Tag: switch
-
Your smart building isn’t so smart without security
Tags: switchThe lights switch on as you walk in. The air adjusts to your presence. Somewhere in the background, a server notes your arrival. It’s the comfort of a smart building, but that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/smart-buildings-cybersecurity-risks/
-
Your smart building isn’t so smart without security
Tags: switchThe lights switch on as you walk in. The air adjusts to your presence. Somewhere in the background, a server notes your arrival. It’s the comfort of a smart building, but that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/smart-buildings-cybersecurity-risks/
-
TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader
Tags: ai, awareness, backup, breach, browser, business, cio, ciso, communications, conference, control, corporate, country, cryptography, cyber, cybersecurity, dark-web, data, data-breach, defense, dns, email, encryption, finance, government, healthcare, identity, incident, infrastructure, intelligence, Internet, jobs, law, leak, linux, malicious, mfa, mitigation, network, organized, phone, privacy, ransom, ransomware, RedTeam, resilience, risk, risk-management, router, service, startup, strategy, supply-chain, switch, tactics, technology, theft, threat, tool, training, windowsSummary In this episode of The Defender’s Log, host David Redekop interviews Sami Khoury, the Senior Official for Cybersecurity for the Government of Canada. With a career spanning 33 years at the Communication Security Establishment (CSE), Khoury shares how a coincidental job application blossomed into a lifelong passion for national security. Khoury emphasizes that modern…
-
‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads
Effects beyond one-time infection: According to Trend Micro, the campaign affected specific Cisco families, including 9400, 9300, and legacy 3750G switches. Affected organizations face more than a one-off compromise as infected switches can provide attackers a long-term, stealthy platform for lateral movement, data interception, or further payload delivery.Parts of the exploit are fileless or volatile,…
-
Beyond the checklist: Building adaptive GRC frameworks for agentic AI
Tags: access, ai, breach, ciso, cloud, compliance, control, crime, data, detection, endpoint, finance, framework, fraud, governance, grc, international, metric, monitoring, nist, risk, risk-management, strategy, supply-chain, switchAutonomous agent drift First, I experienced an autonomous agent drift that nearly caused a severe financial and reputational crisis. We deployed a sophisticated agent tasked with optimizing our cloud spending and resource allocation across three regions, giving it a high degree of autonomy. Its original mandate was clear, but after three weeks of self-learning and…
-
TDL 006 – Beyond the Firewall: How Attackers Weaponize Your DNS
Tags: access, attack, breach, business, cisa, ciso, computer, conference, control, cyber, data, data-breach, dns, exploit, firewall, google, government, group, guide, infrastructure, intelligence, Internet, iraq, jobs, leak, malicious, malware, network, phishing, ransomware, service, software, switch, threat, tool, windowsSummary Beyond the Firewall: How Attackers Weaponize Your DNS For many IT professionals, DNS is the internet’s invisible plumbing, historically managed by a “guy with a Unix beard in the basement,” as Infoblox educator Josh Kuo recalled on the Defenders Log podcast. But this foundational, often overlooked, protocol has become a primary vector for sophisticated…
-
Zorin OS 18 beta makes Linux look like anything but Linux
Windows, macOS, Cinnamon, even iPadOS all just a layout switch away First seen on theregister.com Jump to article: www.theregister.com/2025/09/24/zorin_os_18_beta/
-
Service Accounts in Active Directory: These OG NHIs Could Be Your Weakest Link
While non-human identities (NHIs) in cloud and SaaS operations may be getting lots of attention right now, securing your Active Directory service accounts can go a long way in reducing risk. Here are three steps you can take right now. Key takeaways Expect sprawl: Agentic AI and cloud native development accelerate non-human identity (NHI) growth. …
-
Russian Airline Hit by Cyberattack, Website and Systems Disrupted
Russian regional carrier KrasAvia is grappling with a major IT outage after what appears to be a cyberattack. Passengers have been unable to buy tickets online, and flight operations have been forced to switch to manual procedures. The airline confirmed the disruption to local media but has not provided a timeline for restoring normal service.…
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…
-
Wie realistisch ist der Kill Switch? – Können die USA Europa den Stecker ziehen?
