433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Transparency and policy shapes Cloudflare’s Kiwi Farms decisions

Cloudflare percolated back into the news cycle last week when the company, which provides security services to websites, blocked Kiwi Farms as a client. Kiwi Farms has a reputation as being the worst trolling site on the internet, where individuals meet to collate and create action plans targeting individuals for both online and physical harassment including doxing and swatting (taking action that results in a police SWAT team arriving at a given address to neutralize the reported threat to life). Social networks were aflame with calls for Cloudflare to cease providing their services to Kiwi Farms. Indeed, a recent Vice article highlighted the case of Clara Sorrenti, also known as Keffals, an online streamer who has been doxed multiple times and was arrested on August 5 amidst a raid on her home as a result of swatting, highlighted how there have been at least three cases of individuals committing suicide as a result of the targeted harassment received as a result of the actions taking place on Kiwifarms. To read this article in full, please click here
http://news.poseidon-us.com/SXskBv

TikTok denies breach after hackers claim billions of user records stolen

TikTok is denying claims that a hacking group has breached an Alibaba cloud database containing 2.05 billion records that include data on TikTok and WeChat users. The hacking group, which goes by the name AgainstTheWest, on Friday posted screenshots—which they say were taken from the hacked database—on a hacking forum. The Alibaba server that was breached contains 2.05 billion records in a 790GB database with user data, platform statistics, source code, cookies, auth tokens, server info, and other information, the hacking group said. The hackers also claimed they are yet to decide if they want to sell the data or release it to the public.  To read this article in full, please click here
http://news.poseidon-us.com/SXsdTS

How mobile app privacy risks impact the federal government

Although mobile apps benefit government work in terms of convenience, efficiency and communication, privacy and security risks grow in parallel.
http://news.poseidon-us.com/SXpTqP

Top 12 managed detection and response solutions

Of all foundational elements for information security, logging requires far more care and feeding than its fellow cornerstones such as encryption, authentication or permissions. Log data must be captured, correlated and analyzed to be of any use. Due to typical log volume, software tools to manage log events is a must-have for businesses of any size. Traditionally, log events have been processed and handled using security information and event management (SIEM) tools. SIEM systems at the minimum provide a central repository for log data and tools to analyze, monitor and alert on relevant events. SIEM tools (and data analysis capabilities) have evolved more sophisticated capabilities such as machine learning and the ability to ingest third-party threat data. To read this article in full, please click here
http://news.poseidon-us.com/SXnXXh

Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)

I recorded a video for the maldoc analysis I did in diary entries “VBA Maldoc & UTF7 (APT-C-35)” and “Update: VBA Maldoc & UTF7 (APT-C-35)”.
http://news.poseidon-us.com/SXlyZJ

Violence-as-a-Service: Brickings, Firebombings & Shootings for Hire

A 21-year-old New Jersey man has been arrested and charged with stalking in connection with a federal investigation into groups of cybercriminals who are settling scores by hiring people to carry out physical attacks on their rivals. Prosecutors say the defendant recently participated in several of these schemes — including firing a handgun into a Pennsylvania home and torching a residence in another part of the state with a Molotov Cocktail.
http://news.poseidon-us.com/SXlrhn

Week in review: CISOs’ earnings per year, Atlassian Bitbucket Server and Data Center flaw

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: US-based CISOs get nearly $1 million per year The role of the Chief Information Security Officer (CISO) is a relatively new senior-level executive position within most organizations, and is still evolving. To find out how current CISOs landed in that role, their aspirations, the compensation they receive, and which risks they face and responsibilities they shoulder, analysts with international executive … More → The post Week in review: CISOs’ earnings per year, Atlassian Bitbucket Server and Data Center flaw appeared first on Help Net Security.
http://news.poseidon-us.com/SXlFZl