Teri Robinson SC Media
Teri Robinson

Teri Robinson

Executive Editor

Most recent articles by Teri Robinson

Pompeo in China

US expands Clean Network to protect COVID-19 vaccine research from China

As concerns mount over China’s efforts to swipe intellectual property from U.S. companies – most recently COVID-19 vaccine research – the State Department has expanded its Clean Network program to protect U.S. critical telecommunications and technology infrastructure. Among the key objectives is to push vaccine research and other sensitive information to secured clouds. The programs…

Coordinated attack on Reddit spreads pro-Trump messaging

In a coordinated attack against Reddit that underscored the importance of multifactor authentication hackers compromised moderator accounts and led to numerous subreddit accounts being vandalized and defaced with pro-Trump messaging. Reddit acknowledged the “ongoing incident” and said it is “working on locking down the bad actors and reverting the changes.” The platform administrators called for…

Regulators levy $80 million fine, hammer Capital One for massive breach

Bank regulators dropped the hammer on Capital One, with the Office of the Comptroller of the Currency (OCC) levying an $80 million fine and the Federal Reserve filing a cease and desist order that specified what the steps the bank needed to take to redeem itself after a massive data breach in 2019 that compromised…

Lesson learned: Failure to patch led to password leak of 900 VPN enterprise servers

Applying a security update to a CVE released more than a year ago could have prevented a hacker from publishing plaintext usernames and passwords, as well as IP addresses, for more than 900 Pulse Secure VPN enterprise servers. “The lesson here? Patch, patch, patch,” said Laurence Pitt, global security strategy director at Juniper Networks. “The…

China targets networks with new Taidoor malware attacks

Wielding a new remote access trojan (RAT) dubbed Taidoor, Chinese government-supported hackers are behind a series of cyberespionage campaigns. Although it offered no details on the possible targets, CISA warned of the malware variants, noting that “the FBI has high confidence that Chinese government actors are using [them] in conjunction with proxy servers to maintain…

Feds arrest teen Twitter hack leader, accomplices

The ringleader of the Twitter breach that used prominent accounts to run a cryptocurrency scam turns out to be a 17-year-old in Tampa arrested earlier today. Two accomplices, Nima Fazeli, 22, of Orlando and Mason Sheppard, 19, in the U.K., known as Rolex and Chaewon, respectively, were also arrested in the scheme that took over…

Twitter hackers duped employees with phone spear phishing scam

Hackers who briefly commandeered high-profile Twitter accounts to perpetuate a cryptocurrency scam used a phone spear phishing attack to get into to the social media platform’s internal network as well as to “specific employee credentials” to access internal support tools. Not all of the small group of “employees that were initially targeted had permissions to…

Nefilim gang leaks files stolen from Dussmann Group subsidiary

By now, it’s a familiar refrain, ransomware operators publishing documents after pinching them from a vulnerable company – this time the victim was a subsidiary of Germany’s Dussmann Group, a sprawling multiservice provider, and the attacker, Nefilim’s operators. The ransomware gang pinched files, including AutoCAD drawings, Word documents and accounting docs from refrigerator specialist  Dresdner…

SEI Investments customer data exposed in ransomware attack on vendor

A May ransomware attack on M.J. Brunner Inc. exposed data pertaining to clients of SEI Investments Co., among them money managers like Pacific Investment Management Co. (Pimco), Fortress Investment Group LLC and Centerbridge Partners. SEI Investments said in a statement that the attack was not the result of any flaw in its network. Instead, the…

Cisco patches severe traversal vulnerability exploited in wild

Cisco is urging organizations to implement its patch for a high severity directory traversal vulnerability that affected the web services interface of the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software firewall products and which is being actively exploited in the wild. The vulnerability, CVE-2020-3452, stems from the “lack of…

Next post in Vulnerabilities