admin

0 Comments
Researchers have disclosed security vulnerabilities in handover, a fundamental mechanism that undergirds modern cellular networks, which could be exploited by adversaries to launch denial-of-service (DoS) and man-in-the-middle (MitM) attacks using low-cost equipment. The “vulnerabilities in the handover procedure are not limited to one handover case only but they impact all different handover cases and scenarios
0 Comments
Data belonging to an Illinois-based accountancy firm has been exposed in a cyber-attack.  Bansley and Kiener, which is also known as B&K, is a 99-year-old full-service accounting firm headquartered in Chicago.  Earlier this month, B&K issued a security notice stating that it had been successfully targeted by cyber-criminals using ransomware a year ago.  “On December 10, 2020, B&K
0 Comments
Seven students at the University of Mississippi have been charged with cyber-stalking a fellow student who blew the whistle on their fraternity’s hazing activities.  College hazing is an initiation ceremony in which freshmen undertake humiliating and sometimes dangerous feats to gain admittance into a fraternity or sorority. Ole Miss Pi Kappa Alpha fraternity members Baylor Reynolds, aged
0 Comments
Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. “This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the vulnerability,” Matthew
0 Comments
Cybersecurity official Anne Neuberger has implored American businesses to actively prepare for a seasonal surge in cybercrime. In a statement issued through the White House on Thursday, the deputy assistant to the president and deputy national security advisor for cyber and emerging technology explained why threat actors like to time their attacks with the holidays.  “Historically we have seen
0 Comments
Meta Platforms on Thursday revealed it took steps to deplatform seven cyber mercenaries that it said carried out “indiscriminate” targeting of journalists, dissidents, critics of authoritarian regimes, families of opposition, and human rights activists located in over 100 countries, amid mounting scrutiny of surveillance technologies. To that end, the company said it alerted 50,000 users
0 Comments
by Paul Ducklin Amidst the ongoing brouhaha created by the apparently omnipresent Log4Shell insecurity featuresecurity vulnerability, it’s easy to lose track of all the other things that you should, and normally would, be working on anyway. Indeed, the UK’s National Cyber Security Centre (NCSC) is warning that: Remediating [the Log4Shell] issue is likely to take
0 Comments
Cybercriminals make people uneasy about the safety of their identity and online accounts. McAfee is your partner who’ll work tirelessly to restore your confidence in your online activities. Check out this roundup of privacy protection, identity protection, and device security best practices to boost your confidence in the safety of your personal information and technology.  Privacy Protection  Privacy protection means keeping the information you’d rather keep to yourself from getting
0 Comments
The grand finale of our series dedicated to demystifying Latin American banking trojans ESET started this blogpost series dedicated to demystifying Latin American banking trojans in August 2019. Since then, we have covered the most active ones, namely Amavaldo, Casbaneiro, Mispadu, Guildma, Grandoreiro, Mekotio, Vadokrist, Ousaban and Numando. Latin American banking trojans share a lot
0 Comments
Cybersecurity researchers have demonstrated a new attack technique that makes it possible to leverage a device’s Bluetooth component to directly extract network passwords and manipulate traffic on a Wi-Fi chip. The novel attacks work against the so-called “combo chips,” which are specialized chips that are equipped to handle different types of radio wave-based wireless communications,
0 Comments
Virginia is fighting cyber-fires on two fronts after ransomware attacks affected both its state legislature and an agency within its executive branch.  In an attack that struck on the evening of December 12, key IT systems under the Division of Legislative Automated Systems (DLAS) were rendered inaccessible. The attack was focused on certain internal servers, impacting the
0 Comments
Before you take the fun-looking quiz that popped up in your social media feed, think twice. The person holding the answers may be a hacker.  Where people go, hackers are sure to follow. So it’s no surprise hackers have set up shop on social media. This has been the case for years, yet now social media-based crime is on the rise. In 2019, total reported losses to this
0 Comments
Meta Platforms, the company formerly known as Facebook, has announced that it’s expanding its bug bounty program to start rewarding valid reports of scraping vulnerabilities across its platforms as well as include reports of scraping data sets that are available online. “We know that automated activity designed to scrape people’s public and private data targets
0 Comments
Hundreds of financial applications are being targeted by a threat campaign featuring a new strain of the Anubis Android banking trojan malware. The malicious campaign was detected by researchers at cybersecurity company and integrated endpoint-to-cloud provider Lookout. Researchers observed the banking malware masquerading as an account management application created by France’s largest telecommunications company, Orange S.A., to target customers of
0 Comments
By Sriram P & Lakshya Mathur  Hancitor, a loader that provides Malware as a Service, has been observed distributing malware such as FickerStealer, Pony, CobaltStrike, Cuba Ransomware, and many more. Recently at McAfee Labs, we observed Hancitor Doc VBA (Visual Basic for Applications) samples dropping the payload using the Windows clipboard through Selection.Copy method.  This blog focuses on
0 Comments
Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability. The attack leverages the remote code execution flaw to download an additional payload, a
0 Comments
Police have arrested a professor at a Louisiana university after child sexual abuse material was discovered on his office desktop computer.  An investigation was begun in East Baton Rouge on Thursday after officials at Louisiana State University’s (LSU’s) Agricultural Center (AgCenter) were contacted by concerned employees in the center’s IT department.  The IT workers raised the alarm
0 Comments
Like many consumers around the world, you’re probably scouring the internet to find the perfect gifts for your friends and family in time for the holidays. While buyers prepare for the festivities, cybercriminals look for opportunities to scam shoppers with various tricks. In 2020, the FBI received over 17,000 complaints regarding goods that were never delivered, totaling losses of more than
0 Comments
The critical flaw in the ubiquitous Log4j utility has sent shockwaves far beyond the security industry – here’s what we know so far Just as the holiday season is approaching our doorstep, a critical vulnerability in an Apache code library called Log4j 2 has come knocking at the door. Log4j is an open-source Java-based logging