Microsoft announces Windows 11, with a new design, Start menu, and more. A new version of Windows is officially on the way.
Storage-device maker advises customers to unplug My Book Lives from the Internet ASAP.
Western Digital, maker of the popular My Disk external hard drives, is recommending customers unplug My Book Live storage devices from the Internet until further notice while company engineers investigate unexplained compromises that have completely wiped data from devices around the world.
The mass incidents of disk wiping came to light in this thread on Western Digital’s support forum. So far, there are no reports of deleted data later being restored.
The first mobile phone service, for 80-pound telephones installed in cars, was demonstrated on June 17, 1946, 75 years ago. The evolution of the cell phone illustrates what it takes for technologies to go from breakthrough to big time
This week, a lot from Bruce Schneier
Most US critical infrastructure is run by private corporations. This has major security implications, because it’s putting a random power company in — say — Ohio — up against the Russian cybercommand, which isn’t a fair fight.
When this problem is discussed, people regularly quote the statistic that 85% of US critical infrastructure is in private hands. It’s a handy number, and matches our intuition. Still, I have never been able to find a factual basis, or anyone who knows where the number comes from. Paul Rosenzweig investigates, and reaches the same conclusion.
So we don’t know the percentage, but I think we can safely say that it’s a lot.
A lot of Russian malware — the malware that targeted the Colonial Pipeline, for example — won’t install on computers with a Cyrillic keyboard installed. Brian Krebs wonders if this could be a useful defense. (Bob’s Note – I did this myself, it is quick and easy.)
Loss of revenue, brand and reputation damage, employee layoffs and business closures were some of the effects of a ransomware attack, according to Cybereason.
Commentary: Today’s infrastructure becomes tomorrow’s legacy, but there are ways to build that avoid pitfalls.
Victims in South Korea and the USA, suspects busted in Ukraine.
In May 2021, we observed a threat actor conducting an intrusion utilizing the IcedID payloads for initial access. They later performed a number of techniques from host discovery to lateral movement, using RDP and SMB to access the file servers within an enterprise domain.
IcedID (known as BokBot) first observed in 2017, continues to be an active and capable threat against both individuals and organizations. The IcedID malware utilizes a modular malware framework and incorporates a number of anti-forensic and defense evasion capabilities. This malware has like others before it moved into the initial access broker market being used as an entry point for follow on activity like Cobalt Strike, and has lead to multiple domain wide ransomware deployments such as Revil and Conti. More..
This article describes how the popular Cobalt Strike penetration testing tool is being abused by cybercriminals. Cobalt Strike is a popular tool with cybersecurity professionals. Unfortunately, it’s also utilized by threat actors. New research shows how Cobalt Strike is being weaponized in campaigns deploying malware ranging from the Trickbot banking Trojan to Bazar.