Russians Hacked Ukrainian Gas Company at Center of Impeachment
www.nytimes.com/2020/01/13/us/politics/russian-hackers-burisma-ukraine.html It is not yet clear what the hackers found, or precisely what they were searching for. But the experts say the timing and scale of the attacks suggest that the Russians could be searching for potentially embarrassing material on the Bidens the same kind of information that Mr. Trump wanted from Ukraine when he pressed for an investigation of the Bidens and Burisma, setting off a chain of events
Who is Mr Ding?
intrusiontruth.wordpress.com/2020/01/14/who-is-mr-ding/ We have identified that Professor Gu Jian is connected to the front company Hainan Xiandun and supported some of their activities from his position at Hainan University. But his was more of a supporting role. Who was in charge?
New CrowdStrike Report Finds an Increase in Cyber Adversaries Turning to Business Disruption as Main Attack Objective
www.crowdstrike.com/press-releases/report-finds-business-disruption-is-main-objective-of-adversaries/ CrowdStrike® Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint protection, today announced the release of the CrowdStrike Services Cyber Front Lines Report which provides valuable takeaways from the front lines of incident response (IR) cases spanning 2019 and shares insights that matter for 2020 and beyond. The report identifies new attack methods and challenges, while offering
3 Lessons From the Incident Response Tabletops
securityintelligence.com/posts/3-lessons-from-the-incident-response-tabletops/ Here are a few lessons Ive learned about incident response from having run tabletop exercises within IBM and alongside our clients.
9 Reasons Why Cybersecurity Stress Is an Industry Epidemic
securityintelligence.com/articles/9-reasons-why-cybersecurity-stress-is-an-industry-epidemic/ Cybersecurity stress is an industrywide epidemic among security professionals. Burnout is a hard conversation, but its necessary for CISOs to face workplace stress before it compromises productivity, talent retention or individual well-being.
www.schneier.com/blog/archives/2020/01/china_isnt_the_.html The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. Eavesdropping is also a risk, although efforts to listen in would almost certainly be detectable. More insidious is the
Microsoft Patch Tuesday for January 2020
isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+for+January+2020/25710/ But CVE-2020-0601 isn’t the only vulnerability you should be worried about this month. CVE-2020-0609 and CVE-2020-0610 are fixing remote code execution vulnerabilities in the Windows Remote Desktop Gateway (RD Gateway). Remember BlueKeep? The RD Gateway is used to authenticate users and allow access to internal RDP services. As a result, RD Gateway is often exposed and used to protect the actual RDP . servers from exploitation.