Two senior Canadian cabinet ministers have told a parliamentary committee that the government is willing to make changes to its proposed cybersecurity legislation for federally regulated critical infrastructure providers to strengthen the bill. Industry Minister François-Philippe Champagne and Public Safety Minister Dominic LeBlanc made that pledge Thursday before the House of Commons national security committee […]
Category Archives: Security
Auto Added by WPeMatico
Security researchers analyzing the Alpha ransomware payload and modus operandi discovered overlaps with the now-defunct Netwalker ransomware operation. […]
The North Korean hacker collective Lazarus, infamous for having carried out numerous large-scale cryptocurrency heists over the years, has switched to using YoMix bitcoin mixer to launder stolen proceeds. […]
16
Feb
Feb
U.S. takes down Russian botnet of routers. Welcome to Cyber Security Today. It’s Friday, February 16th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S. American authorities have neutralized a botnet of hundreds of compromised small and home office routers that Russia’s military cyber unit used for attacks. This […]
Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups. […]
The theft of tax and employment records of 48,000 of Canadians four years ago was the fault of poor IT authentication security, says the country’s privacy commissioner. Attackers employed credential stuffing using previously stolen usernames and passwords to get into the IT systems of the Canada Revenue Agency (CRA) and Employment and Social Development Canada […]
14
Feb
Feb
The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of […]
Adam Barnett, CVE-2024-21351, CVE-2024-21410, CVE-2024-21412, CVE-2024-21413, Immersive Labs, Kevin Breen, Krebs, Latest Warnings, Microsoft Office, News, Patch Tuesday February 2024, Rapid7, Satnam Narang, Security, Security Tools, Tenable, Time to Patch, trend micro, Windows SmartScreen
Fat Patch Tuesday, February 2024 Edition
13
Feb
Feb
Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412, a “security feature bypass” in the way Windows handles Internet Shortcut […]
09
Feb
Feb
Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from […]
A Little Sunshine, Aleksei Valerievich Safronov, Congressional Research Service, Constella Intelligence, Djamix, DomainTools.com, GRU, Guardia Civil, Krebs, mark rasch, Mazafaka, Meduza, Ne'er-Do-Well News, News, Russia's War on Ukraine, Security, Stalker
From Cybercrime Saul Goodman to the Russian GRU
07
Feb
Feb
In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time […]