At the Intersection of Technology and Real Life

Cyberpunk 2077 Patch 1.1 arrives on Stadia, bringing many stability fixes

Michael York Reading, PA 9 to 5 Google, Syndicated Stories

Though Cyberpunk 2077 was a hotly anticipated title ahead of its launch, the game was swiftly found to be a bit of a mess. Today, CD Projekt Red has released Patch 1.1 for Cyberpunk 2077, bringing many stability fixes to all platforms, including Stadia.

more…

The post Cyberpunk 2077 Patch 1.1 arrives on Stadia, bringing many stability fixes appeared first on 9to5Google.

Read original article here

Latest Headlines

Adoption Moved to Facebook and a War Began

4 March 2021

As the adoption industry migrates to social media, regretful adoptees and birth mothers are confronting prospective parents with their personal pain—and anger. [...]

How a Hashtag Went Viral—and Incited a Military Intervention

2 March 2021

In 2014, more than 200 Nigerian schoolgirls were kidnapped. It hardly made global headlines, until the Twitter masses brought it all the way to the White House. [...]

2034, Part VI: Crossing the Red Line

2 March 2021

“Eventually, the Americans would find them. But by then it would be too late.” [...]

Sex Tapes, Hush Money, and Hollywood’s Economy of Secrets

25 February 2021

Meet Kevin Blatt, the celebrity fixer who’s a master at shepherding compromising material off the internet—or into the hands of the highest bidder. [...]

How to Remember a Disaster Without Being Shattered by It

23 February 2021

Margaret McKinnon survived a midair catastrophe, then became a major researcher of memory and trauma. Now she’s studying how the pandemic will haunt us. [...]

2034, Part V: Sailing Into Darkness

23 February 2021

“Somewhere in that black hole was the Chinese fleet. She would be expected to find and destroy it.” [...]

The LA Musician Who Designed a Microphone for Mars

17 February 2021

How an obsession with space led to a partnership on the Perseverance rover—and the chance we could finally hear what our planetary neighbor sounds like. [...]

2034, Part IV: The Spratly Islands Ambush

16 February 2021

“In a thousand years America won’t be remembered as a country, but simply as a fleeting moment.” [...]

Premature Babies and the Lonely Terror of a Pandemic NICU

11 February 2021

Baby Olivia weighed 1 pound, 10 ounces. Her doctors faced a stressful paradox: giving her the healing power of a parent's touch, while keeping the virus out. [...]

2034, Part III: One Left to Tell the Tale

9 February 2021

“When the planes didn't attack, a silence fell over the crew. Why didn't they finish the job?” [...]

The Week in Ransomware - March 5th 2021 - Targeting service providers

5 March 2021

This week we have seen ransomware attacks targeting online service providers and MSPs to not only encrypt the victim but also cause significant outages for their customers. [...]

US indicts John McAfee for cryptocurrency fraud, money laundering

5 March 2021

US federal prosecutors have charged John McAfee, founder of cybersecurity firm McAfee, and his executive advisor Jimmy Gale Watson Jr for cryptocurrency fraud and money laundering. [...]

New ransomware only decrypts victims who join their Discord server

5 March 2021

A new ransomware called 'Hog' encrypts users' devices and only decrypts them if they join the developer's Discord server. [...]

SITA data breach affects millions of travelers from major airlines

5 March 2021

Passenger data from multiple airlines around the world has been compromised after hackers breached servers belonging to SITA, a global information technology company. [...]

Chrome extension turns on YouTube captions when eating noisy chips

5 March 2021

A new AI-powered Google Chrome extension will automatically turn on YouTube extensions if it detects you are eating noisy chips. [...]

Microsoft: Exchange updates can install without fixing vulnerabilities

5 March 2021

Due to the critical nature of recently issued Microsoft Exchange security updates, admins need to know that the updates may have installation issues on servers where User Account Control (UAC) is enabled. [...]

Ongoing phishing attacks target US brokers with fake FINRA audits

5 March 2021

The US Financial Industry Regulatory Authority (FINRA) has issued a regulatory notice warning US brokerage firms and brokers of an ongoing phishing campaign using fake compliance audit alerts to harvest information. [...]

Supermicro, Pulse Secure release fixes for 'TrickBoot' attacks

5 March 2021

Supermicro and Pulse Secure have released advisories warning that some of their motherboards are vulnerable to the TrickBot malware's UEFI firmware-infecting module, known as TrickBoot. [...]

CompuCom MSP hit by DarkSide ransomware cyberattack

4 March 2021

US managed service provider CompuCom has suffered a DarkSide ransomware attack leading to service outages and customers disconnecting from the MSP's network to prevent the spread of malware. [...]

How a pair of smart insoles made me a better runner - CNET

6 March 2021

My month-long review of the Nurvv Run insoles that can turn any running shoe into a fitness tracker. [...]

My love affair with chili crisp, savior of oatmeal, caviar and my soul - CNET

6 March 2021

A spicy condiment connected me with friends during a year of isolation. Come aboard my chili crisp time machine. [...]

