#THIREurope: How Target Improved its Threat Hunting Capabilities

#THIREurope: How Target Improved its Threat Hunting Capabilities A threat hunting team can be better enabled when given the time and interest to focus on what it wants. Speaking at the SANS Institute Threat Hunting and IR Europe conference in London, David Bianco, principal engineer, cybersecurity and Cat Self, lead information security analyst, Target, explained how the threat hunting team was evolved …

TSA Desires “Cybersecurity by Design”

TSA Desires "Cybersecurity by Design" The United States Transport Security Administration (TSA) has publicly announced that it's on a "quest to merge cybersecurity and information technology." Instead of cybersecurity's being an add-on or afterthought, the TSA wants the industry to adopt a culture of "cybersecurity by design" when dreaming up and manufacturing security equipment.  The transport-focused sub-tier of the Department …

Seattle to Host Major New Cybersecurity Event

Seattle to Host Major New Cybersecurity Event The verdant city of Seattle is to host a new three-day event dedicated to cybersecurity and the cloud. CSA SECtember will feature in-depth training sessions, networking opportunities, and the chance to interact with a score of global experts.  The event is the brainchild of global non-profit the Cloud Security Alliance (CSA), which is headquartered …

#THIREurope: APT Groups Now Using Similar Tools in Espionage and Cybercrime Attacks

#THIREurope: APT Groups Now Using Similar Tools in Espionage and Cybercrime Attacks Speaking at the SANS Institute Threat Hunting and IR Europe conference in London, Tom Hall, principal consultant for incident response and Mitch Clarke, incident response consultant UK&I, at Mandiant, talked about lessons learned from the APT41 detection last summer, and how tools are being used by different threat …

St Louis Man Jailed for $12m Tax Refund Scam

St Louis Man Jailed for $12m Tax Refund Scam A St Louis man has been sentenced to four years behind bars for his part in a major identity fraud campaign in which a group claimed over $12m in tax refunds. Babatunde Olusegun Taiwo will spend 48 months in prison plus three years of supervised release and will pay restitution of $889,712, …

Hundreds of Millions of Broadcom Modems “Haunted” by New Bug

Hundreds of Millions of Broadcom Modems “Haunted” by New Bug Security researchers are warning of a new critical vulnerability affecting multiple cable modem manufacturers that use Broadcom chips — exposing hundreds of millions of users to remote attacks. Discovered by three researchers from security consultancy Lyrebirds and an independent, the so-called “Cable Haunt” bug (CVE-2019-19494) is described as a buffer …

National Lottery Hacker Jailed for Nine Months

National Lottery Hacker Jailed for Nine Months A cyber-criminal has been jailed for nine months for committing offences against the National Lottery. Following a National Crime Agency (NCA) investigation, Anwar Batson, 29, of Notting Hill, London, was sentenced at Southwark Crown Court on 10 January. He admitted four offences under the Computer Misuse Act 1990 and one fraud charge. The …

Citrix Admins Urged to Act as PoC Exploits Surface

Citrix Admins Urged to Act as PoC Exploits Surface IT administrators are being urged to put in place mitigations for a serious Citrix vulnerability which the vendor says won’t be patched until next week at the earliest, after proof-of-concept (PoC) exploits were published. The tech giant revealed the CVE-2019-19781 vulnerability in its Citrix Application Delivery Controller (ADC) and Citrix Gateway …

Cyber-Attack Makes Pennsylvania Students Learn “Old School” Style

Cyber-Attack Makes Pennsylvania Students Learn "Old School" Style Students in the Pittsburg Unified School District of Pennsylvania were left without internet access on Monday as the result of a ransomware attack. With schools' internet servers and email compromised, youngsters returning to classes after the winter break were forced to enrich their brains the old-fashioned way, through books and direct teaching.  …

Patients of Hacked US Surgical Company Hit with Ransom Demands

Patients of Hacked US Surgical Company Hit with Ransom Demands Patients of a hacked facial surgery company in Florida are being individually threatened by cyber-criminals, who are demanding money in return for not releasing stolen personal information to the public. The Center for Facial Restoration, Inc. (TCFFR), located in Miramar, became the victim of a cyber-attack in November last year.  …