First seen on security-insider.de Jump to article: www.security-insider.de/us-kill-switch-europa-digitale-souveraenitaet-a-626d158e1c8ba1883eb0cc03ea2af5b5/
-
TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future – Chester Wisniewski
Tags: access, ai, attack, backdoor, breach, business, ciso, computer, country, crime, crimes, cyber, cybercrime, cybersecurity, data-breach, defense, detection, edr, email, finance, firewall, gartner, government, guide, hacker, hacking, Hardware, infosec, Internet, jobs, linkedin, mail, malicious, microsoft, military, monitoring, network, password, phishing, phone, privacy, programming, ransomware, risk, russia, scam, skills, software, sophos, spam, sql, strategy, switch, technology, threat, update, virus, vulnerability, wifi, windowsSummary “The Defenders Log” Episode 1 features host David Redekop and guest Chet Wisniewski discussing the dynamic world of cybersecurity. Wisniewski, with decades of experience, traces his journey from early BBS and phone network exploration to becoming a cybersecurity expert. They delve into the evolution of hacking, the emergence of profitable cybercrime like email spam,…
-
TDL003 – Breaking Barriers: IPv6 Adoption and DNS Transformation with Tommy Jensen
Tags: access, ai, apple, attack, backup, banking, browser, business, ceo, chrome, ciso, compliance, computer, computing, control, country, credentials, cybersecurity, data, data-breach, ddos, dns, encryption, endpoint, google, government, group, international, Internet, jobs, law, microsoft, mobile, network, phishing, phone, privacy, programming, radius, risk, service, smishing, strategy, switch, technology, threat, update, vpn, windows, zero-trustSummary This episode of the Defender’s Log features special guest Tommy Jensen, an internet technologist specializing in IPv6, Zero Trust, and standards. Jensen’s career path, from an AppleCare contractor to a key figure in advancing internet technologies, is explored. The discussion highlights the critical importance and challenges of migrating to IPv6 and the necessity of…
-
Developer Sentenced to Four Years for Sabotaging Employer’s Systems
Davis Lu was convicted in March of deploying malicious code in the systems of his employer, Eaton, when his job responsibilities change and then deployed a kill switch that denied employees access to the systems when he was fired in 2019. He was sentenced this month to four years in prison. First seen on securityboulevard.com…
-
Chinese Hacker Sentenced for Kill Switch Attack on Ohio Firm’s Global Network
A federal court has handed down a four-year prison term to a former software developer who sabotaged his employer’s global network with a custom “kill switch,” crippling operations and inflicting hundreds of thousands in losses. Davis Lu, 55, a Chinese national legally residing and working in Houston, was sentenced on August 21 by U.S. District…
-
Windows Security Update turns smooth NDI streams into jittery messes
Users told to switch protocols or delay installation while Redmond investigates First seen on theregister.com Jump to article: www.theregister.com/2025/08/22/windows_update_ndi/
-
Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Tags: access, ai, attack, automation, cisa, cisco, cloud, conference, control, credentials, cve, cyber, cybersecurity, data, data-breach, deep-fake, detection, docker, espionage, exploit, flaw, framework, fraud, google, government, group, guide, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iot, LLM, microsoft, mitigation, mitre, mobile, network, nist, risk, russia, scam, service, side-channel, software, strategy, switch, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCheck out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan against face-morphing deepfakes. And get the latest on the CIS Benchmarks and on vulnerability prioritization strategies! Here are…
-
Developer gets prison time for sabotaging former employer’s network with a ‘kill switch’
The ex-developer was convicted of planting malicious code designed to crash its servers in the event that he was fired. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/22/developer-gets-prison-time-for-sabotaging-former-employers-network-with-a-kill-switch/
-
Urteil: Haftstrafe für Kill Switch im Netzwerk des Ex-Arbeitgebers
Tags: switchTausende Mitarbeiter eines Unternehmens wurden 2019 unerwartet aus ihren Nutzerkonten ausgesperrt. Der Saboteur muss nun ins Gefängnis. First seen on golem.de Jump to article: www.golem.de/news/urteil-haftstrafe-fuer-kill-switch-im-netzwerk-des-ex-arbeitgebers-2508-199434.html
-
Former developer jailed after deploying kill-switch malware at Ohio firm
Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out after his account was disabled. The Chinese national was also sentenced to three years of…
-
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled.Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers…
-
Developer jailed for taking down employer’s network with kill switch malware
Pro tip: When taking revenge, don’t use your real name First seen on theregister.com Jump to article: www.theregister.com/2025/08/22/worlds_dumbest_it_admin_gets/
-
Dev gets 4 years for creating kill switch on ex-employer’s systems
A software developer has been sentenced to four years in prison for sabotaging his ex-employer’s Windows network with custom malware and a kill switch that locked out employees when his account was disabled. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dev-gets-4-years-for-creating-kill-switch-on-ex-employers-systems/
-
Nvidia Pushes Back on Chinese ‘Kill-Switch’ Claims
Chipmaker Argues Against Growing Interest in US to Require New Security Measures. Artificial intelligence chip-making powerhouse Nvidia is rejecting claims from China’s top cyber agency that its H20 chips include location tracking and kill-switch features – while warning U.S. lawmakers against requiring those capabilities in future chip designs. First seen on govinfosecurity.com Jump to article:…
-
Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch
Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two malicious npm packages, naya-flore and nvlore-hsc, published by the npm user nayflore using the email idzzcch@gmail.com, disguise themselves as legitimate WhatsApp socket libraries. These packages exploit the growing ecosystem of third-party tools for WhatsApp automation,…
-
Microsoft SharePoint Hackers Switch Gears to Spread Ransomware
Threat actors exploit SharePoint flaws to access internal systems, steal sensitive data, and carry out surveillance, impersonation, and extortion. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-sharepoint-vulnerabilities-exploitation/
-
Hackers Connected Raspberry Pi to ATM in Bank Heist Attempt
Runners Hired to Connect Device to Bank’s Network, Facilitating Remote Hacks. Researchers tied a cybercrime group tracked as UNC2891 to an attempted Asia-Pacific bank heist, in which remote attackers physically installed a 4G-enabled Raspberry Pi onto an ATM network switch, giving them remote access to the internal IT environment as part of an attempted cashout…
-
UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud
The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine (ATM) infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack.The cyber-physical attack involved the adversary leveraging their physical access to install the Raspberry Pi device and have it connected directly to the same network switch as the…