Blog

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Written by Krebs On Security - December 20th, 2020 A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself. Austin, Texas-based SolarWinds disclosed this ...

Read More

Microsoft commits more than $110M in additional support for nonprofits, workers, and schools in Washington state

Written by Brad Smith, President – December 18th, 2020 There’s no doubt that most of us across the Puget Sound region are anxious to put the difficulties of 2020 behind us. As we approach the end of December, we look forward to the new year with a mixture of optimism and concern – optimism about spreading ...

Read More

The Top Cybersecurity Predictions For 2021

It is hard to believe that we are about to roll into 2021. It genuinely has been a year that nobody ever dreamt of, including from the Cybersecurity standpoint. So, given all that has happened, what is predicted for next year? Here are some of what we believe will happen: Botnets will continue to grow ...

Read More

Successful COVID-19 vaccine delivery requires strong tech partnerships

Written by Dr. David Rhew - Chief Medical Officer & VP Healthcare, Worldwide Commercial Business, Microsoft – December 11th, 2020 As a society, we continue through the journey of this global pandemic, but there is finally light at the end of the tunnel. There are currently two COVID-19 vaccines under accelerated review by the U.S. Food ...

Read More

CPRA Hints at The Future of Cybersecurity and Privacy

Written by Karen Walsh, CEO, Allegro Solutions – December 11th, 2020 One of the most notable ballot propositions impacting the privacy and cybersecurity world during the US 2020 election was the passage of the California Privacy Rights Act (CPRA). Predominantly considered an updated version of 2018’s California Consumer Privacy Act (CCPA), the CPRA incorporates several changes other ...

Read More

Healthcare in Crisis: Diagnosing Cybersecurity Shortcomings in Unprecedented Times

In the early fog of the COVID-19 pandemic, cybersecurity took a back seat to keeping patients alive. Lost in the chaos was IT security. When the COVID-19 pandemic first hit the U.S. hard in March, the Elmhurst Hospital was forced into a logistical nightmare. It was a grim sign of the times, as the Queens, N.Y. hospital ...

Read More

FBI warns of email forwarding rules being abused in recent hacks

Written by Catalin Cimpanu for Zero Day – December 1st, 2020 FBI: "The web-based client's forwarding rules often do not sync with the desktop client, limiting the rules' visibility to cyber security administrators."  The US Federal Bureau of Investigation says that cyber-criminals are increasingly relying on email forwarding rules in order to disguise their presence inside hacked ...

Read More

Office 365 phishing abuses Oracle and Amazon cloud services

Written by lonut Ilascu on November 27th, 2020 A rather complex phishing scheme for stealing Office 365 credentials from small and medium-sized businesses in the U.S. and Australia combines cloud services from Oracle and Amazon into its infrastructure. The campaign has been active for more than half a year and uses a network of legitimate websites that ...

Read More

Be Very Sparing in Allowing Site Notifications

Written for Krebs on Security – November 20th, 2020 An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling ...

Read More

Why now is the time for zero trust in DoD cybersecurity

Written by Jim Hansen – November 20th, 2020 The sudden and massive shift to a remote work policy across the Department of Defense and the contracting community has created a perfect storm of cyber challenges needing to be addressed. Keenly aware of this, threat actors are taking advantage. A few months into the COVID-19 crisis, the Pentagon ...

Read More