Priti Patel, the UK home secretary, is under fire after 150,000 police arrest records were accidentally lost from a police database last week. The lost files include DNA, arrest history records and fingerprints. As these files are now lost from the Police National Computer (PNC), essential evidence from crime scenes no longer exist which means that criminals will be able to go free for crimes they have committed.

The Home Office released a statement that said: “The technical issue with the Police National Computer has been resolved, and we are working at pace with law enforcement partners to assess its impact. The issue related to people arrested and released where no further action had been taken and no records of criminal or dangerous persons have been deleted. No further records can be deleted.”

The shadow home secretary, Nick Thomas-Symonds, believes that the Home Office’s statement was not good enough saying that, “it’s not good enough for the home secretary to hide behind her junior minister on this when there has been such a major security breach on her watch. It’s now vital that she makes an urgent statement outlining the true scale of the issue, when ministers were informed and what the plan is to provide public reassurance. Yet again, Conservative incompetence is putting people’s safety at risk.”

The post 150,000 police arrest records lost appeared first on IT Security Guru.

This blog was written by an independent guest blogger.
Organizations are increasingly adopting Kubernetes to manage their containerized workloads and services, but Kubernetes security incidents are on the rise, as well. In the fall 2020 edition of the “State of Container and Kubernetes Security” report, for instance, 91% of respondents told StackRox that they had recently adopted Kubernetes. Three quarters of survey participants went on to reveal that they had deployed the container orchestration platform in their production environments. Even so, nine out of 10 respondents told the company that their organizations had suffered a security incident in their container and Kubernetes environments over the last 12 months. Subsequently, nearly half (44%) of respondents said that they had delayed moving an application into production due to their security concerns.
These findings highlight the need for organizations to strengthen their Kubernetes security. They can do this by focusing on the security of their pods….

Posted by: David Bisson

Read full post

The post Security context: The starting point for how Kubernetes Pod security works appeared first on Cybersecurity Insiders.

FBI officers began checking the JetBrains company. So far, there are no specific accusations, but the special services are investigating whether the products of the above company could be used in the hacking of the American SolarWinds, which is considered the starting point of the global hacker attack.

JetBrains, founded in Prague in 2000, sells customers software that makes it much easier to create applications. For millions of developers, its tools are indispensable: the company now has more than 10 million users in more than 213 countries.  In an interview with Forbes, the company’s CEO, Maxim Shafirov, said that despite the pandemic, revenue has grown by 10% over the past year, and the company suggests that this year it can reach $400 million. According to a JetBrains representative, the company is worth more than $1 billion.

On Wednesday, The New York Times, Reuters and The Wall Street Journal reported that the investigation does not exclude the possibility of connecting JetBrains with one of the largest acts of cyberespionage in recent times. The publications contained hints that hackers could have hacked JetBrains or one of its products, the TeamCity testing, and code-sharing service, in order to then gain access to the systems of SolarWinds, which used this service. 

As a result of the attack, hackers compromised one of the SolarWinds tools and used it to break into the networks of customers, including government departments and major US IT companies. Among the victims of the cyberattack were the US Department of Justice, which announced that 3% of its messages sent through Office 365 were compromised, as well as the US Department of Energy and Treasury, Microsoft, Cisco and other organizations. The US claims that the attacks are linked to Russia. The Kremlin denies any involvement.

It is noted that the reputation of JetBrains can be seriously damaged if it is proved that its employees are involved in compromising the software and its misuse.

Disclosing his mind at the CES 2021, Microsoft President Brad Smith said that the industries and governments should stay united in fighting against cyber attacks. He added that federal agencies in association with business firms should formulate rules and share information about cyber threats that helps in mitigating the risks before any untoward takes place.

Speaking at the Consumer Electronics Show 2021, the tech giant leader sarcastically mentioned what has happened in the case with SolarWinds that has apparently impacted over 250 federal agencies and private firms that includes Microsoft, Cisco, Ford, Visa, Mastercard, LockHeed Martin, Procter & Gamble, Yahoo!, Time Warner and Gillette.

“As computers create new promise, there are new perils arising as well. In the year 1983, there was a movie ‘WarGames’ that showed a hacker almost starting a World War 3 after gaining access to the supercomputer operating in United States. And the same scenario could happen if we fail to react now”, commented Smith.

Now, to those uninitiated, at the end of last year, Security firm FireEye announced to the world that hackers funded by Russian intelligence could have taken control of Federal servers operating in United States and might be snooping on the generated data and related activity since 2018.

A detailed probe launched later by FBI stated that the attack could have taken place through compromised Orion Software used by certain agencies and companies and produced by SolarWinds.

Trump administration tried their best to transfer the blame to China. However, the Biden led nation is said to make a detailed inquiry on this note after the Trump Impeachment goes for a final verdict by the end of this week.

