admin

0 Comments
German logistics provider Hellmann Worldwide Logistics has warned customers social engineering attacks could target them after being hit by a ransomware attack earlier this month. In an update on the incident, which forced the company to take its IT systems temporarily offline on December 9, Hellmann confirmed that the attackers extracted data. While it is still investigating what type
0 Comments
By Guilherme Venere, Ismael Valenzuela, Carlos Diaz, Cesar Vargas, Leandro Costantino, Juan Olle, Jose Luis Sanchez Martinez, AC3 Team Collaborators: ATR Team (Steve Povolny, Douglas McKee, Mark Bereza), Frederick House (FireEye) In this post we want to show how an endpoint solution with performant memory scanning capabilities can effectively detect active exploitation scenarios and complement
0 Comments
A number of security flaws have been uncovered in a networking component in Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, tamper with metal detector configurations, and even execute arbitrary code on the devices. “An attacker could manipulate this module to remotely monitor statistics on the metal detector, such as whether
0 Comments
The state of New York has passed a law that makes it a crime to falsify information on a COVID-19 vaccination card. New York governor Kathy Hochul signed new legislation on Wednesday that makes falsifying information on a COVID-19 vaccination card a Class D felony comparable under the New York Penal Law to promoting a sexual performance
0 Comments
We’re online more than ever, in large part because it allows us to take advantage of online conveniences like bill pay and booking appointments. But these many benefits might also leave us exposed to risks, like identity theft. Identity theft is characterized by one person using another’s personal or financial data for their benefit. Cybercriminals
0 Comments
Russia has slapped American tech company Google with a record-breaking fine for failing to remove “banned content.”  A Russian court issued the $100m financial penalty on Friday in response to Google’s alleged “systematic failure to remove banned content.” Although the financial penalty is the largest fine of its kind ever to be issued by a
0 Comments
Ransomware groups continue to evolve their tactics and techniques to deploy file-encrypting malware on compromised systems, notwithstanding law enforcement’s disruptive actions against the cybercrime gangs to prevent them from victimizing additional companies. “Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS [ransomware-as-a-service] groups dominating the ecosystem at this
0 Comments
The prime minister of Albania has issued a public apology after the personal data of hundreds of thousands of Albanian citizens was allegedly leaked online. An Excel file containing what appears to be data relating to employees in the public and private sectors was found circulating on social media and has reportedly been broadly shared through messaging
0 Comments
Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to “trivially and reliably” bypass a “myriad of foundational macOS security mechanisms” and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score:
0 Comments
A Russian cyber-criminal who hacked into three tech companies and stole more than 100 million user credentials will not have to pay restitution to his corporate victims. Yevgeniy Aleksandrovich Nikulin was found guilty in July 2020 of causing data breaches at LinkedIn, Dropbox, and the now defunct social media platform Automatic in 2012.  Speaking during the closing
0 Comments
Most of us take our skills for granted when it comes to technology. We move effortlessly between applications and multiple devices. We install new software, set up numerous accounts, and easily clear technical hurdles that come our way. Unfortunately, that picture isn’t the norm for many older adults.   Engaging with technology can be challenging for older adults. However, when digital literacy skills are neglected or avoided, everyday activities such as online bill paying, shopping, medical appointments, and
0 Comments
Cybersecurity agencies from Australia, Canada, New Zealand, the U.S., and the U.K. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache’s Log4j software library by nefarious adversaries. “These vulnerabilities, especially Log4Shell, are severe,” the intelligence agencies said in the new guidance. “Sophisticated cyber threat actors are actively scanning
0 Comments
Threat actors have exploited a vulnerability in Log4j software to wage a cyber-attack on Belgium’s Defense Ministry. The attack began on December 16 and was confirmed by Belgium’s Ministry of Defense on Monday.  Speaking to the AFP in Brussels on Tuesday, Belgian military spokesman Commander Olivier Séverin said that the incident had caused damage to services that were connected to the
0 Comments
Log4j/Log4shell is a remote code execution vulnerability (RCE) in Apache software allowing attackers unauthenticated access into the remote system. It is found in a heavily utilized java open-source logging framework known as log4j. The framework is widely used across millions of enterprise applications and therefore a lucrative target for threat actors to exploit. The availability
0 Comments
China’s internet regulator, the Ministry of Industry and Information Technology (MIIT), has suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months for failing to promptly report a critical security vulnerability affecting the broadly used Log4j logging library. The development was reported by Reuters and South China
0 Comments
A United States court has sentenced a Russian national who admitted being involved in a conspiracy to launder money stolen from American victims of computer fraud. Maksim Boiko, also known as Maxim Boyko, and online as “gangass,” was one of 20 individuals indicted by the US in connection with the transnational criminal organization QQAAZZ. With members
0 Comments
Detectives investigating a hacking incident at a Florida college have charged a former nurse with possessing child sexual abuse material (CSAM). An investigation was launched in June 2021 when two IT accounts belonging to a program coordinator and an instructor at Polk State College were hacked. The employees were locked out of their labs and scheduling accounts,
0 Comments
The internet provides plenty of fun and exciting opportunities for you and your family, from sharing on social media to online shopping. To help you enjoy every minute of it, though, it’s good to be aware of what less savory characters are up to. And they sure have been busy. In fact, the U.S. Federal