FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy LawEpic Games has reached a $520 million settlement with the U.S. Federal Trade Commission...
Month: December 2022
The Rise of the Rookie Hacker – A New Trend to Reckon With
The Rise of the Rookie Hacker - A New Trend to Reckon WithMore zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes - 2022 trends...
Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems
Raspberry Robin Worm Strikes Again, Targeting Telecom and Government SystemsThe Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia,...
Hackers Breach Okta’s GitHub Repositories, Steal Source Code
Hackers Breach Okta's GitHub Repositories, Steal Source CodeOkta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code...
Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities
Zerobot Botnet Emerges as a Growing Threat with New Exploits and CapabilitiesThe Zerobot DDoS botnet has received substantial updates that expand on its ability to target more internet-connected...
Most Popular Blog Posts, 2022: Cyber Risk Data, CRQ Use Cases, Maximize GRC
Most Popular Blog Posts, 2022: Cyber Risk Data, CRQ Use Cases, Maximize GRC Readers of the RiskLens blog dug into a wide range of topics we...
Two New Security Flaws Reported in Ghost CMS Blogging Software
Two New Security Flaws Reported in Ghost CMS Blogging SoftwareCybersecurity researchers have detailed two security flaws in the JavaScript-based blogging platform known as Ghost, one of which...
Critical Security Flaw Reported in Passwordstate Enterprise Password Manager
Critical Security Flaw Reported in Passwordstate Enterprise Password ManagerMultiple high-severity vulnerabilities have been disclosed in Passwordstate password management solution that could be exploited by an unauthenticated...
The Era of Cyber Threat Intelligence Sharing
The Era of Cyber Threat Intelligence SharingWe spent forty years defending ourselves as individuals. Trying to outsmart cybercriminals, outpower them, and when all our efforts failed,...
FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape
FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware LandscapeAn exhaustive analysis of FIN7 has unmasked the cybercrime syndicate's organizational hierarchy, alongside unraveling its role as an...
PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware
PrivateLoader PPI Service Found Distributing Info-Stealing RisePro MalwareThe pay-per-install (PPI) malware downloader service known as PrivateLoader is being used to distribute a previously documented information-stealing malware...
USENIX Security ’22 – Gökçen Yılmaz Dayanıklı, Sourav Sinha, Devaprakash Muniraj, Ryan M. Gerdes, Mazen Farhood, Mani Mina ‘Physical-Layer Attacks Against Pulse Width Modulation-Controlled Actuators’
USENIX Security ’22 – Gökçen Yılmaz Dayanıklı, Sourav Sinha, Devaprakash Muniraj, Ryan M. Gerdes, Mazen Farhood, Mani Mina ‘Physical-Layer Attacks Against Pulse Width Modulation-Controlled Actuators’Our thanks...
End of Year Bells Are Ringing: How to Balance Cyber Costs with Resilience Goals
End of Year Bells Are Ringing: How to Balance Cyber Costs with Resilience Goals 12 Days of Cybersecurity: Day 2 This holiday season, in light of...
GuLoader Malware Utilizing New Techniques to Evade Security Software
GuLoader Malware Utilizing New Techniques to Evade Security SoftwareCybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security...
2022 Top Five Immediate Threats in Geopolitical Context
2022 Top Five Immediate Threats in Geopolitical ContextAs we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in...
Hacking a .NET API in the real world
Hacking a .NET API in the real worldLet me tell you a story about the time I hacked into a .NET API through a bit of...
Open Policy Agent with Kubernetes – Tutorial (Pt. 1)
Open Policy Agent with Kubernetes – Tutorial (Pt. 1)Let's get our hands dirty with policy as code and write our first OPA policies for a Kubernetes...
BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection
BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW ProtectionBlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its...
Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak
Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data LeakMeta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay...
APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector
APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion VectorMicrosoft's decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded...
Randall Munroe’s XKCD ‘Pando’
Randall Munroe’s XKCD ‘Pando’via the comic artistry and dry wit of Randall Munroe, resident at XKCD! The post Randall Munroe’s XKCD ‘Pando’ appeared first on Security...
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital CurrenciesDecentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute...
How (and Why) to Take Full Advantage of Apple’s New Advanced Data Protection Feature
How (and Why) to Take Full Advantage of Apple’s New Advanced Data Protection FeatureWith the iOS 16.2 update, Apple introduced “Advanced Data Protection,” which finally introduced...
Why the Global Video Game Market is a Bellwether for Other Businesses
Why the Global Video Game Market is a Bellwether for Other BusinessesThe video game market has come a long way since Pong became a new hobby...
Critical “10-out-of-10” Linux kernel SMB hole – should you worry?
Critical “10-out-of-10” Linux kernel SMB hole – should you worry?It's serious, it's critical, and you could call it severe... but in HHGttG terminology, it's probably "mostly...
Russian Leaders Continue Falling to Their Death After Critizing Putin
Russian Leaders Continue Falling to Their Death After Critizing PutinFirst they killed his friend. Then they killed him. According to Indian media reports, Antov died after he...
USENIX Security ’22 – ‘Branch History Injection: On The Effectiveness Of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks’
USENIX Security ’22 – ‘Branch History Injection: On The Effectiveness Of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks’Complete Title: 'USENIX Security '22 - Enrico Barberis, Pietro Frigo,...
GuLoader implements new evasion techniques
GuLoader implements new evasion techniquesCybersecurity researchers exposed new evasion techniques adopted by an advanced malware downloader called GuLoader. CrowdStrike researchers d a detailed multiple evasion techniques implemented...
Uncovering the link between PrivateLoader PPI service and RisePro stealer
Uncovering the link between PrivateLoader PPI service and RisePro stealerThe pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the RisePro info-stealing malware. The pay-per-install...
Facebook (Meta) to settle Cambridge Analytica data leak for $725M
Facebook (Meta) to settle Cambridge Analytica data leak for $725MFacebook (Meta) has agreed to pay $725 million to settle the class-action lawsuit filed in 2018 over...