Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony AnscombeA look back on the key trends and developments that shaped the...
Day: October 25, 2022
Smashing Security podcast #293: Massive crypto bungle, and the slave scammers
Smashing Security podcast #293: Massive crypto bungle, and the slave scammersA couple unexpectedly find $10.5 million in their cryptocurrency account, and in Cambodia people are being...
DNS Best Practices: A Quick Guide for Organizations
DNS Best Practices: A Quick Guide for OrganizationsNowadays, the traditional on-site computing architecture is moved to remote facilities that are normally under the management of a...
These 16 Clicker Malware Infected Android Apps Were Downloaded Over 20 Million Times
These 16 Clicker Malware Infected Android Apps Were Downloaded Over 20 Million TimesAs many as 16 malicious apps with over 20 million cumulative downloads have been...
Not All Sandboxes Are for Children: How to Secure Your SaaS Sandbox
Not All Sandboxes Are for Children: How to Secure Your SaaS SandboxWhen creating a Sandbox, the mindset tends to be that the Sandbox is considered a...
Steam account hacked? Here’s how to get it back
Steam account hacked? Here’s how to get it backWhat are the warning signs that someone has hijacked your Steam account? Here is what to look for...
Why Are We So Stupid About Passwords? SSH and RDP Edition
Why Are We So Stupid About Passwords? SSH and RDP EditionPoor Credential Hygiene Leaves Remote Services at Risk of Brute Force AttacksIf remote access to corporate...
Stronger Cloud Security in Azure Functions Using Custom Cloud Container
Stronger Cloud Security in Azure Functions Using Custom Cloud ContainerIn this entry, we discuss how developers can use custom cloud container image and the distroless approach...
OldGremlin Ransomware Targeted Over a Dozen Russian Entities in Multi-Million Scheme
OldGremlin Ransomware Targeted Over a Dozen Russian Entities in Multi-Million SchemeA Russian-speaking ransomware group dubbed OldGremlin has been attributed to 16 malicious campaigns aimed at entities...
Hackers Using New Version of FurBall Android Malware to Spy on Iranian Citizens
Hackers Using New Version of FurBall Android Malware to Spy on Iranian CitizensThe Iranian threat actor known as Domestic Kitten has been attributed to a new...
Google Launches GUAC Open Source Project to Secure Software Supply Chain
Google Launches GUAC Open Source Project to Secure Software Supply ChainGoogle on Thursday announced that it's seeking contributors to a new open source initiative called Graph...
Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies’ Data Leak
Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies' Data LeakMicrosoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security...
POLONIUM targets Israel with Creepy malware
POLONIUM targets Israel with Creepy malwareESET researchers analyzed previously undocumented custom backdoors and cyberespionage tools deployed in Israel by the POLONIUM APT group The post POLONIUM...
Hackers Started Exploiting Critical “Text4Shell” Apache Commons Text Vulnerability
Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text VulnerabilityWordPress security company Wordfence on Thursday said it started detecting exploitation attempts targeting the newly disclosed flaw in...
A Quick Look at the “Strengthening America’s Cybersecurity” Initiative
A Quick Look at the "Strengthening America's Cybersecurity" InitiativeAcknowledging that you have a problem is the first step to addressing the problem in a serious way....
Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware
Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop MalwareThe notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected...
What Is A Keylogger? Definition, Types, Examples and Prevention
What Is A Keylogger? Definition, Types, Examples and PreventionA keylogger is a software or hardware component that records everything typed on your computer’s keyboard. The term...
Payment terminal malware steals $3.3m worth of credit card numbers – so far
Payment terminal malware steals $3.3m worth of credit card numbers – so farWith shops leaving VNC and RDP open, quelle surprise Cybercriminals have used two strains...
Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware
Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and RansomwareA now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both...
CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware
CISA Warns of Daixin Team Hackers Targeting Health Organizations With RansomwareU.S. cybersecurity and intelligence agencies have published a joint advisory warning of attacks perpetrated by a...
Why Ransomware in Education on the Rise and What That Means for 2023
Why Ransomware in Education on the Rise and What That Means for 2023The breach of LA Unified School District (LAUSD) highlights the prevalence of password vulnerabilities,...
10 common Zelle scams – and how to avoid them
10 common Zelle scams – and how to avoid themFraudsters use various tactics to separate people from their hard-earned cash on Zelle. Here’s how to keep...
Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain NetworkResearchers have disclosed details about a now-patched critical flaw in the Move virtual machine that...
Heat left by users’ fingertips could help hackers crack passwords, researchers claim
Heat left by users’ fingertips could help hackers crack passwords, researchers claimBoffins at the University of Glasgow, in Scotland, have developed a system which they claim...
SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan
SideWinder APT Using New WarHawk Backdoor to Target Entities in PakistanSideWinder, a prolific nation-state actor mainly known for targeting Pakistan military entities, compromised the official website...
Download eBook: Top virtual CISOs share 7 tips for vCISO service providers
Download eBook: Top virtual CISOs share 7 tips for vCISO service providersVirtual Chief Information Security Officer (vCISO) services (also known as 'Fractional CISO' or 'CISO-as-a-Service') are...
Why Palo Alto Networks Now Wants Cider Security, Not Apiiro
Why Palo Alto Networks Now Wants Cider Security, Not ApiiroPalo Alto in Talks to Buy Cider for $200M, Walks Away From $600M Apiiro DealPalo Alto Networks...
Water Labbu Abuses Malicious DApps to Steal Cryptocurrency
Water Labbu Abuses Malicious DApps to Steal CryptocurrencyThe parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their...
Life in pursuit of answers: In the words of Ada Yonath
Life in pursuit of answers: In the words of Ada YonathFrom a little girl financially helping her family in Jerusalem to a Nobel Prize laureate. That is...
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day VulnerabilityTech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS...