Larry Jaffee SC Media | Page 4 of 17

Larry Jaffee

Most recent articles by Larry Jaffee

Garmin expects delays after WastedLocker ransomware attack

Garmin expects its operations to be back up in the next few days, with some delays, after suffering a targeted WastedLocker ransomware attack that reinforced that the best cybersecurity strategy is to prepare for the worst. The smart watch/wearable tech firm admitted on its website the attack encrypted some of its systems on July 23,…

New cryptominer botnet spreads payload, less intrusive

A new cryptocurrency-mining botnet attack called Prometei bypasses detection systems and monetizes its campaigns in less intrusive ways. It is the first time that anyone’s documented a multi-modular botnet, according to Talos, which discovered the botnet and dubbed it “Prometei.” The botnet, which has been active since March, spreads a payload to provide financial benefits…

cloud server

Phishing attack hid in Google Cloud Services

Details of a phishing attack concealed in Google Cloud Services point to a fast-growing trend that has hackers disguising malicious activities in cloud service providers. In a report released today, researchers at Check Point unravel, step-by-step, how even security-savvy professionals could be tricked by a well-disguised ruse, which kicked off with a PDF document containing…

U.K. Covid-19 Test and Trace violated GDPR

The U.K. government violated data privacy regulated Europe’s GDPR by implementing a NHS Test and Trace program to monitor the spread of COVID-19 without also establishing a required Data Protection Impact Assessment (DPIA). Privacy advocacy organization Open Rights Group (ORG) issued a complaint against Public Health England (PHE), which launched the program on May 28,…

Legacy ICS puts critical infrastructure at risk

By using search engines dedicated to scanning all open ports, or scanning the ports themselves, hackers can remotely take control of critical private and public U.S. infrastructure run largely by industrial control systems (ICS) that weren’t built with security in mind. American water and energy providers are particularly vulnerable to cyberattack because their legacy ICSs…

Fake Cisco switches provoked network failures

Counterfeit Cisco devices were behind the failure of an IT company’s network switches last fall after a software upgrade, an investigation has found. Underscoring the security challenges posed by counterfeit hardware, the real-life anecdote prompted the victimized purchaser to commission F-Secure’s hardware security team to perform a thorough analysis of the components. The company discovered that…

Critical SAP flaw puts 40,000 users at risk

More than 40,000 SAP users of an estimated 2,500 internet facing systems should move quickly to patch a Remotely Exploitable Code On NetWeaver (RECON) vulnerability that scored a 10 out of 10 on the bug-severity CVSS scale and which could give an attacker full enterprise control. Noting that “this is the second major Java-based 0-day in…

Next post in Security News