admin

0 Comments
A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts Despite threats seemingly looming around every corner (I’m looking at you, Delta), the past four months were the time of summer vacations for many of us located in the northern hemisphere,
0 Comments
In yet another indicator of how hacking groups are quick to capitalize on world events and improvise their attack campaigns for maximum impact, threat actors have been discovered impersonating Amnesty International to distribute malware that purports to be security software designed to safeguard against NSO Group’s Pegasus surveillanceware. “Adversaries have set up a phony website
0 Comments
America’s head of state, Joe Biden, has announced plans to hold a meeting with representatives of 30 different countries later this month to discuss ransomware and other cybersecurity issues.  In a statement released to coincide with the first day of America’s annual Cybersecurity Awareness Month, President Biden said that the chief purpose of the confab would be to address
0 Comments
Today marks the start of the 18th Annual Cybersecurity Awareness Month in America, and this year’s theme is “Do Your Part. #BeCyberSmart.” The digital safety initiative was launched back in October 2004 by the National Cyber Security Alliance and the United States Department of Homeland Security to help the public stay safe and secure while
0 Comments
Many iPhone users are vulnerable to payment fraud due to vulnerabilities in Apple Pay and Visa, according to new research from the University of Birmingham and the University of Surrey. The experts revealed they could bypass an iPhone’s Apple Pay lock screen to perform contactless payments when the Visa card is set up in ‘Express Transit mode’
0 Comments
The latest gadget on the tech and fashion streets is Ray-Ban Stories, a sunglasses collaboration between Facebook and Ray-Ban. These pair of shades feature two cameras that capture video, audio, and photos and sync to a mobile app. Social media fanatics are excited about this new ability to capture and share hands-free content.  Do gadgets like Ray-Ban Stories make you immediately think,
0 Comments
What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks The NSA and CISA have released joint guidance to help organizations select their Virtual Private Network (VPN) solution and hardening it against compromise. Vulnerable VPN servers are attractive targets for threat actors, as they provide great opportunities
0 Comments
Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks. “This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the targeted organization’s tenant,” researchers from Secureworks
0 Comments
Summary In late June 2021, Secureworks® Counter Threat Unit™ (CTU) researchers discovered a flaw in the protocol used by the Azure Active Directory Seamless Single Sign-On feature. This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the targeted organization’s tenant. CTU™ researchers reported
0 Comments
Data breaches at two American mental healthcare providers may have exposed the personal health information (PHI) of thousands of individuals.  Horizon House, Inc., which is in Philadelphia, Pennsylvania, warned that 27,823 people may have been impacted by a cyber-attack that took place in the late winter. The provider of mental health and residential treatment services detected
0 Comments
The security operations center (SecOps) team sits on the front lines of a cybersecurity battlefield. The SecOps team works around the clock with precious and limited resources to monitor enterprise systems, identify and investigate cybersecurity threats, and defend against security breaches. One of the important goals of SecOps is a faster and more effective collaboration
0 Comments
A newly discovered “aggressive” mobile campaign has infected north of 10 million users from over 70 countries via seemingly innocuous Android apps that subscribe the individuals to premium services costing €36 (~$42) per month without their knowledge. Zimperium zLabs dubbed the malicious trojan “GriftHorse.” The money-making scheme is believed to have been under active development
0 Comments
A new emergency fraud hotline has been set up to help tackle surging financial scams in the UK. UK citizens who believe someone is maybe trying to trick them into handing over money or personal details can now be automatically connected with their bank’s fraud prevention service by dialing 159. The service will work in
0 Comments
Overview On March 21st, 2021, the McAfee Enterprise Advanced Threat Research (ATR) team released several vulnerabilities it discovered in the Netop Vision Pro Education software, a popular schooling software used by more than 9,000 school systems around the world. Netop was very responsive and released several updates to address many of the critical findings, creating
0 Comments
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) injection flaw that could
0 Comments
Huawei’s CFO is finally back in China after striking a plea deal with the US authorities in which she admitted playing a pivotal role in a scheme designed to defraud a global financial institution. Meng Wanzhou, the daughter of Huawei founder Ren Zhengfei, was indicted by the US in 2019 on charges associated with the firm’s alleged
0 Comments
Chances are, you’ve heard the term VPN more and more lately but still can’t figure out exactly what it does or if your family needs one. You aren’t alone. The short answer is yes—you need a VPN on your family devices—and here’s why.   One of the main reasons you’re hearing more about VPNs is that cybercrime and data breaches are skyrocketing—especially since the pandemic.
0 Comments
State-sponsored hackers affiliated with Russia are behind a new series of intrusions using a previously undocumented implant to compromise systems in the U.S., Germany, and Afghanistan. Cisco Talos attributed the attacks to the Turla advanced persistent threat (APT) group, coining the malware “TinyTurla” for its limited functionality and efficient coding style that allows it to
0 Comments
Lawmakers in Florida are asking why the state has failed to spend millions of dollars it was assigned to fund the implementation of new cybersecurity measures. The Miami Herald reports that despite lawmakers’ allocating $30m for the improvements months ago, the Sunshine State is yet to spend a single cent. The office of Florida’s statewide chief information