What to Expect When You’re Expecting … To Be Hacked

If you interview the IT and security staff of a company that has had a breach, very few of them would say they were expecting to get hacked. These “survivors” are often in a state of disbelief that it has happened to them and suffer from analysis para… Continue reading What to Expect When You’re Expecting … To Be Hacked

Magecart Attack Impacts More Than 10K Online Shoppers

Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit. Continue reading Magecart Attack Impacts More Than 10K Online Shoppers

Today’s Twitter Hack is New Take on “Nigerian Prince” Scam

Don’t send bitcoin to celebrities… or to random people for that matter. This afternoon a number of high profile Twitter accounts were taken over, including Joe Biden, Bill Gates, Elon Musk, Apple, Jeff Bezos, and Kanye West, and the event appears to be ongoing. Each displayed a message saying they …read more

Continue reading Today’s Twitter Hack is New Take on “Nigerian Prince” Scam

REvil gang threaten to auction celebrity data from Mariah Carey, Lebron James, MTV and more

The ransomware gang is threatening to auction celebrities’ legal documents stolen from the law firm it paralyzed in May. Continue reading REvil gang threaten to auction celebrity data from Mariah Carey, Lebron James, MTV and more

Minneapolis Police Website Hacked, Zoom Encryption, eBay Port Scanning

In episode 124 for June 8th 2020: Details on how the Minneapolis Police website may have been hacked, Zoom’s plan to implement end-to-end encryption, and why eBay and other sites may be port scanning your computer. ** Show notes and links mention… Continue reading Minneapolis Police Website Hacked, Zoom Encryption, eBay Port Scanning

Remote Code Execution Deserialization Vulnerability Blocked by Contrast

On May 20, 2020, the National Vulnerability Database (NVD) published a new CVE—CVE-2020-9484. The vulnerability associated with CVE-2020-9484 allows any anonymous attacker with internet access to submit a malicious request to a Tomcat Server… Continue reading Remote Code Execution Deserialization Vulnerability Blocked by Contrast

Examining the Open-source Python Application CVEs That Led to the Cisco Server Breach

Hackers recently exploited two critical vulnerabilities (CVEs) in SaltStack’s “Salt” management framework in order to compromise a handful of servers at Cisco. As defined by the National Vulnerability Database (NVD), the specific CVEs in question… Continue reading Examining the Open-source Python Application CVEs That Led to the Cisco Server Breach

Videoconferencing Is Being Weaponized, Tips on Making Your Meetings More Secure

Zoom, the videoconferencing application that has grown from 10 million users in December to over 200 million today (an increase of 1,900%), is easily the most popular virtual meeting service for businesses, nonprofits, schools, and social groups from a… Continue reading Videoconferencing Is Being Weaponized, Tips on Making Your Meetings More Secure

How Hackers Are Exploiting COVID-19 and What Organizations Can Do About It

Now that many people are working from home due to the coronavirus disease (COVID-19), businesses are facing unprecedented cybersecurity challenges. Unfortunately, among many challenges, hackers are poised to capitalize on the crisis by attacking w… Continue reading How Hackers Are Exploiting COVID-19 and What Organizations Can Do About It

You’ve Been Hacked! Now What?

In episode 110: Tyler Hudak, Incident Response Practice Lead at TrustedSec, joins us to talk about what you should do (and more importantly what you shouldn’t do) if you find out you’ve been hacked! ** Show notes and links mentioned on the … Continue reading You’ve Been Hacked! Now What?