Therefore, Microsoft that found its source code stolen in the Solorigate scandal wants to set some international rules and standards to curb any kind of conventional warfare in the cyber sphere. And the only way to see this through is with an international collaboration between nations.

The post Microsoft President wants Industries, and Govts stay united against Cyber Attacks appeared first on Cybersecurity Insiders.

It’s a question that continues to engage debate, as the majority of new physical security devices being installed are now connected to a network. While this offers myriad benefits, it also raises the question: Who is responsible for their cybersecurity?

On Tuesday, German authorities announced the shut down of an illegal marketplace found on the darknet. Among the products sold on the network, known as DarkMarket, were drugs, forged money, stolen or forged credit cards, anonymous mobile phone SIM cards and malware. Prosecutors stated that the large network had nearly 500,000 users, more than 2,400 vendors and had processed more than 320,000 transactions before its shutdown. As a result, more than 140 million euros (the equivalent of 170 million US dollars) had been exchanged.

German investigators uncovered the network working together with police from Australia, Britain, Denmark, Switzerland, Ukraine and Moldova. A suspect has been arrested near the German-Danish border.

 

The post German Investigators shut down DarkMarket appeared first on IT Security Guru.

Join us later this month to see what modern data management looks like

Webcast There’s been a lot of talk about resilience lately. But while it’s one thing working through mid-pandemic self-care and wellness prescriptions for the individual, what does resilience mean when it comes to your company and its data?…

All that counter-China stuff costs a pretty penny, y’know

The Ministry of Defence’s multibillion budget overrun has been caused in part because of its spending splurge on flashy new “cyber” capabilities, according to the National Audit Office.…

 

The development teams of Google and Mozilla shared their progression regarding the minimization of classic web security attack vectors such as cross-site request forgery (CSRF) and cross-site scripting (XSS). The latest browser security features present assurance of destroying or at least bringing down the classic web security attack vectors. 

Following news that British Airways is facing a lawsuit for its failure to protect the personal data in 2018, please see the comment below from cybersecurity experts. Following news that British Airways is facing…

The ISBuzz Post: This Post British Airways Subject To Lawsuit After Data Breach – Industry Leader Comments appeared first on Information Security Buzz.

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks.

Read more in my article on the Tripwire State of Security blog.

Security teams have an abundance of data, but most of it lacks the context necessary to improve remediation outcomes.

Chris Kubic, Former CISO of NSA, on Strategies for Success
Chris Kubic, former CISO of the National Security Agency, describes how deception technology can change the defensive landscape. “Where deception comes into play is for the unknown threats, the things that are either an attack you haven’t seen before or the attacker evolved their technique.”

This post was originally published by Edward Kost.

A simple DLL file was the catalyst to the most devastating cyberattack against the United States by nation-state hackers.

This cinematic breach demonstrates the formidable potency of DLL hijacking and its ability to dismantle entire organizations with a single infected file.

What is DLL hijacking?

DLL hijacking is a method of injecting malicious code into an application by exploiting the way some Windows applications search and load Dynamic Link Libraries (DLL).

Only Microsoft operating systems are susceptible to DLL hijacks.

By replacing a required DLL file with an infected version and placing it within the search parameters of an application, the infected file will be called upon when the application loads, activating its malicious operations.

For a DLL hijack to be successful, a victim needs to load an infected DLL file from the same directory as the targeted application.

If applications that are automatically loaded upon startup are compromised with a tainted DLL file, cybercriminals will be granted access to the infected computer whenever it loads.

 

DLL hijacking is not an innovative cyberattack method. It has been in circulation among cybercriminals since Windows 2000 launched.

Read more here: https://www.upguard.com/blog/dll-hijacking

The post What is DLL hijacking? The Windows exploit endangering your sensitive data appeared first on Cybersecurity Insiders.

Latest episode. Listen now!

SideWinder APT described. Project Zero describes sophisticated crime. CISA advice on cloud hygiene. Scam-as-a-service. SolarLeaks update.

A newly uncovered Russian-based cybercrime operation has been helping classified ad scammers steal more than $6.5 million from victims across the US, Europe, and the former Soviet States. Cyber-security firm Group-IB has been investigating the operation that they describe as a scam-as-a-service and named it Classiscam. Their report says that the scam began in early […]

The post Classiscam Operation Made More Than $6.5 Million in 2020 appeared first on Binary Defense.

More people are working from home now than ever before, often times with less security. Chat services and email have become the primary means for communications among organizations, so threat actors attempt to exploit them. Phishing attacks have always been a common attack vector among threat actors and have become more prevalent over the last […]

The post Accellion File Transfer Applications Targeted in New Zealand Central Bank Attack appeared first on Binary Defense.