Steve Zurier SC Media

Steve Zurier

Most recent articles by Steve Zurier

Counter IR, island hopping on the rise

The security industry needs to become more clandestine in its approach to incident response, making it harder for attackers to know that they are being tracked. At least that’s what researchers concluded in the fifth installment of VMware Carbon Black’s semi-annual Global Incident Response Threat Report, which also focused heavily on the impact of COVID-19…

Five ways to declaw the Meow bot

While the motivation behind the “Meow” bot attacks is unknown, the menace is still out there wiping out open source databases left unsecured on the internet, prompting Elastic to offer clear steps that organizations can take to safeguard their data. The bot came on the scene about two weeks ago when it was reported that…

Tech workforce in defense and aerospace targeted in latest phishing attack

A phishing lure disguised as a legitimate inquiry by a recruiter for a new job opportunity inserts a malicious template into an attached Word document, which then gathers intelligence on the target, usually a highly-skilled technology worker in the aerospace and defense industries. The attack, dubbed Operation North Star, was discovered by researchers in McAfee’s…

electric power

New York, Siemens to develop cyber Center of Excellence for utilities

Recognizing that the electric utility industry needs an industry-specific response to its cybersecurity challenges, the New York Power Authority (NYPA) and Siemens Energy plan to develop a Cybersecurity Center of Excellence that will focus on building practical security tools for small- and mid-sized utilities. Kenneth Carnes, vice president and CISO at NYPA, said many of…

Broadened CIA cyberattack powers put businesses on alert

The greater business community should be on higher alert for cyberattacks by nation-state actors after the report last week that President Trump signed a “presidential finding” around cyberwarfare that gives the CIA broader powers to launch cyberattacks against U.S. adversaries. After all, following the Stuxnet attack by the U.S. in 2009 the Iranians responded not…

New Tycoon ransomware leverages JIMAGE files, steals PII, encrypts Linux and Windows systems

A new strain of ransomware dubbed Tycoon seeks to take advantage of Java Image (JIMAGE) files that are internal to Java and would typically not raise any red flags for administrators and security managers. The discovery was brought to light by the BlackBerry Research and Intelligence Team in partnership with KPMG’s UK Cyber Response Services,…

Mathway breach latest caper for Shiny Hunters

While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news until late last week, a recent statement by the company says that after receiving a tip, Mathway retained a leading data security firm to investigate and by May 15 confirmed that the company had been…

Next post in Security News