How a push to remote work could help fix cybersecurity’s diversity problem
Women are underrepresented in technology jobs, and the discrepancy is even worse for cybersecurity roles specifically. Although there’s no definitive statistics on the subject, recent studies have pegged that women account for somewhere between 11% and 20% of the cybersecurity industry. At Monday’s panel, which was hosted by seed-stage cybersecurity fund YL Ventures and held to coincide with International Women’s Day, cybersecurity executives said they had some hope that changes brought by the COVID-19 pandemic could make it easier for cybersecurity teams to diversify their ranks…
White House Cybersecurity Adviser Wants a ‘Cleanliness Rating’ for Software Security
Policymakers are considering a number of changes to the nation’s cybersecurity posture as a result of the SolarWinds supply chain attack discovered late last year, including data breach notification laws and greater oversight of the nation’s critical infrastructure. In one of her first public appearances since joining the Biden White House, Deputy National Security Adviser Anne Neuberger floated another idea from an unlikely place: New York City dining establishments…
What It’s Like To Run a Tech Giant’s Security Team Without Ever Setting Foot in the Office
Mark Adams was appointed Adobe’s chief security officer about four months ago after serving in the same role for four years at Blizzard Entertainment. Thanks to the COVID-19 pandemic, his onboarding process has been untraditional, to say the least. For one, he hasn’t had a chance yet to visit the company’s physical offices. Instead, his calendar has looked like an ultramarathon of video conferences—days with a dozen back-to-back meetings during the first month to get to know his team and understand the company’s priorities…
Maza Cybercrime Forum Hacked, User Data Dumped Online
A hacker has breached Maza Faka, one of the oldest underground cybercrime forums active today, shut down its Tor-based website, and leaked the details of around 3,000 users in a PDF file posted on the forum’s front page. The security breach, which took place yesterday, on March 3, 2021, resulted in the leak of sensitive details about the forum’s registered users….
A Conversation With Alisa Esage, a Russian Hacker Who Had Her Company Sanctioned After the 2016 Election
In December 2016, then-President Barack Obama signed an executive order that announced sanctions on Russian individuals and organizations in response to election interference efforts. The list included several notorious hackers, as well as Russia’s Federal Security Service (FSB) and Main Intelligence Directorate (GRU). Also on the list was a lesser-known organization that left many puzzled: ZOR Security, founded by virus analytics expert Alisa Esage…
Former NSA and Cyber Command Chief Keith Alexander on SolarWinds, Cyberwar, and China
“The commercial sector is trying its best to fight against a government and all its resources. That’s not a fair fight… China will tell you it’s not stealing your stuff, and then goes and steals your stuff…
It can’t be just trusting them—it’s trust but verify. Look at what’s going on in the COVID-19 arena alone and the theft of intellectual property. It’s huge… This is the biggest transfer of wealth in history, and it’s going right out the front door…”
Catalin Cimpanu Joins The Record as Its First Cybersecurity Reporter
Catalin has years of experience writing about information security, and has become a well-known name in the field for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers. He’s been at ZDNet since 2018, where he wrote thousands of stories on everything from vulnerabilities in ballistic missile systems to the ever-changing ransomware landscape…
Cyber Attribution Is More Art Than Science. This Researcher Has a Plan to Change That
The Record caught up with threat intelligence researcher Timo Steffens to talk about the latest in threat hunting, and why he thinks it’s similar to disciplines like art history and criminology. He also discussed why the whole concept of APT groups—the term security professionals often use to categorize nation state or state-sponsored hacking operations—is a simplification that the industry might have to move past. “[Hacking groups] don’t necessarily have a fixed set of people—some leave, some join, they might share malware or an idea for an exploit with another group—so we have to… understand that the whole landscape is dynamic,” he said…
‘Every Attack Was Like a Slightly Deadlier Version Than the Last:’ NYT’s Perlroth Talks About Her New Book
When Nicole Perlroth joined The New York Times’ technology bureau nearly ten years ago, cybersecurity was in a much different place than it is today.
“The crazy thing happening in that moment was Anonymous, which seems so quaint these days,” she said.
As the decade unfolded, she witnessed and wrote about attacks that grew increasingly brazen and destructive: hacks targeting Sony Pictures, Yahoo, and Equifax, as well as incidents that spiraled out of control like WannaCry and NotPetya. Governments were stockpiling cyber weapons and unleashing them on adversaries. Occasionally the tools would get stolen and used against the country hoarding them….
A Volunteer Cyber Group Formed To Protect Hospitals During the Pandemic Releases Its First Report
An organization founded by vigilantes seeking to protect healthcare workers from digital threats during the COVID-19 pandemic has released its first report, which details cybercrime activity against global healthcare entities since pandemic lockdowns began in March of last year. In line with previous reports on the sector, it found that cybercrime had accelerated during the pandemic as criminals exploited the rapid transition to remote work and the psychological pressures produced by the global health crisis…