Why the Future Needs Passwordless Authentication
securityintelligence.com/future-needs-passwordless-authentication/ As of September, Microsoft users no longer have to rely on passwords when logging in to their accounts. Passwords were suitable for authentication when users had fewer accounts, but things have changed. Nowadays, everyone’s digital footprint is larger, making passwords more of a burden than a security necessity.
Russian internet watchdog announces ban of six more VPN products
www.bleepingcomputer.com/news/legal/russian-internet-watchdog-announces-ban-of-six-more-vpn-products/ Russia’s internet watchdog, Roskomnadzor’, has announced the ban of six more VPN products, bringing the total number to more than a dozen, shows a notification to companies in the country. The latest services added to the list of banned VPN services are Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, PrivateTunnel.
Key Characteristics of Malicious Domains: Report
www.darkreading.com/threat-intelligence/research-outs-the-providers-more-likely-to-host-malicious-content The newness of top-level domains as well as infrastructure located in certain countries continue to be reliable signs of whether network traffic could be malicious, while the use of self-signed Secure Sockets Layer (SSL) certificates or those issued by the free Let’s Encrypt service are not abnormally risky, according to new research.
Really stupid “smart contract” bug let hackers steal $31 million in digital coin
arstechnica.com/information-technology/2021/12/hackers-drain-31-million-from-cryptocurrency-service-monox-finance/ Blockchain startup MonoX Finance said on Wednesday that a hacker stole $31 million by exploiting a bug in software the service uses to draft smart contracts. The company uses a decentralized finance protocol known as MonoX that lets users trade digital currency tokens without some of the requirements of traditional exchanges.
Technical Problem or Cyber Crime? How to Tell the Difference
securityintelligence.com/articles/attack-cyber-crime-difference/ As soon as the Oct. 4 Facebook mega outage took place, questions about the cause ran rampant. Was it a cyber crime or a technical glitch?? Who was at fault?. The outage reportedly resulted in the loss of some $60 to $100 million dollars of revenue, and Facebook’s stock plunged 4.9% on the same day. That’s a total of $47.3 billion in lost market cap.
End-to-end Testing: How a Modular Testing Model Increases Efficiency and Scalability
www.crowdstrike.com/blog/how-a-modular-testing-model-increases-efficiency-and-scalability/ In our last post, Testing Data Flows using Python and Remote Functions, we discussed how organizations can use remote functions in Python to create an end-to-end testing and validation strategy. Here we build on that concept and discuss how it is possible to design the code to be more flexible.
Colorado energy company loses 25 years of data after cyberattack while still rebuilding network
www.zdnet.com/article/colorado-energy-company-loses-25-years-of-data-after-cyberattack-still-rebuilding-network/#ftag=RSSbaffb68 Colorado’s Delta-Montrose Electric Association (DMEA) is still struggling to recover from a devastating cyberattack last month that took down 90% of its internal systems and caused 25 years of historical data to be lost. The energy company hired cybersecurity experts to investigate the incident, but they are still having issues recovering nearly a month later.
Microsoft Exchange servers hacked to deploy BlackByte ransomware
www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware/ The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities. Detailed report:
ProxyShell exploitation leads to BlackByte ransomware
redcanary.com/blog/blackbyte-ransomware/ The BlackByte ransomware operators leverage ProxyShell Microsoft Exchange vulnerabilities for initial access along with Cobalt Strike for lateral movement. Here’s what to look out for.
Who Is the Network Access Broker Babam’?
krebsonsecurity.com/2021/12/who-is-the-network-access-broker-babam/ Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials such as usernames and passwords needed to remotely connect to the target’s network. In this post we’ll look at the clues left behind by “Babam, ” the handle chosen by a cybercriminal who has sold such access to ransomware groups on many occasions over the past few years.
Espoon Otaniemeen syntyi täysin uudenlainen tietokone
www.is.fi/digitoday/art-2000008445161.html Otaniemessä sijaitsee Suomen ensimmäinen toimiva kvanttitietokone. Teknologia saattaa mullistaa maailmaa, ilman että moni sitä ensin edes huomaa.