Credit to Author: BrianKrebs| Date: Mon, 02 May 2022 21:29:34 +0000
Faced with a brain drain of smart people fleeing the country following its invasion of Ukraine, the Russian Federation is floating a new strategy to address a worsening shortage of qualified information technology experts: Forcing tech-savvy people within the nation’s prison population to perform low-cost IT work for domestic companies.
Read more
Credit to Author: Preston Gralla| Date: Mon, 02 May 2022 03:00:00 -0700
When Russia launched its all-out attack against Ukraine in February, the world expected the invaders to roll over the country quickly. That didn’t happen, and Ukraine today, though still under assault, has so far thwarted Russia’s ambitions to conquer it.
Russia has also been fighting a quieter war against Ukraine, a cyberwar, deploying what had been considered the most feared state-sponsored hackers in the world. And in the same way that Ukraine has fended off Russia’s military might, it’s been winning the cyberwar as well.
In that cyberwar, as always, the terrain is primarily Windows, because it represents the largest and most vulnerable attack surface in the world. The facts about what exactly is going on have been shadowy. But there’s plenty of evidence that Ukraine may keep the upper hand.
Credit to Author: BrianKrebs| Date: Fri, 29 Apr 2022 19:25:49 +0000
Google said this week it is expanding the types of data people can ask to have removed from search results, to include personal contact information like your phone number, email address or physical address. The move comes just months after Google rolled out a new policy enabling people under the age of 18 (or a parent/guardian) to request removal of their images from Google search results.
Read more
Credit to Author: Evan Schuman| Date: Thu, 28 Apr 2022 11:35:00 -0700
Have you recently been on a video confefence call, hit the “mute” button and then offered up some nasty comments about a client or a colleague — or even the boss?
Or maybe while in a conference room with colleagues — muted — and pointed out that some proposed action would violate the terms of a secret acquisition in its final stages?
If you were comfortable that the mute button was actively protecting your secret, you shouldn’t have been.
Thanks to some impressive experimentation and research from a group of academics at the University of Wisconsin-Madison and Loyola University Chicago, utterances made while the app is in mute are still captured and saved into RAM.
Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000
When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.
Read more
Credit to Author: Jonny Evans| Date: Tue, 26 Apr 2022 07:46:00 -0700
Jamf has announced a series of significant updates to Jamf Protect, introducing a unique set of technologies designed to make enterprise devices more secure while also identifying and responding to incoming endpoint threats. The company also introduced, Jamf Trust, which aims to make this kind of security simple to use. (The latter is also available for Android and Windows.)
The big news for Mac security, Jamf Protect, now offers a comprehensive endpoint and network security solution, supplementing its existing protections with new tools for:
Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000
KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.
Read moreCredit to Author: Paul Gillin| Date: Fri, 22 Apr 2022 04:30:00 -0700
Human beings are natural pack rats, as evidenced by the 2.3 billion square feet of self-storage space that’s in use in the U.S. Fear of getting rid of stuff even has a name: disposophobia.
Keeping every pair of shoes your kids have ever worn isn’t a problem for anyone except those with whom you share living space.
But the same rules don’t apply to data.
All industries have records retention guidelines spelled out in compliance rules. They are usually strictly enforced for regulated companies, and firms that run afoul of them can be punished.
Credit to Author: Mike Elgan| Date: Fri, 22 Apr 2022 03:00:00 -0700
Last summer, law enforcement officials contacted both Apple and Meta, demanding customer data in “emergency data requests.” The companies complied. Unfortunately, the “officials” turned out to be hackers affiliated with a cyber-gang called “Recursion Team.”
Roughly three years ago, the CEO of a UK-based energy company got a call from the CEO of the company’s German parent company instructing him to wire a quarter of a million dollars to a Hungarian “supplier.” He complied. Sadly, the German “CEO” was in fact a cybercriminal using deepfake audio technology to spoof the other man’s voice.
Credit to Author: JR Raphael| Date: Fri, 22 Apr 2022 02:50:00 -0700
You might not know it from all the panic-inducing headlines out there, but Android is actually packed with practical and powerful security options. Some are activated by default and protecting you whether you realize it or not, while others are more out of the way but equally deserving of your attention.
So stop wasting your time worrying about the Android malware monster du jour and which security company is using it to scare you into an unnecessary subscription, and take a moment instead to look through these far more impactful Android settings — ranging from core system-level elements to some more advanced and easily overlooked options.