Best graphics card for 2021: top GPUs for gamers and creatives - CNET

6 March 2021

Picking a new AMD or Nvidia graphics card can be overwhelming. We'll help you get started with everything you need to know. [...]

Paramount Plus vs. Netflix vs. HBO Max vs. Disney Plus vs. Discovery Plus: How the streamers stack up - CNET

6 March 2021

Your options for streaming are only growing. We compare some of the newest to the most familiar. [...]

Best e-bike for 2021 - CNET

6 March 2021

These electric bikes will help you get around while public transit is limited. And we've got picks for almost any budget. [...]

LastPass vs. 1Password: Which password manager is best for price and privacy? - CNET

6 March 2021

If you're looking for a new password manager, we compare two popular options, especially now that LastPass is changing its pricing structure. [...]

The best keto meal delivery for 2021 - CNET

6 March 2021

These keto meal kits and prepared meal services are perfect for a low-carb lifestyle. [...]

Best iPhone 2021: Apple currently sells 7 different models. Here's how to pick one - CNET

6 March 2021

Apple sells phones from as low as $399 to as high as $1,399. We're here to help you find the best one for your needs and budget. [...]

Apple finally stole my heart from the Google Pixel with this iPhone camera feature - CNET

6 March 2021

ProRaw photos are making the iPhone better for photography enthusiasts like me. [...]

'Zoom fatigue' is apparently a real thing, and there are 4 main culprits - CNET

6 March 2021

It's not your imagination: All those hours of video calls take more of a toll on your brain and body than regular office work. Now scientists say they know why -- and what to do to avoid it. [...]

Microsoft Exchange Server Exploits Hit Retail, Government, Education

5 March 2021

Mandiant researchers identify a range of victims affected in attacks targeting newly reported Microsoft Exchange Server vulnerabilities. [...]

Microsoft Adopted an 'Aggressive' Strategy for Sharing SolarWinds Attack Intel

5 March 2021

Rob Lefferts, corporate vice president for Microsoft 365 Security in Security and Compliance, explains the company's approach to keeping its customers and the industry apprised and updated on its findings from the now-infamous attack. [...]

5 Ways Social Engineers Crack Into Human Beings

5 March 2021

These common human traits are the basic ingredients in the con-man's recipe for trickery. [...]

Realistic Patch Management Tips, Post-SolarWinds

5 March 2021

Patch management and testing are different, exactly the same, and completely out of hand. Here are tips from the experts on how to wrangle patches in a time of malicious software updates. [...]

On International Women's Day 2021, Does the 'Rule of Steve' Still Apply? Yes.

5 March 2021

On International Women's Day 2021, gender diversity has improved in cybersecurity, but there is still a long way to go. [...]

Encrypted Traffic Strategies

5 March 2021

[...]

Make Sure That Stimulus Check Lands in the Right Bank Account

5 March 2021

If you haven't already, it's time to build trust relationships with your financial institutions, using strong security, privacy protections and secure, unique user credentials. [...]

Business Apps Spoofed in 45% of Impersonation Attacks

4 March 2021

Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks. [...]

Healthcare Still Seeing High Level of Attacker Activity

4 March 2021

Interest in vaccines is driving all sorts of activity, reports say, from vaccine-specific phishing to growing bot traffic on healthcare sites. [...]

Microsoft, FireEye Uncover More Malware Used in the SolarWinds Campaign

4 March 2021

Newly discovered tools were designed for late-stage use after the attackers had already established a relatively firm presence on a breached network, vendors say. [...]

GitHub Hires Former Cisco Executive Mike Hanley as Chief Security Officer

24 February 2021

Software development platform GitHub announced on Wednesday that it has hired Mike Hanley as its new Chief Security Officer (CSO). [...]

Reddit Names Allison Miller as Chief Information Security Officer (CISO)

23 February 2021

Social news community site Reddit announced has hired Allison Miller as Chief Information Security Officer (CISO) and VP of Trust. [...]

SecurityWeek Names Ryan Naraine as Editor-at-Large

19 January 2021

SecurityWeek has named Ryan Naraine as Editor-at-Large, adding a veteran cybersecurity journalist and podcaster to its editorial team. [...]

Why Cyber Security Should Be at the Top of Your Christmas List

17 December 2020

To take advantage of emerging trends in both technology and cyberspace, businesses need to manage risks in ways beyond those traditionally handled by the information security function. [...]

United States Federal Government’s Shift to Identity-Centric Security

17 December 2020

Governments are increasingly facing new legislation, standards, frameworks, and policies to protect critical and sensitive information. [...]

How Extreme Weather Will Create Chaos on Infrastructure

21 October 2020

Extreme weather events will soon become more frequent and widespread, devastating areas of the world that typically don’t experience them and amplifying the destruction in areas that do. [...]

BSIMM11 Observes the Cutting Edge of Software Security Initiatives

21 October 2020

In addition to helping an organization start an SSI, the BSIMM also gives them a way to evaluate the maturity of their SSI. [...]

Sustaining Video Collaboration Through End-to-End Encryption

21 October 2020

By infusing end-to-end encryption into any video strategy, it ensures not only the sustainability of the channel, but the businesses that rely on it. [...]

Will Robo-Helpers Help Themselves to Your Data?

8 September 2020

Are you sure that your robo-helpers are secure? [...]

Securing the Hybrid Workforce Begins with Three Crucial Steps

2 September 2020

The global shift to a remote workforce has redefined the way organizations structure their business models. [...]

Safety PSA: Don't use these cheap 'universal' adapters

6 March 2021

They're deathtraps, in more ways than one. [...]

iOS 14 tips and tricks: Six useful Settings app features

6 March 2021

There are a lot of cool features built into iOS. The problem is, Apple doesn't give you a manual! [...]

Brazil's Court of Auditors demands digital transformation plans from government bodies

5 March 2021

About 100 agencies must submit a strategy with timescales within three months; current situation is described as "unacceptable" [...]

Why the mainframe is alive and thriving

5 March 2021

Mainframes are still going strong after 70 years. [...]

What is cyber insurance? Everything you need to know about what it covers and how it works

5 March 2021

Cyber insurance is becoming increasingly popular. But what does it cover, what doesn't it cover and what should you be looking for when deciding on a policy? [...]

Zigbee inside the Mars Perseverance Mission and your smart home

5 March 2021

ZDNet talks with Tobin Richardson, CEO of Zigbee Alliance, about wireless networking on Mars and the future of smart homes. [...]

Microsoft: We've found three more pieces of malware used by the SolarWinds attackers

5 March 2021

Microsoft and FireEye have identified a new "elegant" backdoor used by the SolarWinds attackers. [...]

Raspberry Pi: The pocket-money priced $4 Pico nears one million orders in just two months

5 March 2021

Raspberry Pi Pico is selling like hotcakes, and at about the same price as them too. [...]

Microsoft is opening a new Azure cloud computing region in China

5 March 2021

The cloud computing giant has announced it is opening a new region in China, as the country's demand for cloud services booms. [...]

Samsung says moms working from home should be enjoying it (seriously)

5 March 2021

Working from home should be entertaining for parents. All you need, says Samsung, is a happy countenance and a sleepy child. Oh, and a Galaxy Tab S7. [...]

Cloud Clarity: Adding Security and Control to the AWS Shared Responsibility Model

5 March 2021

Have your security team members ever made a mistake in the cloud? Human error happens and it can take on many forms. But, none are as serious as failing to understand the way cloud defenses work. If a mistake does come to mind, be reassured you’re not alone. Seven in 10 organizations suffered a public […] The post Cloud Clarity: Adding Security and Control to the AWS Shared Responsibility Model appeared first on Security Intelligence. [...]

How Enterprise Design Thinking Can Improve Data Security Solutions

4 March 2021

“Design must reflect the practical and aesthetic in business, but above all … good design must primarily serve people,” said Thomas J. Watson, a man synonymous with IBM. To no one’s surprise, he was a proponent of good enterprise design. Design must serve people. It simply makes sense that a well-designed product can meet the […] The post How Enterprise Design Thinking Can Improve Data Security Solutions appeared first on Security Intelligence. [...]

The Shift to E-Commerce: How Retail Cybersecurity is Changing

4 March 2021

With more people making purchases from home, now is a more important time than ever to secure your business against retail security threats. More and more customers are moving to online orders with gradual growth accelerated by five years in 2020 alone. Take a look at retail cybersecurity risks and how to protect against them. […] The post The Shift to E-Commerce: How Retail Cybersecurity is Changing appeared first on Security Intelligence. [...]

Don’t Speed Past Better Cloud App Security

3 March 2021

They say you can only have two of three — fast, good and cheap. When it comes to developing cloud-based applications, I think that a fourth criteria should be added: secure. But, I honestly don’t think that this common advice to project managers who work in today’s market. Successful developers who take cloud app security […] The post Don’t Speed Past Better Cloud App Security appeared first on Security Intelligence. [...]

A More Effective Approach to Combating Software Supply Chain Attacks

3 March 2021

Software supply chain attacks are not new, but as we’ve seen recently, if executed successfully they can have huge payoffs for sophisticated attackers. Detecting malicious code inserted into a trusted vendor’s security updates is extremely difficult to do at scale, and for most organizations, impractical given the time required to analyze updates vs. the increased […] The post A More Effective Approach to Combating Software Supply Chain Attacks appeared first on Security Intelligence. [...]

Cybersecurity Trends and Emerging Threats in 2021

3 March 2021

The year 2021 is finally here, bringing with it the promise of a brighter future — but a long road ahead. In this piece, we’ll dive into five cybersecurity trends that pose significant potential risk in 2021 and offer practical advice to help entities reduce overall risk. The first quarter of 2021 represents a cybersecurity […] The post Cybersecurity Trends and Emerging Threats in 2021 appeared first on Security Intelligence. [...]

‘Clear and Present Danger’: Why Cybersecurity Risk Management Needs to Keep Evolving

2 March 2021

The phrase ‘future-proof’ is seductive. We want to believe technology prepares us for the future. But with threat actors and developers in an arms race to breach and protect, cybersecurity risk — and cybersecurity risk management — are always changing. As a recent report by World Economic Forum shows, businesses and other entities should know […] The post ‘Clear and Present Danger’: Why Cybersecurity Risk Management Needs to Keep Evolving appeared first on Security Intelligence. [...]

Cybersecurity Gaps and Opportunities in the Logistics Industry

2 March 2021

Shipping and logistics is, in many ways, the backbone of our lives and businesses. What business doesn’t benefit from fresh food or a timely delivery? Unfortunately, this industry is open to cyberattacks just like anyone else. Luckily, groups in the trucking and logistics industry aren’t powerless to address these challenges. Check out how you can […] The post Cybersecurity Gaps and Opportunities in the Logistics Industry appeared first on Security Intelligence. [...]

Offboarding: A Checklist for Safely Closing an Employee’s Digital Doors

1 March 2021

Three years after I left my former job, I got an official letter telling me the organization suffered a data breach. My personal information was at risk of identity theft. I shouldn’t have been surprised. That job’s offboarding process hadn’t been the best. For years after leaving, I had access to my email and to […] The post Offboarding: A Checklist for Safely Closing an Employee’s Digital Doors appeared first on Security Intelligence. [...]

Developers vs. Security: Who is Responsible for Application Security?

1 March 2021

Call it the blame game or just a vicious circle. The long-standing tension between developers and IT security experts is not easing anytime soon. Each side blames the other for security risks in application security and other areas, but digital defense overall will suffer unless the two sides come together. We spoke to Vikram Kunchala, […] The post Developers vs. Security: Who is Responsible for Application Security? appeared first on Security Intelligence. [...]

Software Icon McAfee Charged in Cryptocurrency Scam

5 March 2021

The creator off McAfee computer security software faces charges he cashed in on a "pump-and-dump" scheme, promoting cryptocurrencies on Twitter to drive up their value. read more [...]

Thousands of Mobile Apps Expose Data via Misconfigured Cloud Containers

5 March 2021

Thousands of mobile applications expose user data through insecurely implemented cloud containers, according to a new report from security vendor Zimperium. read more [...]

Ransomware Takedowns Underscore Need for Private-Public Cybersecurity Collaboration

5 March 2021

The recent disruption of Emotet, conducted by a worldwide coalition of law enforcement agencies, has huge significance. There are the obvious cybersecurity implications of disrupting what’s been called the “most dangerous malware in the world,” but it’s also a strong reminder of the importance of public and private collaboration in fighting cybercrime. read more [...]

Multiple Airlines Impacted by Data Breach at Aviation IT Firm SITA

5 March 2021

SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack that appears to have impacted multiple airlines around the world. read more [...]

NSA, DHS Issue Guidance on Protective DNS

5 March 2021

The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this week published joint guidance on Protective DNS (PDNS). Designed to translate domain names into IP addresses, the Domain Name System (DNS) is a key component of Internet and network communications. read more [...]

Report: Russian Hackers Exploit Lithuanian Infrastructure

5 March 2021

Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used the Baltic nation’s technology infrastructure as a base to hit targets elsewhere, a report by Lithuania’s intelligence service said Thursday. read more [...]

Supermicro, Pulse Secure Respond to Trickbot's Ability to Target Firmware

5 March 2021

Server and storage technology giant Supermicro and secure access solutions provider Pulse Secure have issued advisories to inform users that some of their products are vulnerable to the Trickbot malware’s ability to target firmware. read more [...]

Three New Malware Strains Linked to SolarWinds Hackers

5 March 2021

Microsoft and cybersecurity firm FireEye on Thursday published blog posts detailing several new pieces of malware that they believe are linked to the hackers behind the supply chain attack targeting Texas-based IT management solutions provider SolarWinds. read more [...]

South Africa Opposes WhatsApp-Facebook Data Sharing

5 March 2021

South Africa's information regulator has protested WhatsApp's plans to share user data with Facebook, vowing to engage directly with the popular messaging app to ensure its compliance to national privacy laws. read more [...]

Someone Is Hacking Cybercrime Forums and Leaking User Data

5 March 2021

Since the beginning of this year, an unknown threat actor has been hacking cybercrime forums and leaking user data publicly or offering it for sale. read more [...]

VC Lindy Fishburne on the seemingly sudden democratization of science

6 March 2021

Deep science investor Lindy Fishburne cofounded the seed- and early-stage venture firm Breakout Ventures several years ago, after cofounding Breakout Labs within the Thiel Foundation back in 2011, and she has amassed a wide array of stakes in the process. Among her firm’s portfolio companies is Cortexyme, a company that aims to treat Alzheimer’s disease; […] [...]

