You are browsing archives for
An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web. On June 16, authorities in […]
This guest blog post is shared by Chris Adams, Solutions Architect in the Office of the Chief Information Officer/IT Design & Development Directorate, and Julia Kim, Digital Projects Coordinator at the National Library for the Blind and Print Disabled at the Library of Congress, formerly the Digital Assets Specialist at the American Folklife Center, supporting […]
“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” -CIA’s Wikileaks Task Force. So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to […]
It was in roughly the fifth century BC when Chinese general Sun Tzu wrote in his work The Art of War: “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer […]
For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered […]
Today’s guest post is from Jesse Johnston (Sr. Research Development Officer Office of Research, Office of the Vice President for Research, University of Michigan), Kate Murray (Digital Projects Coordinator, Digital Collections Management & Services Division), Marcus Nappier (Digital Collections Specialist, Digital Content Management Section), and Ted Westervelt, Chief, US/Anglo Division. It has become ever more […]
Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there […]
In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, […]
While it’s a well-known concept, we’ve recently seen the growing sophistication of phishing campaigns, making detecting phishing domains harder, increase of spear phishing in APT attacks, and the increasing use of customized, targeted emails that ensure these campaigns are more successful than ever. Even if almost everyone nowadays is aware of possibly getting phished, by […]
The co-owners of vDOS, a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service (DDoS) attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli court. vDOS as it existed on Sept. 8, 2016. A judge […]
Today we will deep dive into a related topic: DNS intelligence, its main concept, how important it is inside the cybersecurity world, and much more. Definition of DNS intelligence DNS intelligence could be defined as ‘all the intelligence data that comes from the DNS system and the interactions of its users’. If you search for […]
An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico’s top tourist destinations disrupted their highly profitable business, which raked in an estimated $1.2 billion and enjoyed the protection of top Mexican authorities. [embedded content] The multimedia […]
The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those who don’t. But it may also signal that ransomware purveyors are searching for new […]
Some time ago, we talked about the cybersecurity skills gap, and the need to increase the cybersecurity workforce. We looked at how many cybersecurity positions are in high demand, how many of them are intermediate and advanced/managerial, and how security has now been ingrained into many IT roles that didn’t have these responsibilities in the […]
When law enforcement agencies tout their latest cybercriminal arrest, the defendant is often cast as a bravado outlaw engaged in sophisticated, lucrative, even exciting activity. But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of day-to-day activity needed to support these enterprises is in fact mind-numbingly boring and […]
A Monthly Roundup of News and Thoughts from the Library of Congress Labs Team Our Projects Jamming with the Newspaper Navigator DatasetOn Thursday, May 7th, Innovator in Residence Ben Lee presented the Newspaper Navigator dataset containing over 100 million images extracted from the Chronicling America database using a machine learning algorithm. Over 130 participants tuned in remotely to get […]
The following is a repost from the blog Worlds Revealed: Geography & Maps at the Library of Congress. The author is Rachel Trent, Digital Collections and Automation Coordinator in the Geography and Maps Division. Interested in bulk downloading maps from the Library of Congress’s online collections? Need a corpus of historical map images to build a training dataset […]
The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. The ad campaign follows a similar initiative launched in late 2017 that academics say measurably dampened demand for such services by explaining that their use […]
A group of Romanians operating an ATM company in Mexico and suspected of bribing technicians to install sophisticated Bluetooth-based skimmers in cash machines throughout several top Mexican tourist destinations have enjoyed legal protection from a top anti-corruption official in the Mexican attorney general’s office, according to a new complaint filed with the government’s internal affairs […]
The red team is considered the offensive side of the security. Red teams think like the attacker, they imitate real-world attacks and mimic adversary techniques and methods, uncover vulnerabilities in an organization’s infrastructure, launch exploits, and report on their findings. This is often a group of white hats — ethical hackers, offensive security professionals that […]
