Episode – Page 4 – You’ve Already Been Hacked

The University of Minnesota apologies, Linux is vulnerable, an AG got hacked, the DC Police did too!

- www.bleepingcomputer.com: HashiCorp is the latest victim of Codecov supply-chain attack - www.zdnet.com: University of Minnesota responds to Linux security patch requests - threatpost.com: Linux Kernel Bug Opens Door to Wider Cyberattacks - www.bleepingcomputer.com: DC Police confirms cyberattack...

Pulse Secure VPNs get bypassed, REvil takes on Apple, Ethernet/IP Stack problems in Industrial Systems, and 10 years for a guru

- www.fireeye.com: Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day - www.darkreading.com: University Suspends Project After Researchers Submitted Vulnerable Linux Patches - www.bleepingcomputer.com: REvil gang tries to extort Apple,...

Sanctions for Russia, FBI Hacks US systems, and the Electric grid got lucky

- www.scmagazine.com: As US takes sweeping action against Russia for years of hacking, industry skeptical of impact - www.darkreading.com: FBI Operation Remotely Removes Web Shells From Exchange Servers - www.bleepingcomputer.com: CISA gives federal agencies until Friday to patch Exchange servers -...

Your Health Insurance, Facebook, and LinkedIn all got Hacked

This past week had a bunch of large scale hits with potentially 700 million people being hacked (not all this week, some as early as 2019). - thehill.com: Major DC insurance provider hacked by 'foreign cybercriminals' - www.bleepingcomputer.com: North Korean hackers use new Vyveva malware to attack...

DHS emails hacked by SolarWinds, DPRK Actors created a Fake security Company, Space X gets encrypted

Lots happening this week, as I welcome in my new students to this term. Solarwinds fall out still happening, along with changes at the company, multi university hacks reported, North Korea is still being tricky, another water treatment plan was hacked (although in the past), Ubiquity has a whistle...

A Quick Overview of Teaching a (my) cybersecurity class

Taking a break from the reoccuing nightmare that is cybersecurity, and doing a quick high level overview of teaching cybersecurity, specifically my class. Which happens to start back up on 6 April 2021.

Solarwinds takes more source code, Exchange Ransomware, 4.2 Billion lost to internet crime in 2020

- www.zdnet.com: Mimecast reveals source code theft in SolarWinds hack - www.bleepingcomputer.com: CISA releases new SolarWinds malicious activity detection tool - www.zdnet.com: Microsoft investigates potential ties between partner security firm, Exchange Server attack code lea - arstechnica.com:...

Yet another Cyber Nightmare, potentially 100,000s exchange servers compromised world wide

This week focused heavily on the hack of 2021, at least 10 APTs are exploiting Microsoft Exchange Server vulnerabilities across the globe, oh and 150,000 security cameras were also breached... - www.cyberscoop.com: At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns -...

India Power Hacked by the PRC, New Microsoft Zero-days, and PLCs have Hardcoded vulnerabilities

- www.scmagazine.com: China’s new cyber tactic: targeting critical infrastructure - www.forbes.com: Hackers Break Into ‘Biochemical Systems’ At Oxford University Lab Studying Covid-19 - arstechnica.com: Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10 -...

The FED has an outrage, Defense Contractors targeted, new Mac malware, and NIST updates the Smart Grid Framework

- www.bleepingcomputer.com: Federal Reserve nationwide outage impacts US banking system - www.bleepingcomputer.com: TD Bank suffered systemwide banking outage, services now recovered - www.scmagazine.com: ThreatNeedle malware tied to year-long North Korean espionage campaign against global defense...