A security researcher warned Asus two months ago that employees were improperly publishing passwords in their GitHub repositories that could be used to access the company’s corporate network. One password, found in an employee repo on the code sharing, allowed the researcher to access an email account used by internal developers and engineers to share […]
View More Asus was warned of hacking risks months ago, thanks to leaky passwordsCategory: Cyberwarfare
Microsoft sues to take control of domains involved in Iran hacking campaign
Microsoft has won a restraining order in a U.S. court in order to take control of domains used by an Iranian hacker group. The software and cloud giant applied to the court in order to take control of 99 websites used by the hacker group, known as Phosphorus or APT 35, in various hacking operations. […]
View More Microsoft sues to take control of domains involved in Iran hacking campaignThe responsibility for a sustainable digital future
Mounir Mahjoubi Contributor Share on Twitter Mounir Mahjoubi is the French Secretary of State for Digital Affairs. On March 12, 2019, we celebrate the 30th anniversary of the “World Wide Web”, Tim Berners-Lee’s ground-breaking invention. In just thirty years, this flagship application of the Internet has forever changed our lives, our habits, our way of […]
View More The responsibility for a sustainable digital futureResearchers obtain a command server used by North Korean hacker group
In a rare move, government officials have handed security researchers a seized server believed to be used by North Korean hackers to launch dozens of targeted attacks last year. Known as Operation Sharpshooter, the server was used to deliver a malware campaign targeting governments, telecoms, and defense contractors — first uncovered in December. The hackers sent […]
View More Researchers obtain a command server used by North Korean hacker groupThailand passes controversial cybersecurity law that could enable government surveillance
Thailand’s government passed a controversial cybersecurity bill today that has been criticized for vagueness and the potential to enable sweeping access internet user data. The bill (available in Thai) was amended late last year following criticism over potential data access, but it passed the country’s parliament with 133 positives votes and no rejections although there […]
View More Thailand passes controversial cybersecurity law that could enable government surveillanceU.S. knocked Russian troll operation offline on the day of the 2018 midterm election
Russian trolls were awfully quiet during the 2018 Midterms. Now we know that’s thanks in part to a preemptive cyber attack by the United States Military.
According to a report by The Washington Post, U.S. Cyber Command launched its “first offensive cyber campaign against Russia” on the day of the 2018 midterm elections. The cyber attack, backed by intelligence from the National Security Agency, reportedly took the Kremlin-linked Russian troll farm, Internet Research Agency, offline for the day.
Officials say the purpose of the election day operation was to block any possible disinformation campaigns from Russia regarding the Midterm results. Read more…
More about Russia, Election, Trolls, Cyberattack, and Cyberwarfare
View More U.S. knocked Russian troll operation offline on the day of the 2018 midterm electionAustralia’s government and political parties hit by cyber attack from ‘sophisticated state actor’
The Australia government suffered a cyber attack that it suspects is the work of a “sophisticated state actor,” according to the country’s Prime Minister. PM Scott Morrison said today the computer network of the country’s parliament, and those belonging to Liberal, Labor and Nationals parties, were targeted by an attack which took place a few weeks ago, The Sydney […]
View More Australia’s government and political parties hit by cyber attack from ‘sophisticated state actor’As threats proliferate, so do new tools for protecting medical devices and hospitals
Six months after an episode of “Homeland” showed hackers exploiting security vulnerabilities in the (fictional) Vice President’s pacemaker, Mike Kijewski, the founder of a new startup security company called Medcrypt, was approached by his (then) employers at Varian Medical Systems with a unique problem. “A hospital came to the company and said we are treating […]
View More As threats proliferate, so do new tools for protecting medical devices and hospitalsWith cybersecurity threats looming, the government shutdown is putting America at risk
Putting political divisions and affiliations aside, the government partially shutting down for the third time over the last year is extremely worrisome, particularly when considering its impact on the nation’s cybersecurity priorities. Unlike the government, our nation’s enemies don’t ‘shut down.’ When our nation’s cyber centers are not actively monitoring and protecting our most valuable assets and critical infrastructure, threats magnify and vulnerabilities become further exposed.
View More With cybersecurity threats looming, the government shutdown is putting America at riskTo fight election meddling, Google’s cyber unit Jigsaw extends its anti-DDoS protections to European politicos
Jigsaw, the cybersecurity-focused division owned by Google parent Alphabet, is now allowing political organizations in Europe to sign up for its anti-web-flooding technology for free. Until now, the free-to-use technology designed to protect political campaigns and websites against distributed denial-of-service (DDoS) attacks — dubbed Project Shield — was only available to news sites and journalists, human […]
View More To fight election meddling, Google’s cyber unit Jigsaw extends its anti-DDoS protections to European politicosVC funding of cybersecurity companies hits record $5.3B in 2018
2018 wasn’t all bad. It turned out to be a record year for venture capital firms investing in cybersecurity companies. According to new data out by Strategic Cyber Ventures, a cybersecurity-focused investment firm with a portfolio of four cybersecurity companies, more than $5.3 billion was funneled into companies focused on protecting networks, systems and data across […]
View More VC funding of cybersecurity companies hits record $5.3B in 2018A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts
A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise. The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter […]
View More A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts