Lindsey O’Donnell-Welch

Wellesley

Cybersecurity Writer at Huntress

Cybersecurity writer @HuntressLabs. Previous @DecipherSec @ThreatPost, @CRN, @Holy_cross alum

Featured in: Favicon

duo.com

crn.com

wickedlocal.com Favicon

threatpost.com Favicon

metrowestdailynews.com Favicon

crn.com.au Favicon

courierpapers.com Favicon

huntress.com

Articles

Wendy Nather on the ‘Topics That Are Distracting CISOs’

Sep 16, 2024 | duo.com | Lindsey O’Donnell-Welch

Wendy Nather, distinguished cybersecurity leader and director of strategic engagements at Cisco, talks to Lindsey O’Donnell-Welch, executive editor with Decipher, at Black Hat 2024 about the biggest “topics that are distracting CISOs” including the pandemic’s lasting impacts on security programs, personal liabilities and supply-chain security.
The ‘Sleeping Time Bomb’ of Third-Party Cybersecurity Risk

Sep 13, 2024 | duo.com | Lindsey O’Donnell-Welch

VIDEOIn the final part of this four-part video series, Decipher editor Lindsey O’Donnell-Welch talks to Merritt Baer, CISO at Reco, Neda Pitt, CISO at Belk, and Danielle Snyder, cyber and compliance lead at Raytheon, about third-party risk, why it’s a “sleeping time bomb” and how organizations can approach this complex issue.
What Impact Will AI Have on Cybersecurity Risk Management?

Sep 12, 2024 | duo.com | Lindsey O’Donnell-Welch

In the third part of this four-part video series, Decipher editor Lindsey O’Donnell-Welch talks to Merritt Baer, CISO at Reco, Neda Pitt, CISO at Belk, and Danielle Snyder, cyber and compliance lead at Raytheon, about how they’re seeing security teams leverage machine learning, what generative AI innovations mean for risk management and more.
‘The Tidal Wave Coming At Everybody:’ The Issue of Data Sprawl and Identity

Sep 11, 2024 | duo.com | Lindsey O’Donnell-Welch

In the second part of this four-part video series, Decipher editor Lindsey O’Donnell-Welch talks to Merritt Baer, CISO at Reco, Neda Pitt, CISO at Belk, and Danielle Snyder, cyber and compliance lead at Raytheon, about how security teams are approaching the “massive sprawl” of different data and accounts across their ecosystem, especially with the proliferation of identity-related threats.
Russian GRU Unit Linked to Critical Infrastructure Attacks

Sep 6, 2024 | duo.com | Lindsey O’Donnell-Welch

Several U.S. government agencies issued a new advisory Thursday warning of global cyber operations by threat actors that they affiliated with Unit 29155 of the Russian Main Intelligence Directorate (GRU). The threat group is categorized under several titles, including UNC2589, Cadet Blizzard, Ember Bear and Frozenvista.
Apache Fixes OFBiz Remote Code Execution Flaw

Sep 6, 2024 | duo.com | Lindsey O’Donnell-Welch

Apache has issued a fix in OFBiz (Open For Business) that addresses an unauthenticated remote code execution bug. The high-severity direct request flaw (CVE-2024-45195) impacts Apache OFBiz versions below 18.12.16 for Linux and Windows. The vulnerability could allow attackers with no valid credentials to exploit missing view authorization checks in the web application to execute arbitrary code on the server. Users can upgrade to version 18.12.16, which fixes the issue.
New Backdoor Linked to Earth Lusca Threat Group

Sep 4, 2024 | duo.com | Lindsey O’Donnell-Welch

Researchers have uncovered a new backdoor called KTLVdoor, which targets both Windows and Linux systems and is linked back to Chinese-speaking threat actor Earth Lusca. Earth Lusca is group that has been active since at least April 2019 and has targeted organizations from various sectors globally, including the U.S., France, Germany and more.
FTC: Verkada Must Create Security Program After Breaches

Sep 3, 2024 | duo.com | Lindsey O’Donnell-Welch

The Federal Trade Commission (FTC) is requiring security camera firm Verkada to implement a security program after the company was hit with two security incidents between December 2020 and March 2021. The mandate against the Calif.-based company is part of a settlement for allegations that Verkada failed to use appropriate information security practices leading to the breaches.
APT29 Watering Hole Attacks Used Spyware Exploits

Sep 3, 2024 | duo.com | Lindsey O’Donnell-Welch

The Russian-based APT29 group was seen using the same iOS and Google Chrome exploits as commercial surveillanceware vendors NSO Group and Intellexa, in an espionage campaign that targeted the Mongolian government. Researchers that discovered the campaign do not know how the APT attackers acquired the exploit. The exploits were observed in three separate attacks that researchers linked “with moderate confidence” to APT29 in November 2023, February 2024 and July 2024.
New Backdoor Used By Iranian State-Sponsored Group

Aug 29, 2024 | duo.com | Iranian Group |Lindsey O’Donnell-Welch

Over the last few months, an Iranian state-sponsored threat actor has been deploying a new custom backdoor in attacks against various entities in the U.S. and United Arab Emirates, including organizations in the government, communications equipment, oil and gas and satellite sectors. The threat actor, which is called Peach Sandstorm and was first uncovered last year, targets victims in many countries in order to collect intelligence, using password spraying as an initial access vector.