A first look at Coursera’s S-1 filing

5 March 2021

After TechCrunch broke the news yesterday that Coursera was planning to file its S-1 today, the edtech company officially dropped the document Friday evening. Coursera was last valued at $2.4 billion by the private markets, when it most recently raised a Series F round in October 2020 that was worth $130 million. Coursera’s S-1 filing […] [...]

Snowflake latest enterprise company to feel Wall Street’s wrath after good quarter

5 March 2021

Snowflake reported earnings this week, and the results look strong with revenue more than doubling year-over-year. However, while the company’s fourth quarter revenue rose 117% to $190.5 million, it apparently wasn’t good enough for investors, who have sent the company’s stock tumbling since it reported Wednesday after the bell. It was similar to the reaction […] [...]

The owner of Anki’s assets plans to relaunch Cozmo and Vector this year

5 March 2021

Good robots don’t die — they just have their assets sold off to the highest bidder. Digital Dream Labs was there to sweep up IP in the wake of Anki’s premature implosion, back in 2019. The Pittsburgh-based edtech company had initially planned to relaunch Vector and Cozmo at some point in 2020, launching a Kickstarter […] [...]

Deep Science: AI adventures in arts and letters

5 March 2021

There's more AI news out there than anyone can possibly keep up with, but you can stay tolerably up to date on the most interesting developments with this column. [...]

How the Biden administration is approaching crypto regulations

5 March 2021

Given the chaos created by the Trump administration, bitcoin fans are anxiously optimistic about how regulators will approach the cryptocurrency space during President Joe Biden’s administration. [...]

Tesla has closed its forums to launch a social platform and fans are not happy

5 March 2021

Tesla plans to shut down the forums section on its website as it launches a new social platform called the Tesla Engagement Platform, a move that’s raised the ire of a community of its most ardent supporters. Tesla first announced the new engagement platform with a notice at the top of its forums page that […] [...]

California bill would require all self-driving vehicles to be zero emission by 2025

5 March 2021

California might be the first state to give self-driving cars a deadline to electrify. In mid-February, a bill was quietly introduced into the California State Legislature that would require all autonomous vehicles to also be zero emission by 2025. Proposed Bill SB 500, which was introduced by Senator Dave Min and sponsored by the Union […] [...]

How and when to hire your first product manager

5 March 2021

In the world of early-stage startups, job titles are often a formality. In reality, each employee may handle a dozen responsibilities outside their job description. The choose-your-own-adventure type of work style is part of the magic of startups and often why generalists thrive here. However, as a company progresses and the team grows, there comes […] [...]

UK’s MHRA says it has ‘concerns’ about Babylon Health — and flags legal gap around triage chatbots

5 March 2021

The U.K.’s medical device regulator has admitted it has concerns about VC-backed AI chatbot maker Babylon Health. It made the admission in a letter sent to a clinician who’s been raising the alarm about Babylon’s approach toward patient safety and corporate governance since 2017. The HSJ reported on the MHRA’s letter to Dr. David Watkins […] [...]

Bug in Apple's Find My Feature Could've Exposed Users' Location Histories

5 March 2021

Cybersecurity researchers on Thursday disclosed two distinct design and implementation flaws in Apple's crowdsourced Bluetooth location tracking system that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, thereby by deanonymizing users. The findings are a consequence of an exhaustive review undertaken by the Open Wireless Link ( [...]

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

5 March 2021

As cloud computing continues to grow, Google Cloud is quickly becoming one of the most popular solutions. However, relatively few engineers know this platform well. This leaves the door open for aspiring IT professionals who take the official exams. The Google Cloud Certifications Practice Tests + Courses Bundle helps you get certified faster, with 43 hours of video content and over 1,000 [...]

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

5 March 2021

In what's a case of hackers getting hacked, a prominent underground online criminal forum by the name of Maza has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year. The intrusion is said to have occurred on March 3, with information about the forum members — including usernames, email addresses, and hashed passwords — publicly [...]

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

5 March 2021

FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a "sophisticated second-stage backdoor," as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat actor's tactics and techniques. Dubbed GoldMax (aka SUNSHUTTLE), GoldFinder, and Sibot, the new set of [...]

Google Will Use 'FLoC' for Ad Targeting Once 3rd-Party Cookies Are Dead

5 March 2021

Signaling a major shift to its ads-driven business model, Google on Wednesday unequivocally stated it would not build alternate identifiers or tools to track users across multiple websites once it begins phasing out third-party tracking cookies from its Chrome browser by early 2022. "Instead, our web products will be powered by privacy-preserving APIs which prevent individual tracking while [...]

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

5 March 2021

Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance (FTA) server were exploited to steal sensitive business documents. As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared [...]

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

5 March 2021

Following Microsoft's release of out-of-band patches to address multiple zero-day flaws in on-premises versions of Microsoft Exchange Server, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive warning of "active exploitation" of the vulnerabilities. The alert comes on the heels of Microsoft's disclosure that China-based hackers were [...]

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

3 March 2021

Cybercriminals are now deploying remote access Trojans (RATs) under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Talos reveals a new malware campaign targeting organizations in South Asia that utilize malicious [...]

Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams

3 March 2021

The attack surface is virtually expanding before our eyes. Protecting assets across multiple locations, with multiple solutions from different vendors, has become a daily concern for CISOs globally. In a new e-book recently published (download here), CISOs with small security teams talk about the drivers for replacing their EDR/NGAV solutions with an Autonomous XDR solution and why they believe [...]

A $50,000 Bug Could've Allowed Hackers Access Any Microsoft Account

3 March 2021

Microsoft has awarded an independent security researcher $50,000 as part of its bug bounty program for reporting a flaw that could have allowed a malicious actor to hijack users' accounts without their knowledge. Reported by Laxman Muthiyah, the vulnerability aims to brute-force the seven-digit security code that's sent to a user's email address or mobile number to corroborate his (or her) [...]

Episode 205 – Google’s Camille Stewart: InfoSec’s Lack of Diversity is a Cyber Risk

26 February 2021

In this interview, Camille Stewart, Google’s Head of Security Policy for Google Play and Android explains how understanding how systemic racism influences cyber security is integral to protecting the American people and defending the country from cyber adversaries. The post Episode 205 – Google’s Camille Stewart: InfoSec’s Lack of...Read the whole entry... » Related StoriesEpisode 192: It’s Showtime! Are Local Governments Ready To Turn Back Election Hacks?Episode 203: Don’t Hack The Water and Black Girls Hack Founder Tennisha MartinEpisode 202: The Byte Stops Here – Biden’s Cyber Agenda [...]

Exclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted

22 February 2021

A serious flaw in Zoom’s Keybase secure chat application left copies of images contained in secure communications on Keybase users’ computers after they were supposedly deleted. The post Exclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted appeared first on The Security Ledger. Related StoriesEpisode 201: Bug Hunting with Sick CodesEpisode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI ChaosDHS Looking Into Cyber Risk from TCL Smart TVs [...]

Episode 204: Josh Corman of CISA on securing the Vaccine Supply Chain

18 February 2021

Joshua Corman, the Chief Strategist for Healthcare and COVID on CISA’s COVID Task Force, joins us to talk about the myriad of cyber threats facing healthcare and the vaccine distribution system and how the federal government is working to counter them. The post Episode 204: Josh Corman of CISA on securing the Vaccine Supply Chain appeared first...Read the whole entry... » Related StoriesEpisode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware!Episode 194: What Happened To All The Election Hacks?Episode 195: Cyber Monday Super Deals Carry Cyber Risk [...]

Episode 203: Don’t Hack The Water and Black Girls Hack Founder Tennisha Martin

15 February 2021

In this episode of the Security Ledger Podcast (#203) we talk about the apparent hack of a water treatment plant in Oldsmar Florida with Frank Downs of the firm BlueVoyant. In our second segment: is infosec’s lack of diversity a bug or a feature? Tennisha Martin of Black Girls Hack joins us to talk about the many obstacles that black women face...Read the whole entry... » Related StoriesEpisode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware!Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI ChaosEpisode 198: Must… [...]

Episode 202: The Byte Stops Here – Biden’s Cyber Agenda

5 February 2021

Even before Solar Storm, Joe Biden had made it clear that a cyber security reset was needed. But what will that reset look like? To understand a bit better what might be in store in the months ahead we devoted this episode of the podcast to interviewing three experts on federal IT security and cyber defense. The post Episode 202: The Byte Stops...Read the whole entry... » Related StoriesEpisode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware!Episode 199 COVID’s Other Legacy: Data Theft and Enterprise InsecurityEpisode 194: What Happened To All The Election Hacks? [...]

Episode 201: Bug Hunting with Sick Codes

29 January 2021

The work of vulnerability research has changed a lot in the last two decades. In this episode, Security Ledger Podcast host Paul Roberts chats with the independent researcher known as “Sick Codes” about the growing risk of open source supply chain hacks, his method for bug hunting and what projects are in the pipeline for 2021. The post ...Read the whole entry... » Related StoriesEpisode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI ChaosEpisode 195: Cyber Monday Super Deals Carry Cyber RiskDHS Looking Into Cyber Risk from TCL Smart TVs [...]

Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI Chaos

22 January 2021

In this episode of the podcast (#200), sponsored by Digicert: John Jackson, founder of the group Sakura Samurai talks to us about his quest to make hacking groups cool again. Also: we talk with Avesta Hojjati of the firm Digicert about the challenge of managing a growing population of digital certificates and how automation may be an answer. The...Read the whole entry... » Related StoriesEpisode 201: Bug Hunting with Sick CodesEpisode 195: Cyber Monday Super Deals Carry Cyber RiskEpisode 198: Must Hear Interviews from 2020 [...]

Researchers Test UN’s Cybersecurity, Find Data on 100k

11 January 2021

Independent security researchers testing the security of the United Nations were able to compromise public-facing servers and a cloud-based development account for the U.N. and lift data on more than 100,000 staff and employees, according to a report released Monday. The post Researchers Test UN’s Cybersecurity, Find Data on 100k appeared first...Read the whole entry... »Related StoriesExclusive: Flaws in Zoom’s Keybase App Kept Chat Images From Being DeletedPodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan HuntEpisode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI Chaos [...]

Episode 199 COVID’s Other Legacy: Data Theft and Enterprise Insecurity

8 January 2021

In this episode of the podcast (#199), sponsored by LastPass, we talk with Shareth Ben of Securonix about how massive layoffs that have resulted from the COVID pandemic put organizations at far greater risk of data theft. In our second segment, we’re joined by Barry McMahon, a Senior Global Product Marketing Manager at LogMeIn, to talk about...Read the whole entry... » Related StoriesEpisode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware!Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI ChaosEpisode 202: The Byte Stops Here – Biden’s… [...]

Episode 198: Must Hear Interviews from 2020

31 December 2020

Trying times have a way of peeling back the curtains and seeing our world with new eyes. We The post Episode 198: Must Hear Interviews from 2020 appeared first on The Security Ledger. Related StoriesEpisode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI ChaosEpisode 195: Cyber Monday Super Deals Carry Cyber RiskEpisode 203: Don’t Hack The Water and Black Girls Hack Founder Tennisha Martin [...]

Move over, SolarWinds: 30,000 orgs’ email hacked via Microsoft Exchange Server flaws

6 March 2021

Illustration by Alex Castro / The Verge Four exploits found in Microsoft’s Exchange Server software have reportedly led to over 30,000 US governmental and commercial organizations having their emails hacked, according to a report by KrebsOnSecurity. Wired is also reporting “tens of thousands of email servers” hacked. The exploits have been patched by Microsoft, but security experts talking to Krebs say that the detection and cleanup process will be a massive effort for the thousands of state and city governments, fire and police departments, school districts, financial institutions, and other organizations that were affected. According to Microsoft, the vulnerabilities allowed… [...]

NFTs, explained

6 March 2021

Image: Cryptokitties.co There’s nothing like an explosion of blockchain news to leave you thinking, “Um… what’s going on here?” That’s the feeling I’ve experienced while reading about Grimes getting millions of dollars for NFTs or about Nyan Cat being sold as one. And by the time we all thought we sort of knew what the deal was, the founder of Twitter put an autographed tweet up for sale as an NFT. You might be wondering: what is an NFT, anyhow? After literal hours of reading, I think I know. I also think I’m going to cry. Okay, let’s start with… [...]

Please do not give billionaire Jack Dorsey money for his tweet

6 March 2021

Photo by Greg Nash-Pool/Getty Images Jack Dorsey, the billionaire co-founder and CEO of Twitter, a man who stans bitcoin right on his Twitter bio, is attempting to sell his very first tweet as an NFT — a digital good that lives on the Ethereum blockchain. You’re probably familiar with the famous tweet, “just setting up my twttr”: just setting up my twttr— jack (@jack) March 21, 2006 Despite the fact that this tweet has been publicly available as a free digital item to look at whenever anybody wanted for nearly 15 years, Dorsey is now trying to sell it as… [...]

NASA’s Perseverance rover scoots around on Mars for the first time

6 March 2021

A trail of wheel tracks left by NASA’s Perseverance rover after making its first drive on the Martian surface | NASA/JPL Perseverance, the car-sized rover NASA landed on Mars last month, has taken its first spin on the rocky surface of Jezero Crater, NASA announced today. The rover’s six wheels drove about 21 feet to carry out a key mobility test on Thursday, as engineers back on Earth prepare to execute the mission’s core science objectives. The rover’s six aluminum wheels left tracks on the Martian dirt — as captured by one of its on-board cameras — after driving straight… [...]

The SEC is dragging AT&T to court for illegally duping analysts into lowering expectations

5 March 2021

Illustration by Alex Castro / The Verge The US Securities and Exchange Commission (SEC) is suing AT&T for providing nonpublic information to 20 different analyst firms so they would lower revenue estimates ahead of earnings, according to a press release. That let AT&T “beat” expectations for the quarter when the information-sharing took place, turning what could have been some nasty headlines in the financial press into a win instead. According to the SEC’s complaint (PDF), AT&T learned in March 2016 that its quarterly results would fall short of estimates due in part to “a steeper-than-expected decline in smartphone sales.” As… [...]

How to run a battery life report on your Windows laptop

5 March 2021

Screenshot: The Verge When my editor told me about Window’s built-in battery report, my first thought was: “How have I never heard of this before? Also, that sounds pretty useful!” So I looked at the guide he sent (from Laptop Magazine) and tried it out. It ended up being just as interesting as it sounded, so I figured I’d share, in case you also haven't come across this handy built-in tool. Windows has been keeping track of how your laptop’s battery is doing since it was installed. The report, which you can run using just two command prompt commands, will… [...]

Here’s a first look at Mark Cuban’s podcasting platform Fireside

5 March 2021

Last month, The Verge broke news of Mark Cuban and Falon Fatemi’s new app Fireside, which promises to deliver a “next-gen podcast platform,” and today, we can provide a better sense of the app’s functionality and interface. It’s currently in beta on iOS with a limited number of testers, most of whom appear to work in venture capital or as podcasters. However, their chats are visible to anyone, even non-users, through a browser, and from this desktop view, as well as screenshots of the app that The Verge has viewed, we can get a sense of what Fireside is trying… [...]

Ford recalls some of the first Mustang Mach-E SUVs due to loose bolts

5 March 2021

Photo by Sean O’Kane / The Verge Ford is recalling dozens of the first Mustang Mach-E deliveries after it discovered loose bolts during the quality checks that are holding up shipments. “[S]ome vehicles may have subframe bolts that the supplier did not tighten to specification,” Ford wrote Friday afternoon. “While the issue in affected vehicles is not to Ford’s standards, the company is not aware of any accidents or injuries related to this condition.” Ford says 1,258 Mustang Mach-Es are affected in the US, as well as 90 in Canada, but that the overwhelming majority of those have not been… [...]

YouTube has terminated five Myanmar military-run channels as political unrest continues

5 March 2021

Photo by Aung Kyaw Htet / SOPA Images / LightRocket via Getty Images YouTube terminated five Myanmar military channels from its platform on Friday, Reuters reports. The removals include YouTube channels for the government-run Myanma Radio and Television (MRTV) network and the military-owned Myawaddy Media used to spread military propaganda in Myanmar. YouTube’s action is the platform’s first major intervention following the military coup that was staged in February and the subsequent military crackdowns against protesters that have left at least 38 dead. “We have terminated a number of channels and removed several videos from YouTube in accordance with our… [...]

A Silicon Valley school is using virtual escape rooms to evaluate prospective students

5 March 2021

The logo on the escape room’s opening screen. | Image: Paruzal Applying to an elite middle school sounds like a stressful experience, and I’m sure COVID-19 doesn’t help. With things like open houses, campus tours, and in-person interviews off the table, applicants have fewer chances to experience their prospective schools — and admissions offices have fewer chances to meet their prospective students. One San Jose private school has come up with a unique solution: The Harker School, self-described as “one of the nation’s top college prep schools,” is putting teams of sixth grade applicants through a virtual escape room. Over… [...]

The Best Gmail Settings You Might Not Have Used Yet

6 March 2021

Almost all of us have an account. Most of us use it every day. But if you peel back the curtain a little, you'll find some powerful tools buried underneath. [...]

The 15 Best Weekend Deals on Phones, Smartwatches, and More

6 March 2021

Time to upgrade your gadgets? This is a good time to spend on last year’s gear, as newer models are about to hit the market. [...]

NFTs Are Hot. So Is Their Effect on the Earth’s Climate

6 March 2021

The sale of a piece of crypto art consumed as much energy as the studio uses in two years. Now the artist is campaigning to reduce the medium’s carbon emissions. [...]

Chinese Hacking Spree Hit an ‘Astronomical’ Number of Victims

5 March 2021

A single group appears to have infiltrated tens of thousands of Microsoft Exchange servers in an ongoing onslaught. [...]

McAfee Is Indicted for Altcoin Pump-and-Dumps and ICO Schemes

5 March 2021

The 75-year-old antivirus entrepreneur faces up to 80 years in prison if convicted. [...]

The US Has a Covid 'Scariants' Problem. Here's How to Fix It

5 March 2021

Researchers are racing to understand new versions of the coronavirus. But without scientific standards, too many mutants are getting the monster treatment. [...]

J&J Shots Administered, States Reopen Too Soon, and More News

5 March 2021

Catch up on the most important updates from this week. [...]

All of the Covid-19 Vaccines Are Equally Worthy of Your Arm

5 March 2021

Headlines about the Johnson & Johnson trial results cite an efficacy rate lower than Pfizer’s and Moderna’s. But one figure doesn’t tell the whole story. [...]

Yes, Chainmail Is Really Hard to Draw

5 March 2021

Ultima artist Denis Loubet knows this for a fact. [...]

Our Favorite Cold-Weather Gear for $100 or Less

5 March 2021

These coats, gloves, and other winter essentials will keep you bundled up and under budget. [...]

Cyberpunk 2077 Patch 1.1 arrives on Stadia, bringing many stability fixes

Related Posts

The average Android tablet isn’t ready for work from home — believe me, I tried

Google Photos gets ‘Explore’ tab and quick access to ‘Favorites’ on the web

YouTube Music Now Playing redesign starts rolling out to iPhones