admin

0 Comments
The UK’s data watchdog has slapped the British government with a hefty fine for exposing the addresses of individuals chosen to receive honors.  The Information Commissioner’s Office (ICO) said that the safety of hundreds of 2020 New Year Honors recipients had been placed in jeopardy after their personal data was published online. “On 27 December 2019 the Cabinet Office
0 Comments
You open up your laptop and check the daily news. You see a headline stating that one of your favorite online retailers was breached and that thousands of their customers’ passwords were exposed. Data breaches like this frequently appear in the news, but many consumers don’t realize the implications these breaches have on their personal privacy. When data breaches occur, oftentimes billions of these hacked login credentials become available on the dark
0 Comments
Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues
0 Comments
by Paul Ducklin Renowned bug-hunter Tavis Ormandy of Google’s Project Zero team recently found a critical security flaw in Mozilla’s cryptographic code. Many software vendors rely on third-party open source cryptographic tools, such as OpenSSL, or simply hook up with the cryptographic libraries built into the operating system itself, such as Microsoft’s Secure Channel (Schannel)
0 Comments
A man from Oregon has been charged with stealing confidential data from his employer and secretly extorting the company for a $2m ransom while purporting to be working on remediating the theft.  Portland resident Nickolas Sharp allegedly stole gigabytes of data from Ubiquiti Inc., a technology company headquartered in New York, where Sharp was employed from August 2018 to
0 Comments
A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes’ latest findings go into detail about the new tactics and tools adopted by the APT group
0 Comments
by Paul Ducklin [00’23”] Fun Fact: Ebooks reach their half-century. [00’58”] Call scammers and cryptocoin treachery. [07’34”] Cloud insecurity and yet more cryptocoin treachery. [16’15”] Tech History: The interwoven story of Mary Shelley, Ada Lovelace and AI ethics. [18’26”] Facial recognition creepiness. [25’23”] Oh! No! The wannabe wizard that went to school with a trainee
0 Comments
A cyber-attack on Planned Parenthood Los Angeles (PPLA) has resulted in the exposure of patients’ personally identifying information (PII). The agency said in a notice posted to its website on Wednesday that suspicious activity was detected on its computer network on October 17. An investigation into the activity remains ongoing; however, it has been determined that an
0 Comments
Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. “These people are at the center of critical communities for public debate,”
0 Comments
The United States has sent a fourth member of the international hacking group known as The Community to prison. Garrett Endicott, of Warrensburg, Missouri, was the last of six defendants to be sentenced in connection with a multi-million-dollar SIM-swapping conspiracy that claimed victims across the country, including in California, Missouri, Michigan, Utah, Texas, New York and Illinois.
0 Comments
Online is a little different for everyone How do you connect online these days? I’ll give you an example from my own life: From my 15-year old son to my 80-year-old mother, not one of us leaves the house without our phone. And today, there isn’t a single thing you can’t do on your phone. It’s the minicomputer that goes where you go.  This
0 Comments
ESET researchers studied all the malicious frameworks ever reported publicly that have been used to attack air-gapped networks and are releasing a side-by-side comparison of their most important TTPs Air-gapping is used to protect the most sensitive of networks. In the first half of 2020 alone, four previously unknown malicious frameworks designed to breach air-gapped
0 Comments
A newly discovered botnet capable of staging distributed denial-of-service (DDoS) attacks targeted unpatched Ribbon Communications (formerly Edgewater Networks) EdgeMarc appliances belonging to telecom service provider AT&T by exploiting a four-year-old flaw in the network appliances. Chinese tech giant Qihoo 360’s Netlab network security division, which detected the botnet first on October 27, 2021, called it
0 Comments
The former dean of a business school in Philadelphia has been found guilty of involvement in a fraudulent scheme to doctor program rankings using false data. Moshe Porat, of Bala Cynwyd, Pennsylvania, was dean of Temple University’s Richard J. Fox School of Business and Management for more than two decades, from 1996 until 2018. On
0 Comments
Relying on the kindness of strangers is not an ideal strategy for CISOs and CIOs. And yet that is the precise position where most find themselves today while trying to battle cybersecurity issues across their supply chain. While these supply chains have plenty of their own challenges, such as global disruptions of distribution, our recent
0 Comments
One of the harsh realities of cybersecurity today is that malicious actors and attackers don’t distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting the challenges in the current security landscape requires constant attention, and sometimes a little support. XDR provider Cynet has
0 Comments
The Panasonic Corporation has disclosed a data security incident in which an undisclosed amount of data was compromised. In a statement issued Friday, the major Japanese multinational conglomerate announced that an unauthorized third party had gained access to its network on November 11.  An internal investigation was launched that determined that the intruder had accessed some data stored on
0 Comments
We’ve all fallen for clickbait. Sometimes it’s a juicy headline designed to spark curiosity and drive traffic to a specific website. Other times it’s a quiz that will magically reveal your celebrity look-alike. While the innocent click connected to most clickbait is seemingly harmless, some clickbait can install dangerous malware onto your devices.  According to the FBI’s Crime Complaint Center’s 2020
0 Comments
The INTERPOL-led operation involved law enforcement from 20 countries and led to the seizure of millions of dollars in illicit gains Law enforcement agencies from around the globe have swooped down on hundreds of people suspected of committing various types of online crime, including romance scams, investment fraud and money laundering operations. The international effort
0 Comments
An APAC marine services multi-national appears to have become the latest victim of the prolific Clop ransomware gang. Swire Pacific Offshore (SPO) has provided crew and ships for specialized tasks such as anchor handling, platform supply and seismic surveys for over 45 years. However, its name recently appeared on the extortion site of the Clop
0 Comments
A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named “Babadeda” that’s capable of bypassing antivirus solutions and stage a variety of attacks. “[T]his malware installer has been used in a variety of recent campaigns to deliver information stealers, RATs, and even
0 Comments
UK schools are being encouraged to sign-up to a revamped cybersecurity competition designed to improve diversity in the sector. The CyberFirst Girls Competition is the National Cyber Security Centre’s flagship event for schools. Since 2017 more than 43,000 girls aged 12-13 have taken part in a series of cybersecurity challenges. However, the 2022 edition will see some