The Associated Press is reporting on a trove of data accidentally leaked by the Russian-backed advanced persistent threat (APT) group known as Fancy Bear that suggests the group conducted a years-long campaign against targets in the US, Ukraine, Russia, Georgia and Syria.
Low-hanging Internet of Things security fruit may be left unpicked, as connected device makers fret about the predation of sophisticated hackers, but balk at simple security fixes, a Security Ledger and LogMeIn survey finds. You can download the full report here in PDF format.
The NotPetya malware infection shut down pharmaceutical giant Merck’s production of the pediatric vaccine GARDASIL last June, forcing the company to borrow the drug from a stockpile maintained by the U.S. Centers for Disease Control and Prevention to meet demand.
In this week’s podcast, we talk with Gadi Evron of Cymmetria, which released Mazehunter, a targeted hack-back tool this week about going on offense and staying on the right side of the law. Also: Ryan Kazanciyan of Tanium is one of the talented hackers who help design Mr. Robot’s hacking scenes. We talk with him about bringing realistic hacks alive on the small screen. And: when Uncle Sam dishes the dirt on a state sponsored campaign against critical infrastructure, what are companies supposed to do with the information? Mark Durfresne of the firm Endgame and Itzik Kotler of the firm Safebreach give us their thoughts.
A new joint FBI-DHS report dishes the dirt on recent sophisticated attacks targeting the US energy grid and critical infrastructure, saying third party firms and web sites to gain access to energy and other critical infrastructure networks. It also names a sophisticated hacking group believed to be linked to the government of Russia.
