Hacker lexicon: What is a supply chain attack?
arstechnica.com/information-technology/2021/06/hacker-lexicon-what-is-a-supply-chain-attack/ Cybersecurity truisms have long been described in simple terms of trust: Beware email attachments from unfamiliar sources and don’t hand over credentials to a fraudulent website. But increasingly, sophisticated hackers are undermining that basic sense of trust and raising a paranoia-inducing question: what if the legitimate hardware and software that makes up your network has been compromised at the source?
China Has Triggered a Bitcoin Mining Exodus
www.wired.com/story/china-bitcoin-mining-exodus/ The promise of a crackdown is sending the country’s crypterati scrambling for the exit.
Google Warns On Password Strength
www.forbes.com/sites/brookecrothers/2021/06/06/google-warns-on-password-strength/ Google is warning you about compromised passwords. It’s a very good idea to heed these warnings. Yes, passwords are hell. Strong self-generated passwords often turn into a fog of forgotten letter combinations and phrases.
How to hack into 5500 accounts just using “credential stuffing”
nakedsecurity.sophos.com/2021/06/04/how-to-hack-into-5500-accounts-just-using-credential-stuffing/ We all ought to know by now that passwords that are easy to guess will get guessed.
Exchange Servers Targeted by Epsilon Red’ Malware
threatpost.com/exchange-servers-epsilon-red-ransomware/166640/ REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests.
Email spoofing: how attackers impersonate legitimate senders
securelist.com/email-spoofing-types/102703/ In a nutshell, email spoofing is the creation of fake emails that seem legitimate. This article analyzes the spoofing of email addresses through changing the From header, which provides information about the sender’s name and address.