[TheRecord] University of Kentucky discovers data breach during scheduled pen-test

The University of Kentucky said it discovered a security breach of one of its test-taking platforms during a scheduled security penetration test carried out by a third party in early June. The breach affected the university’s Digital Driver’s License platform, a web-based portal the university developed in the early 2000s part of an education program […]

Read More

[TheRecord] Disgruntled ransomware affiliate leaks the Conti gang’s technical manuals

A disgruntled member of the Conti ransomware program has leaked today the manuals and technical guides used by the Conti gang to train affiliate members on how to access, move laterally, and escalate access inside a hacked company and then exfiltrate its data before encrypting files. Leaked on an underground cybercrime forum named XSS earlier […]

Read More

[TheRecord] New CISA chief announces Joint Cyber Defense Collaborative with private sector

The new Cybersecurity and Infrastructure Security Agency Director Jen Easterly appealed to the private sector for help fending off digital attackers and announced an initiative called the Joint Cyber Defense Collaborative (JCDC) partnering with major tech and cybersecurity firms Thursday at the Black Hat Security conference. The initial partners in the program are Crowdstrike, Palo […]

Read More

[TheRecord] EU officials investigating breach of Cybersecurity Atlas project

The European Commission is investigating a breach of its Cybersecurity Atlas project after a copy of the site’s backend database was put up for sale on an underground cybercrime forum on Monday. Launched in 2018, the Cybersecurity Atlas is a Yellow-Pages-like contact list of European organizations with cybersecurity expertise. Described on its website as a “knowledge management […]

Read More

[TheRecord] Meet Prometheus, the secret TDS behind some of today’s malware campaigns

A recently discovered cybercrime service is helping malware gangs distribute their malicious payloads to unsuspecting users using a network of hacked websites. Named Prometheus, the service is what security researchers call a “traffic distribution system,” also known as a TDS. How the Prometheus TDS works Consisting of a network of hacked websites, Prometheus provides on-demand servers […]

Read More

[TheRecord] Microsoft announces new ‘Super Duper Secure Mode’ for Edge

Microsoft said today it plans to run an experiment in its Edge web browser where it will intentionally disable an important performance and optimization feature in order to enable more advanced security upgrades in what the company is calling Edge Super Duper Secure Mode. Announced today by Johnathan Norman, Microsoft Edge Vulnerability Research Lead, the idea behind […]

Read More

[TheRecord] Amazon and Google patch major bug in their DNS-as-a-Service platforms

At the Black Hat security conference today, two security researchers have disclosed a security issue impacting hosted DNS service providers that can be abused to hijack the platform’s nodes, intercept some of the incoming DNS traffic, and then map customers’ internal networks. Discovered by Shir Tamari and Ami Luttwak from cloud security company Wiz, the vulnerability highlights the […]

Read More

[TheRecord] White House sees ‘sign’ in new ransomware group’s pledge

A senior White House official on Wednesday said remarks by a new Russia ransomware gang that it wouldn’t target U.S. critical infrastructure is a sign that the administration’s calls for the Kremlin to crack down on cybercriminals is working. In an interview with a Recorded Future analyst published by The Record, representatives from BlackMatter — […]

Read More

[TheRecord] INFRA:HALT vulnerabilities affect OT devices from more than 200 vendors

Security researchers have disclosed today 14 vulnerabilities that impact a popular TCP/IP library commonly used in industrial equipment and Operational Technology (OT) devices manufactured by more than 200 vendors. Collectively referred to as INFRA:HALT, the 14 vulnerabilities have been found as part of a joint research effort by the security teams at Forescout and JFrog. Project […]

Read More

[TheRecord] NSA, CISA publish Kubernetes hardening guide

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published today a 59-page technical report containing guidance for hardening Kubernetes clusters. Initially developed by Google engineers and later open-sourced under the Cloud Native Computing Foundation, Kubernetes is one of today’s most popular container orchestration software. Used primarily inside cloud-based infrastructure, Kubernetes allows […]

Read More