GE Scott Knauss - Security Guy

CEO Immauss Technology Solutions

Magazines

Flips

Authentication
hacked and plastered with anti-transgender filth
theregister.co.uk - By Kieren McCarthy in San Francisco 7 Dec 2018 at 21:12
Linux.org was hacked on Friday morning, with the hacker plastering the message "G3T 0WNED L1NUX N3RDZ" complete with expletives and a very NSFW image …
Technology
Huawei’s CFO is being accused of fraud, and her main defense is a PowerPoint
The Verge - Shannon Liao
After years of facing suspicion from US authorities, Huawei is now standing trial for fraud. Today, a bail hearing was held for Huawei’s chief financial officer, who was arrested in Canada on Saturday
Windows 10
39 Arrested in Tech Support Scam Crackdown: Microsoft
darkreading.com
11/30/2018 10:15 AM 50% 50% Law enforcement officials in India raided 16 call center locations that conned primarily American and Canadian victims. Looks …
Machine Learning
Navy Cyber War Breakthrough - AI Finds Malware in Encrypted Traffic - Warrior Maven
defensemaven.io - by
--Warrior Maven Video Report Above - DARPA Works on AI-Enhanced Cybersecurity --- by Kris Osborn - Warrior Maven The Pentagon is working with major …
Cyber-attacks
Massive New Leak Exposes Data On 60 Million Americans
Forbes - Lee Mathews
It’s virtually impossible to protect your personal information these days. Even when private data isn’t being stolen by hackers it’s still leaking out onto the Internet because of carelessness. Security
Cybersecurity
Hackers Find Stolen NSA Exploit Useful Again, Compromise Tens of Thousands of Routers
Gizmodo - Dell Cameron
A Microsoft exploit made public last year after being pinched from the National Security Agency has now been used by hackers to compromise more than …
MacBook Pro
Apple's 2018 Holiday Ad: Heart-Warming Animated Movie Hides Lots Of Secrets (Updated)
Forbes - David Phelan
Apple has launched its annual holiday campaign, an animated movie to touch your heart. It has an original song written and performed by Billie Eilish. The 16-year-old singer and songwriter’s original called
Made in America
Cylance researchers discover powerful new nation-state APT
csoonline.com - CSO senior security reporter J.M. Porup got his first job in IT security in 2002 as a Linux sysadmin. Got tips? jm_porup@idg.com
When a Belgian locksmith attacked the Pakistani Air Force, researchers at Cylance sat up and took notice. The locksmith probably never knew his …
Open Source Movement
How to use systemd-nspawn for Linux system recovery
opensource.com - 14 Nov 2018 Kevin P. Fleming Feed
For as long as GNU/Linux systems have existed, system administrators have needed to recover from root filesystem corruption, accidental configuration …
Technology Policy
Researchers discover seven new Meltdown and Spectre attacks
ZDNet - Catalin Cimpanu
Experiments showed that processors from AMD, ARM, and Intel are affected. A team of nine academics has revealed today seven new CPU attacks. The seven …
Technology
Spectre, Meltdown researchers unveil 7 more speculative execution attacks
Ars Technica - Peter Bright
Systematic analysis reveals a range of new issues and a need for new mitigations. Further Reading “Meltdown” and “Spectre:” Every modern processor has …
Slashdot
slashdot.org
Hacking
Zero-day in popular WordPress plugin exploited in the wild to take over sites
ZDNet - Catalin Cimpanu
Attacks started around three weeks ago and are still going on. Users should update the WP GDPR Compliance plugin to version 1.4.3 to protect their …
Hacker infects 100K routers in latest botnet attack aimed at sending email spam
Digital Trends - Chuong Nguyen
A hacker managed to exploit a five-year-old vulnerability in home routers to create a botnet affecting approximately 100,000 home routers. The botnet …
VirtualBox
Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online
thehackernews.com - Mohit Kumar
An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox—a popular open source …
PortSmash attack steals secrets from Intel chips on the side
sophos.com - by
Researchers have developed an exploit that uses a feature in Intel chips to steal secret cryptographic keys. The proof of concept code, called …
GandCrab ransomware crew loses $1Mil after Bitdefender releases free decrypter
ZDNet - Catalin Cimpanu
Bitdefender says over 1,700 victims successfully decrypted GandCrab-locked files within hours of the tool's release. Bitdefender believes the criminal …
Cyber attacks aimed at school websites surge
nzherald.co.nz - Simon Collins
Schools are reporting an upsurge in cyber attacks, apparently from disgruntled students who are attacking school websites rather than pressing the …
Linux systems vulnerable to privilege escalation and file overwrite exploit in X.Org server
betanews.com - By Mark Wycislik-Wilson
An "incorrect command-line parameter validation" vulnerability in X.Org server makes it possible to escalate privileges as well as overwrite files. …
As thousands report being victims of vile 'ransomware' computer attacks, here's how to stay safe
dailymail.co.uk - Toby Walne, Financial Mail on Sunday
Victims of vile 'ransomware' computer attacks are being urged to ignore the sick demands – or face yet more blackmail threats. Hundreds of readers …
How The Russian Government Created The Most Advanced Industrial Malware Ever Seen
Forbes - Kate O'Flaherty
Russian government-backed hackers were responsible for an attack on a Saudi Arabian petrochemical plant last year, according to a cybersecurity firm. FireEye security researchers have linked the sophisticated
Checks and Balances aka Quality Assurance | ITS
immauss.com
Does your cyber security plan include a system of checks and balances? How about a quality assurance program. Do you need either of these? Let's take …
Red Hat Relying On Its Channel To Attack The Midmarket
crn.com - By Joseph Tsidulko October 16, 2018, 03:29 PM EDT
Red Hat technology has long been ubiquitous inside large enterprises. But the open source leader is rapidly extending its reach down-market, where …
Cryptojacking Declines, Ransomware Spikes in Q3 of 2018 - Report
investing.com
Cryptojacking has been overtaken as the number one cyber threat by Trojan horses for both business and consumers in the third quarter of this year, …
Portal Suffers Data Breach Exposing 75,000 Consumers
Gizmodo - Dell Cameron
Sensitive information belonging to roughly 75,000 individuals was exposed after a government healthcare sign-up system got hacked, the Centers for …
Windows 10 will banish Spectre slowdowns with Google's Retpoline patch
ZDNet - Liam Tung
Google's Retpoline fix for the Spectre Variant 2 flaw helps minimize performance hit on Windows 10 machines. Microsoft is including Google's …
5 open source intrusion detection tools that are too good to ignore
csoonline.com - InfoSec at Your Service By Michelle Drolet, Contributor, CSO | Oct 19, 2018 3:07 AM PT
As cybersecurity professionals, we try to prevent attackers from gaining access to our networks but protecting perimeters that have grown …
Zero-day in popular jQuery plugin actively exploited for at least three years
ZDNet - Catalin Cimpanu
A fix is out but the plugin is used in hundreds, if not thousands, of projects. Patching will take ages! For at least three years, hackers have abused …
Millions of Voter Records Found for Sale on the Dark Web
darkreading.com - Dark Reading Staff
Voter registration databases from 19 US states are being hawked in an underground hacking forum, researchers say.
Almost half of cyberattacks are directed at SMBs, here's how to stay safe
TechRepublic - Conner Forrest
In 2017, small businesses were impacted by 113,000 incidents of macro malware, according to a SCORE study. Cyberattacks on big companies often make …

