DOJ charges four Chinese military hackers for Equifax hack
"Most intelligence and counter-intelligence operations are usually left off the table when it comes to criminal investigations, as long as they don't target civilians. US officials said that this operation orchestrated by China's military hackers was different because they focused on the mass collection of civilian data and intellectual property theft."
#cybersecurity #infosec #china
This page is really great !
You can find all IDEA instructions at https://idea-instructions.com. See something which could be improved, or which you find confusing? Tell us! Your feedback helps a lot to make these instructions better! <3
New podcast episode - 2020 Show Updates
I’ve been thinking too much about endpoint protection lately- tempt to fire up vim and create a github repo
It’s not about competing with large players, but what does a capital starved startup do? Just ignore it while some basics would move the needle?
Biggest risks I see is people not reading the docs and relying on simple tooling while they should talk to larger vendors and simply not supporting mobile appropriately
Also part of the toxic infosec community who believes in absolute security
Defensive Security Podcast Episode 245
I see a lot of articles say things like "They now run this service in the cloud—which brings its own set of security challenges." I wish they would equivalently write "They run their IT in their own data centres—which brings its own set of security challenges."
DIY infrastructure? Oh that's obviously secure. Professionally-run commercial clouds? Whoa, they're risky.
Travelex hobbles back online, one month after ransomware hit it hard.
The beleaguered company, hit by the REvil ransomware on New Year's Eve, has not yet been able to restore all of its online services.
Why do #infosec people go around insulting everyone? Everyone who uses the cloud "blindly trust the cloud providers"? Nobody is doing due diligence? Nobody has a long list of security risks they track and controls and mitigations, huh? And they want to "disprove the assumption that cloud infrastructures are secure". Because the existence of one bug means what? It's "insecure"? The research is legit, but the preamble is garbage from an out-of-touch techie. https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/
A Mastodon instance for info/cyber security-minded people.