0 Comments
Organizations around the world take on average more than two business days to respond to a cyber-attack, according to new research by American cybersecurity company Deep Instinct.  The finding was published in the company’s second bi-annual Voice of SecOps Report, which was based on a survey of 1,500 senior cybersecurity professionals in 11 countries who work for
0 Comments
When it comes to identity theft, trust your gut when something doesn’t feel right. Follow up. What you’re seeing could be a sign of identity theft.  A missing bill or a mysterious charge on your credit card could be the tip of an identity theft iceberg, one that can run deep if left unaddressed. Here, we’ll look at several signs of identity theft that likely need some investigation
0 Comments
Putting a precision payload on top of more generic malware makes perfect sense for malware operators Virus Bulletin this year brought a fresh batch of amped-up, refreshed malware with lots more horsepower and devilish amounts of custom-tailored targeting. From singled-out political activist individual targets to regionalized targets, malware’s aim is getting better. Putting a precision
0 Comments
Apple’s plans to implement new phone-scanning features have been heavily criticized by more than a dozen cybersecurity experts. The tech company announced in August its intention to start scanning iPhone users’ iCloud Photos libraries. Apple presented the move under the pretext that it would locate users’ caches of illicit content, including child sexual abuse material (CSAM). In
0 Comments
Take a roll call of all your devices that connect to the internet. These include the obvious ones – laptops, tablets, and your smartphone. But they also include the ones you may not immediately think about, such as routers, smart TVs and thermostats, virtual assistant technology, and connected fitness watches and equipment.  Each of these devices is known as an endpoint to you. To a cybercriminal, they’re an
0 Comments
Dutch police have written to customers of an on-demand booter service to dissuade them from committing cybercrimes. Booter services, also known as booters, are on-demand DDoS (Distributed-Denial-of-Service) attack services that can be used to bring down websites and networks by overloading or “stressing” IP addresses with data traffic.  During an ongoing investigation into www.minesearch.rip, Dutch
0 Comments
Kids engage online far differently than adults. Between group chats, social apps, and keeping up with digital trends, their interests, and attention spans constantly shift, which means online privacy concerns get sidelined.   That’s why, throughout October—Cybersecurity Awareness Month—we will be doubling up on resources and insights your family needs to be safer and more secure online. Ready to roll? Here are a few ways to move online privacy center stage.   
0 Comments
The attack, which clocked in at 2.4 Tbps, targeted one of Azure customers based in Europe Microsoft has revealed that it thwarted a Distributed Denial-of-Service (DDoS) attack that clocked in at a whopping 2.4 terabytes per second (Tbps). The onslaught, which targeted an Azure customer in Europe, surpasses the previous record holder – a 2.3
0 Comments
A now-patched critical vulnerability in OpenSea, the world’s largest non-fungible token (NFT) marketplace, could’ve been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following
0 Comments
by Paul Ducklin It’s the second week of Cybersecurity Awareness Month 2021, and this week’s theme is an alliterative reminder: Fight the Phish! Unfortunately, anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it’s what computer scientists or mathematical analysts call
0 Comments
Antivirus and anti-malware brand STOPzilla has been acquired by California holding company RealDefense.  The deal was announced earlier today and marks RealDefense’s fourth acquisition in the security sector. Other brands in the RealDefense portfolio include IOLO, MyCleanID, MyCleanPC, USTechSupport, CyberDefender, VirusFix, and WarrantyStar. To complete the acquisition of STOPzilla, RealDefense partnered with Corbel Capital Partners, a $500m structured
0 Comments
The victims lost an average of nine days to downtime and two-and-a-half months to investigations, an analysis of disclosed attacks shows An analysis of 186 successful ransomware attacks against businesses in the United States in 2020 has shown that the companies lost almost US$21 billion due to attack-induced downtime, according to technology website Comparitech. Compared to
0 Comments
by Paul Ducklin It’s been a wild few weeks for Apple, or perhaps an “in-the-wild” few weeks, with several zero-day bugs necessitating emergency updates. We were going to say “unexpected updates”, but all (or almost all) Apple security patches are, of course, unexpected by design. Apple deliberately announces security fixes only after they’ve been published,
0 Comments
Data belonging to patients of a hospital in New Mexico has been deleted by an unknown cyber-attacker.  The IT network of San Juan Regional Medical Center in Farmington was breached by an unauthorized individual in September last year. The attack was reported to the United States Department of Health and Human Services’ Office for Civil Rights on June 4
0 Comments
Although organizations commonly go to great lengths to address security vulnerabilities that may exist within their IT infrastructure, an organization’s helpdesk might pose a bigger threat due to social engineering attacks. Social engineering is “the art of manipulating people so they give up confidential information,” according to Webroot. There are many different types of social
0 Comments
An authentication error left the personal data of hundreds of thousands of BrewDog customers and Equity for Punks shareholders exposed for a year and a half.  The gaffe involving an API bearer token was discovered by researchers at security consulting and testing company Pen Test Partners.  “Every mobile app user was given the same hard-coded API Bearer Token,