GE Scott Knauss - Security Guy

Magazines

Penguinista

Mine

Pea Soup

Security Hot Topics

Flips

hacked and plastered with anti-transgender filth

Huawei’s CFO is being accused of fraud, and her main defense is a PowerPoint

39 Arrested in Tech Support Scam Crackdown: Microsoft

Navy Cyber War Breakthrough - AI Finds Malware in Encrypted Traffic - Warrior Maven

Massive New Leak Exposes Data On 60 Million Americans

Hackers Find Stolen NSA Exploit Useful Again, Compromise Tens of Thousands of Routers

Apple's 2018 Holiday Ad: Heart-Warming Animated Movie Hides Lots Of Secrets (Updated)

Cylance researchers discover powerful new nation-state APT

How to use systemd-nspawn for Linux system recovery

Researchers discover seven new Meltdown and Spectre attacks

Spectre, Meltdown researchers unveil 7 more speculative execution attacks

Slashdot

Zero-day in popular WordPress plugin exploited in the wild to take over sites

Hacker infects 100K routers in latest botnet attack aimed at sending email spam

Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online

PortSmash attack steals secrets from Intel chips on the side

GandCrab ransomware crew loses $1Mil after Bitdefender releases free decrypter

Cyber attacks aimed at school websites surge

Linux systems vulnerable to privilege escalation and file overwrite exploit in X.Org server

As thousands report being victims of vile 'ransomware' computer attacks, here's how to stay safe

How The Russian Government Created The Most Advanced Industrial Malware Ever Seen

Checks and Balances aka Quality Assurance | ITS

Red Hat Relying On Its Channel To Attack The Midmarket

Cryptojacking Declines, Ransomware Spikes in Q3 of 2018 - Report

Portal Suffers Data Breach Exposing 75,000 Consumers

Windows 10 will banish Spectre slowdowns with Google's Retpoline patch

5 open source intrusion detection tools that are too good to ignore

Zero-day in popular jQuery plugin actively exploited for at least three years

Millions of Voter Records Found for Sale on the Dark Web

Almost half of cyberattacks are directed at SMBs, here's how to stay safe