15 Jan 2021

Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data

After a cyberattack on the EMA, the Pfizer and BioNTech COVID-19 vaccine information has been leaked on the internet. The EMa is in charge of the evaluation and supervision of medicinal products in the E.U. In December, threat agencies broke into the server to access COVID-19 vaccine documentation.  The regulatory

Read More
15 Jan 2021

Xiaomi added to US list of alleged Communist Chinese military companies

The United State DoD has added Chinese hardware manufacturers, Xiaomi, to the list of alleged communist chinese military companies. The department of defense is working to counter the People’s Republic of China’s Military-Civil Fusion development strategy. This strategy supports the modernization of the People’s Liberation Army by allowing it access

Read More
08 Jan 2021

Babuk Locker Targets Large Corporations in the New Year

A new ransomware strain has been discovered and named Babuk Locker, just days into the New Year. According to new research by Chuong Dong of Georgia Tech, the ransomware has successfully compromised five companies since its discovery. Dong claims that he first saw the ransomware mentioned in a tweet, and

Read More
08 Jan 2021

Post-Riot, the Capitol Hill IT Staff Faces a Security Mess

After the destructive riots that wreaked havoc on the United States Capitol building on Wednesday, the next issue at hand is mitigating the risks of having demonstrators access government systems. The congressional support staff is dealing with logistics such as cleanup, repairs, and securing the offices and digital systems after

Read More
07 Jan 2021

Nissan Source Code Leaked via Misconfigured Git Server

A misconfigured Git server has resulted in sensitive information pertaining to the company Nissan being leaked. The information exposed in the breach includes the source code of mobile apps, diagnostics tools, market research tools, and sensitive data. The Git server was left publicly exposed with a default username and basic

Read More
06 Jan 2021

Crypto-Hijacking Campaign Leverages New Golang RAT

An emerging operation leverages a new Remote Access Tool (RAT) that is designed to steal crypto-currency from users. Since January 2020, ElectroRAT, as named by Intezer, has been active in a full marketing campaign complete with applications, social media accounts and websites. The RAT is written in Golang and is

Read More
06 Jan 2021

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

SolarWinds and some of its executives have been accused of lying to shareholders about its security. In a class-action lawsuit filed by shareholders Solarwinds, outgoing CEO Keven Thompson, and CFO Barton Kalso are named as defendants. The suit claims that there were false and misleading statements made from the company

Read More
06 Jan 2021

Telegram Triangulation Pinpoints Users’ Exact Locations

Telegram’s “people nearby” feature can be used to reveal a user’s precise location, according to bug-hunter Ahmed Hassan. The feature allows users of the secure messaging app to see who’s around them, however, it has been compromised by a severe security flaw. Hassan states that although you must enable the

Read More
06 Jan 2021

What Executive’s Need To Know About The White House’s New Space Policy

White House released the National Space Policy, declaring that we must maintain “unfettered access to, and freedom to operate in, space” as a vital National interest.  This policy commits the United States to following six guiding principles. This post captured relevant parts of this strategy in a way that can help inform your strategy.

Read More
05 Jan 2021

Chinese APT Group Linked to Ransomware Attacks

Chinese threat actor group APT27 (also known as Emissary Panda) and Winnti have been identified as the culprit behind multiple ransomware attacks against firms last year. New research from Security Joes and Pro reveals how they found the threat actors behind the attacks after investigating an incident in which ransomware

Read More