Doug Olenick SC Media

Doug Olenick

Online Editor

Most recent articles by Doug Olenick

Passwords found being reused

Same story all over again: Microsoft research finds millions of reused passwords

The loud pleas made by the cybersecurity industry, along with the repeated examples of what happens when login credentials are reused, seemingly have fallen on deaf ears as Microsoft found more than 44 million repeated passwords just for its Azure AD and Microsoft Services Accounts. According to a newly published Microsoft Security Intelligence Report, the…

leaking faucet

3,000 affected by Fort Worth water utility data breach

The Fort Worth, Texas Water Department is notifying about 3,000 customers that their payment information may have been exposed during a data breach. The utility reported that payments made between August 27, 2019 and October 23, 2019 were included in the breach and the content exposed included cardholder’s name, credit card billing address, credit card…

data center

Data center provider CyrusOne hit with REvil ransomware: Report

One day after news broke that data center provider CyrusOne was reportedly hit with a combination ransomware/data breach involving the REvil (aka Sodinokibi) ransomware the company issued a statement confirming the incident. Initially, CyrusOne did not release any details, but ZDNet reported the attack took place on December 4. A screenshot of the ransom note…

Cybersecurity’s top line: Enabling revenue growth and market expansion

Today, most companies know cybersecurity diligence is an essential part of doing business. Yet, it may still be a bit of a surprise how extensively cybersecurity has evolved to become an elemental business component that grows revenue and opens doors for market expansion. From contracts and financing to mergers and acquisitions, an organization’s information security…

OAuth vulnerability threatens Azure accounts

There is a vulnerability in specific Microsoft OAuth 2.0 applications that could let an attacker gain access and control of a victim’s Azure account. The flaw was found by Cyberark researchers who noticed that many white-listed OAuth applications, at least 54, automatically trust domains and sub-domains that are not registered by Microsoft so anyone can…

As threats dramatically increase, critical infrastructure cybersecurity training must evolve

The North American Electric Reliability Corporation (NERC) recently posted a document confirming a cyber event that occurred on a western U.S. electrical grid in spring 2019, marking the first cyberattack on an American grid and, more importantly, striking a chord among operators. The case, which is ironically labeled a “lesson” by NERC, is a glaring…

trojan, RAT

Tetris game app used to distribute PyXie Python RAT

A new remote access trojan whose name reminds one of a fairytale and not the potential nightmare it could bring to its victim has been disclosed by Cylance. PyXie Python RAT has been flitting about since 2018 helping deliver ransomware and other malware to the healthcare and education industries. The RAT has been tracked being…

Next post in Malware