[TheRecord] DOJ launches program to train prosecutors in cybersecurity topics

The US Department of Justice announced a new fellowship program today designed to train “a new generation of prosecutors and attorneys” on cybersecurity issues, in order to better tackle national security threats and cybercrime. Named the Cyber Fellowship, the new program is one of the outcomes of a 120-day review of cybersecurity challenged the DOJ began in May […]

Read More

[TheRecord] House defense policy bill okays $10.4 billion for DoD cybersecurity

The House version of the annual defense policy bill backs the Biden administration’s proposed $10.4 billion cybersecurity budget for the Defense Department next year, according to an aide for the panel’s Democratic majority “We support the President’s budget request,” the aide said, adding that the annual National Defense Authorization Act provides additional investment for the […]

Read More

[TheRecord] ProxyToken vulnerability can modify Exchange server configs

If the ProxyShell vulnerability wasn’t enough of a good reason for system administrators to apply the July 2020 Microsoft Exchange security updates, there is a second major security bug in those updates that can allow for devastating hacks. Nicknamed ProxyToken, the vulnerability allows a remote attacker to bypass authentication and make changes to an Exchange email server’s backend […]

Read More

[TheRecord] Internet access in South Sudan disrupted ahead of planned protests

Activists in South Sudan planned protests against the country’s leadership, including President Salva Kiir and Vice President Riek Machar, for Monday. But instead, the streets of the nation’s capital city Juba and local internet traffic were eerily quiet as activists hid from security forces and network watchers reported a significant disruption in online access, Reuters […]

Read More

[TheRecord] Hackers steal $29 million from crypto-platform Cream Finance

Hackers are estimated to have stolen more than $29 million in cryptocurrency assets from Cream Finance, a decentralized finance (DeFi) platform that allows users to loan and speculate on cryptocurrency price variations. The company confirmed the hack earlier today, half an hour after blockchain security firm PeckShield noticed signs of an ongoing attack. C.R.E.A.M. v1 market on […]

Read More

[TheRecord] Bangkok Air confirms passenger PII leak after ransomware attack

Bangkok Airways, the second oldest and the third biggest airline company in Thailand, has admitted last week that hackers stole passenger information during a security breach following a ransomware attack. The airline confirmed the breach in a press release last Thursday, a day after a ransomware gang known as LockBit posted a message on its dark web […]

Read More

[TheRecord] CISA adds single-factor authentication to its catalog of ‘Bad Practices’

Earlier this year, in June, the US Cybersecurity and Infrastructure Security Agency (CISA) launched a new project called “Bad Practices” that consisted of a catalog of non-recommended cybersecurity practices, techniques, and configurations. The initial list only included two entries, but in an update today, CISA officials added a new “bad practice” to their list—namely, the use of […]

Read More

[TheRecord] Microsoft will split Defender pricing plans to lower the entry bar for SMBs

Microsoft plans to split the pricing model for the commercial version of its antivirus product, known as Microsoft Defender for Endpoint, introducing a cheaper plan and making its product more easily and broadly available to companies that typically couldn’t afford it. Prior to today’s announcement, Microsoft Defender for Endpoint was primarily available for companies that […]

Read More

[TheRecord] CISA and the FBI warn of ransomware gangs’ tendency of launching attacks over holidays and weekends

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint security advisory today to warn companies about the tendency of ransomware gangs to launch attacks over weekends and national holidays. While cybersecurity experts have been aware of this trend in ransomware attacks for the past three years, […]

Read More

[TheRecord] Mozi botnet authors arrested in China

The authors of the Mozi IoT botnet have been taken into custody by Chinese law enforcement earlier this year, according to Netlab, the networking security division of Chinese tech giant Qihoo 360. Details about the arrests and the suspects’ names have not been made public by Chinese authorities, Netlab researchers have told The Record. The company […]

Read More