Safety Certification Giant UL Has Been Hit By Ransomware
www.forbes.com/sites/leemathews/2021/02/19/safety-certification-giant-ul-has-been-hit-by-ransomware/ UL, which you may know better as Underwriters Laboratories, has overcome countless obstacles in its 127-year run as the world’s leading safety testing authority. Now they’re facing down a true 21st century menace: ransomware. Lisäksi:
Recently fixed Windows zero-day actively exploited since mid-2020
www.bleepingcomputer.com/news/security/recently-fixed-windows-zero-day-actively-exploited-since-mid-2020/ Microsoft says that a high-severity Windows zero-day vulnerability patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its telemetry data. The actively exploited zero-day bug is tracked as ‘CVE-2021-1732 – – Windows Win32k Elevation of Privilege Vulnerability.’
Scoop: Sequoia Capital says it was hacked
www.axios.com/sequoia-capital-says-it-was-hacked-590dcdd6-fe49-46c6-8422-60a944272302.html Sequoia Capital told its investors on Friday that some of their personal and financial information may have been accessed by a third party, after a Sequoia employee’s email was successfully phished, Axios has learned.
Zero Trust is not a security solution. It’s a strategy
www.zdnet.com/article/zero-trust-is-not-a-security-solution-its-a-strategy One of the top challenges and misunderstandings that I continue to see is what the definition of Zero Trust actually is. Zero Trust is not one product or platform; it’s a security framework built around the concept of “never trust, always verify” and “assuming breach.”
Malformed URL Prefix Phishing Attacks Spike 6, 000%
threatpost.com/malformed-url-prefix-phishing-attacks-spike-6000/164132/ Researchers from GreatHorn report they have observed a nearly 6, 000-percent jump in attacks using “malformed URL prefixes” to evade protections and deliver phishing emails that look legit. They look legit, that is, unless you look closely at the symbols used in the prefix before the URL.
Active Cyber Defence (ACD) – The Third Year
www.ncsc.gov.uk/report/acd-report-year-three The Active Cyber Defence (ACD) programme’s aim is to Protect the majority of people in the UK from the majority of harm caused by the majority of cyber attacks the majority of the time.’
North Korean hackers charged with $1.3 billion of cyberheists
blog.malwarebytes.com/awareness/2021/02/north-korean-hackers-charged-with-1-3-billion-of-cyberheists/ The US Department of Justice recently unsealed indictments detailing North Korea’s involvement in several global cyberattack campaigns against institutions in the financial and entertainment sectors, and money laundering schemes in certain US states.