts of the eternal stock market boom (totally not a bubble, by the way) has been the anger directed at people on social media giving personal finance or investment advice.