16 Jan 2017

Wide-scale ransom attack against elastic data in progress

“What began with publicly accessible MongoDB databases has grown to include Elasticsearch clusters, and is now reported to be affecting other technologies. The first report of an Elasticsearch cluster being hit appeared on the official support forums on Thursday from a user who was running a test deployment accessible from

Read More
13 Jan 2017

Putin’s DNC Hackers Actively Targeting French Elections

“The same Putin-state backed actors that stole emails from the DNC and John Podesta are targeting campaigns in France in the run up to critical elections in that country. The spear phish campaigns are identical to the attacks that the ‘Fancy Bear’ group launched against the DNC and John Podesta,.” Source:

Read More
13 Jan 2017

Mystery Hackers Blow Up Secret NSA Hacking Tools in ‘Final F–k You’

“A mysterious hacking group has been bedeviling the U.S. intelligence community for months, releasing a tranche of secret National Security Agency hacking tools to the public while offering to sell even more for the right price. Now with barely a week to go before Donald Trump’s inauguration, the self-styled ‘Shadow

Read More
13 Jan 2017

When Cybersecurity Meets Physical Security

“In a recent interview with CNN, the Director of the Secret Service noted that his organization is increasingly focusing on the cyber security of the physical facilities visited by the President of the United States as part of its duty to protect him. This raises the fascinating question of just

Read More
13 Jan 2017

Trump’s cyber-guru Giuliani runs ancient ‘easily hackable website’

“Giulianisecurity.com, the website for the ex-mayor’s eponymous infosec consultancy firm, is powered by a roughly five-year-old build of Joomla! that is packed with vulnerabilities. Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a

Read More
12 Jan 2017

Shadow Brokers Calls It Quits After Failing To Get Buyers For NSA Exploits

“But group says it is still willing to dump its collection of Linux and Windows tools if it gets 10,000 bitcoins. Just days after offering for sale a database of Windows exploits allegedly purloined from an outfit thought to be affiliated with the National Security Agency (NSA), the infamous ShadowBrokers

Read More
12 Jan 2017

Los Angeles Valley College pays $28,000 in bitcoin ransom to hackers

“The Los Angeles Community College District paid a $28,000 ransom in bitcoin last week to hackers who took control of a campus email and computer network until a payment was made.” Source: Los Angeles Valley College pays $28,000 in bitcoin ransom to hackers – LA Times

Read More
12 Jan 2017

Phone-Hacking Firm Cellebrite Got Hacked; 900GB Of Data Stolen

“Israeli firm Cellebrite, the popular company that provides digital forensics tools and software to help law enforcement access mobile phones in investigations, has had 900 GB of its data stolen by an unknown hacker. But the hacker has not yet publicly released anything from the stolen data archive, which includes

Read More
11 Jan 2017

Is DC’s Subway Ready for a Cyberattack?

“It would be an exercise in futility to list the headaches experienced by riders of the Washington Metropolitan Area Transit Authority in recent years.” Source: Is DC’s Subway Ready for a Cyberattack? – Nextgov.com

Read More
11 Jan 2017

Sessions: US Needs Cyber Rules So ‘Price is Paid’ If Breached

“Attorney-general nominee Sen. Jeff Sessions emphasized a need for cyber rules of engagement during the first day of his confirmation hearings.” Source: Sessions: US Needs Cyber Rules So ‘Price is Paid’ If Breached – Nextgov.com

Read More