30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.
Breach
Incident Response: 5 Principles to Boost the Infosec/Legal Relationship
Effective cyber-incident response means working well with legal. Matt Dunn, associate managing director for cyber-risk at Kroll, lays out how to do it.
Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming
The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications.
A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails, employees’ emails, and more.
An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch’s source code, comments going back to its inception and more.
Joseph Carson, Chief Security Scientist at ThycoticCentrify, offers a 7-step practical IR checklist for ensuring a swift recovery from a cyberattack.
A former medical records tech stole PII that was then used to fraudulently claim DoD and VA benefits, particularly targeting disabled veterans.
Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA.
Experts say the detection delay of 17 months is a colossal security blunder by the retailer.
Certificate misconfigurations of the EAP protocol in Eduroam (and likely other networks globally) threaten Android and Windows users.
