Cybersecurity

My organization has 2 mirrored server systems in separate locations and we subscribe to a cloud-based storage system as well. What else would you recommend for our infrastructure to ensure we are as protected as we can be?

Long story short, we are building a system from the ground up. By chance does anyone out there have a scrubbed down version or template of their RMF policies? Especially with the CM area. We are looking for something that references the RMF controls and CCI's. Our DCSA rep is adamant about having the CCI's controls involved…

Any idea of which network security and cyber risk metrics should one consider in a report to gain a better understanding of the systems, networks, and data, that would have supported business operations to be secure of Sony Pictures Entertainment (SPE) considering the cyber hack that happened in 2014?

Hi All, I'm new to the forum and glad to be here. My background is user-centeted design, human factors and usability. Four years ago I joined a cybersecurity firm as Chief Experience Officer. Why? As the founding father of modern user experience and former White House security experience researcher,Jared Spool so eloquently says, "if it's…

Earlier the month of May, the world’s largest domain registrar, GoDaddy, announced that the SSH credentials of nearly 28,000 users had been affected because of a data breach that had occurred in October 2019. Know More: SSH Credentials Targeted in Data Breach of Hosting Giant GoDaddy

A series of expletive tweets were posted from Antetokounmpo's Twitter account. "Giannis' twitter, phone, email and bank accounts were hacked!" both Kostas and Riddlesprigger tweeted. ntetokounmpo later regained full control of his account and wrote that he felt for those whom the hacked tweets targeted. https://www.espn.com/nba/story/_/id/29147485/hacking-giannis-antetokounmpo-accounts-being-investigated

A group of hackers that have named themselves Shiny Hunters managed to hack their way into Microsoft's Github account. They then stole the tech giant's data on the platform. It is said that they stole about 500 GB of information and posted it to the public. They wanted to sell it originally but then just…

https://www.cnbc.com/2020/05/07/chinese-hacking-group-naikon-reportedly-spying-on-asia-governments.html The group known as Naikon has been carrying a 5-year espionage campaign against multiple governments (including Australia, Indonesia, Thailand and Vietnam, among others). There is no word on whether they have ties to the Chinese government, but they have been very much under the radar until now. "Naikon targets ministries of foreign affairs, science…

https://www.techspot.com/news/85080-uk-cyber-security-agency-stop-using-racist-blacklist.html The National Cyber Security Center (NCSC), a branch of the UK Government Communications Headquarters (GCHQ) has decided to ban the terms 'whitelist' and 'blacklist', because they are racist apparently. This change was reportedly done to “stamp out racism in cyber security”. If you personally have a problem with this, NCSC’s technical director, Ian Levy,…

Article: https://www.forbes.com/sites/emmawoollacott/2020/05/05/exclusive-cybersecurity-and-covid-19the-first-100-days/#17212e1d39d5 In this article, it explains how the first 100 days versus cybercrime since the start of the outbreak. The pandemic had been already giving cybercriminals opportunities to take advantage of the situation, however, in turn, cybersecurity experts have been battling back attempting to keep society safe away from cybercrime during this horrible pandemic

Hackers in North Korea are attacking Apple computers. This malware was previously found on Windows and Linux computers. Once the hackers take control they are able to upload software as well as read, write or delete files on the computer. https://www.nknews.org/2020/05/north-korean-hackers-expand-attacks-against-apple-computers-in-china/

This article describes yet another attack on the company Toll Group. With this, the article describes how the ransomware had carried out the attack. Following this, the article leads to describing what the ransomware used as collateral. Link: https://www.securitymagazine.com/articles/92334-toll-group-suffers-ransomware-attack-again

This article has described 26 new and different kinds of DDoS attacks that have surfaced. This article also briefly describes each of the different attacks and how they work. link: https://www.securitymagazine.com/articles/92327-are-you-ready-for-these-26-different-types-of-ddos-attacks

This article describes how a new computer virus has started to infiltrate MAC OS, along with Windows and other UNIX systems. With this, the article also describes how a 2FA app has discovered this virus and allowed the proper authorities to fix the problems. Link: https://www.scmagazine.com/home/security-news/cybercrime/2fa-app-weaponized-to-infect-mac-users-with-dacls-rat/

This article describes how a new computer virus has started to infiltrate MAC OS, along with Windows and other UNIX systems. With this, the article also describes how a 2FA app has discovered this virus and allowed the proper authorities to fix the problems.

Experts warn that even after an executive order from president to protect from hackers the presidential campaign has already been altered.

</a Hackers quickly took Covid-19 as an opportunity to spread scams, and managed to do it in a very professional way compared to any other scams in the past. Between the months of May-March, spam detection increased by 26.3%.

Florida Gulf Coast University (FGCU) planned virtual graduation was disrupted when their vendor StageClip's servers were attacked taking their servers offline and altering the graduation list, substituting wrong pictures with the names of the graduates. While the school and company attributed the problems to a cyber attack, no specifics were given in their public statements.…

I've been silently following this forum for a while and thought this group might like what we are trying at Coalfire. We think "Virtual Happy Hours" are starting to get old, so we are changing it up! This Friday (tomorrow) at 3:15pm EST, we are hosting our very own LIVE variety show. It will be…

Many organizations are facing hackers constantly. Currently, a new initiative is being taken against cyber attacks. Instead of finding ways people can detect these hacks, they are trying to make an AI do the work for them. this will help in having their focus into their response to the hack and how to make certain…