Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger multi-national law enforcement investigation that continues in other countries from the Southeast Asia region.
I know we all like the fancy new name, but for what it’s worth, https://mdsattacks.com reports on finding this andRead more
looks like disabling TSX mitigates both of these. edit: only partially mitigates: https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling On processors affected by Microarchitectural Data SampingRead more
New US bill could end mass surveillance of phone records by the NSARead more
Last Friday, former IDC analyst, Chris Christensen, passed away. I learned this sad news from my colleague John Grady who worked with Chris for many years. Another colleague, Christina Richmond, also worked with and for Chris at IDC. Christina and I consoled each other this morning, sharing fun stories about Chris that made us smile a bit through our sadness.
Unlike my colleagues and lots of other people I know in the industry, I never worked with or for Chris, but we often found ourselves in the same places — the RSA conference, Black Hat, CiscoLive, etc.
We first met many years ago in Moscow of all places. As cybersecurity analysts, we were there for a series of meetings and events with Kaspersky Lab. The flight to Moscow from Boston is a rather tedious 11 hours or so, with a stopover in NYC before an overnight red eye flight to Russia. After this grueling trip, most people in our party went right to the hotel for a power nap, but not Chris. In the hotel lobby, Chris looked at the crowd of tired Americans and said something like, “we’re 2 blocks from Red Square and we don’t have any meetings until this evening. I’m going for a walk, who wants to join me?”
MAZE publishes data allegedly stolen from Bird Construction in ransomware attackRead more
Space ISAC cybersecurity information-sharing portal planned for spring 2020Read more
Unauthorized party accessed 2015 databaseRead more
Renewed focus on stamping out malicious activityRead more
I investigated writing something like this about 5 years ago for the same reason but settled on just using theRead more