The Coming Storm – Page 3 – Computer Security Articles

Russia Sends Cybersecurity CEO to Jail for 14 Years

July 26, 2023 admin evil corp., Fancy Bear, financial times, Group-IB, gru, ilya sachkov, kaspersky lab, maksim yakubets, max seddon, Ruslan Stoyanov, Sergei Mikhailov, The Coming Storm

Credit to Author: BrianKrebs| Date: Wed, 26 Jul 2023 17:29:40 +0000

The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions.

Independent Krebs

CISA Order Highlights Persistent Risk at Network Edge

June 15, 2023 admin adam boileau, barracuda networks, cisa, cve-2023-27997, cybersecurity and infrastructure security agency, fortinet, fortra, goanywhere, Latest Warnings, Mandiant, moveit transfer, Patrick Gray, progress software, Risky Business podcast, The Coming Storm, Time to Patch

Credit to Author: BrianKrebs| Date: Thu, 15 Jun 2023 15:40:09 +0000

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Independent Krebs

Many Public Salesforce Sites are Leaking Private Data

April 27, 2023 admin A Little Sunshine, charan akiri, dc health, dc health link, huntington bank, Latest Warnings, matthew jennings, mike rupert, salesforce community websites, scott carbee, tcf bank, The Coming Storm, Time to Patch, Vermont

Credit to Author: BrianKrebs| Date: Fri, 28 Apr 2023 02:09:56 +0000

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.

Independent Krebs

3CX Breach Was a Double Supply Chain Compromise

April 24, 2023 admin 3cx, A Little Sunshine, clearsky security, diamond sleet, double supply chain breach, elastic security, ESET, iconicstealer, kaspersky lab, kim zetter, Latest Warnings, MacOS, Mandiant, marc-etienne m.leveille, microsoft, Ne'er-Do-Well News, peter kalnai, Supply chain, The Coming Storm, trading technologies, x_trader, Zero-Day, zinc

Credit to Author: BrianKrebs| Date: Fri, 21 Apr 2023 01:05:44 +0000

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.

Independent Krebs

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

April 11, 2023 admin bharat jogi, cve-2022-37969, cve-2023-28219, cve-2023-28220, cve-2023-28252, dbappsecurity, dustin childs, ios 15.5.7, ios/ipados 16.4.1, macos 12.6.5 and 11.7.6., Mandiant, nokoyawa ransomware, Qualys, Security Tools, The Coming Storm, Time to Patch, trend micro zero day initiative, windows common log system file system

Credit to Author: BrianKrebs| Date: Wed, 12 Apr 2023 00:06:51 +0000

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.

Independent Krebs

Microsoft Patch Tuesday, March 2023 Edition

March 15, 2023 admin cve-2023-23397, cve-2023-24800, dustin childs, immersive labs, kevin breen, microsoft 365 apps for enterprise, microsoft patch tuesday march 2023, Rapid7, Security Tools, The Coming Storm, Time to Patch, Windows SmartScreen, Zero Day Initiative

Credit to Author: BrianKrebs| Date: Wed, 15 Mar 2023 15:19:32 +0000

Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction.

Independent Krebs

Highlights from the New U.S. Cybersecurity Strategy

March 2, 2023 admin A Little Sunshine, ballistic ventures, brian fox, chips act, emotet, executive order (eo) 13984, Internet of Things, Keith Alexander, national cyber investigative joint task force, national cybersecurity strategy 2023, solar winds breach, sonatype, ted schlein, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 03 Mar 2023 01:33:06 +0000

The Biden administration today issued its vision for beefing up the nation’s collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for security. The White House’s new national cybersecurity strategy also envisions a more active role by cloud providers and the U.S. military in disrupting cybercriminal infrastructure, and names China as the single biggest cyber threat to U.S. interests.

Independent Krebs

New Protections for Food Benefits Stolen by Skimmers

February 17, 2023 admin A Little Sunshine, All About Skimmers, consolidated appropriations act of 2023, deborah harris, ebt fraud, ebt skimming, electronic benefits transfer, homeless persons representation project, michelle salomon madaio, The Coming Storm, the massachusetts law reform institute, u.s. department of agriculture

Credit to Author: BrianKrebs| Date: Fri, 17 Feb 2023 21:09:07 +0000

Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes.