AWS releases Wickr, its encrypted messaging service for enterprisesThe release of the enterprise version of the encrypted messaging service, announced at AWS re:Invent, is designed to...
Month: December 2022
Two signs in the comms cabinet said ‘Do not unplug’. Guess what happened
Two signs in the comms cabinet said 'Do not unplug'. Guess what happenedNo amount of resilience planning can defeat determined idiots whose devices are low on...
Happy Holidays!
Happy Holidays! Dear blog readers, It's been a while since I've last posted a high-quality personal message on my personal blog but the first thing that...
Zero-Day Exploit Prices for Signal Messaging App Are Skyrocketing
Zero-Day Exploit Prices for Signal Messaging App Are SkyrocketingOpZero, a new exploit broker company based in Petersburg, Russia, tripled Zerodium’s offer for an eventual Signal RCE...
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day VulnerabilitySearch giant Google on Friday released an out-of-band security update to fix a new...
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency AppsThe Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure to deliver...
When Being Attractive Gets Risky – How Does Your Attack Surface Look to an Attacker?
When Being Attractive Gets Risky - How Does Your Attack Surface Look to an Attacker?In the era of digitization and ever-changing business needs, the production environment...
Financial services increasingly targeted for API-based cyberattacks
Financial services increasingly targeted for API-based cyberattacksA report published Monday by cloud services and CDN (content delivery network) platform Akamai said that the financial services industry...
SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars
SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected CarsCybersecurity researchers have discovered a security vulnerability that exposes cars from Honda, Nissan, Infiniti, and Acura to...
Mozilla, Microsoft drop TrustCor as root certificate authority
Mozilla, Microsoft drop TrustCor as root certificate authority'There is no evidence to suggest that TrustCor violated conduct, policy, or procedure' says biz Updated Mozilla and Microsoft...
Organizations Face Barrage of Holiday Ransomware Attacks
Organizations Face Barrage of Holiday Ransomware Attacks Many organizations remain unprepared to handle a ransomware attack on a holiday or weekend, as they continue to operate...
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of ManufacturersThree different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software...
Industry Coalition Urges Congress to Hold off on SBOM Requirements for Defense Contractors
Industry Coalition Urges Congress to Hold off on SBOM Requirements for Defense ContractorsThe coalition outlined the need to refine SBOM requirements before making it an obligation...
Flaw in Aged Boa Web Server Threatens Supply Chain
Flaw in Aged Boa Web Server Threatens Supply Chain Microsoft may have retired the Boa web server in 2005, but that hasn’t stopped widespread use—and now...
How to build a public profile as a cybersecurity pro
How to build a public profile as a cybersecurity proCybersecurity professionals interested in raising their profiles as subject matter experts can count on social media to...
Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware
Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as RansomwareA new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices...
Domain aging gang CashRewindo picks vintage sites to push malvertising
Domain aging gang CashRewindo picks vintage sites to push malvertisingLike fine wine, the longer it sits, the better it is A sophisticated and very patient threat...
Can you be phished in Slack?
Can you be phished in Slack?Is Slack a trusted platform for communication? The short answer is yes. The longer answer is that you should always be...
BrandPost: SASE: The Only Way to Improve Network Security Without Added Complexity
BrandPost: SASE: The Only Way to Improve Network Security Without Added ComplexityBy: Mike Spanbauer, Field CTO, Security at Juniper Networks The future of network security has a...
The CHRISTMA EXEC network worm – 35 years and counting!
The CHRISTMA EXEC network worm – 35 years and counting!"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...Leer másNaked Security"Uh-oh, this...
S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]
S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]Latest episode - listen now (or read if you prefer)...Leer másNaked SecurityLatest episode -...
The FBI Says This Ransomware Scam in Cuba Raked in $60 Million From Over 100 Victims
The FBI Says This Ransomware Scam in Cuba Raked in $60 Million From Over 100 VictimsThe FBI and CISA revealed in a new joint security advisory...
FBI warns about Cuba, no, not that one — the ransomware gang
FBI warns about Cuba, no, not that one — the ransomware gangCritical infrastructure attacks ramping up The US government has issued an alert about Cuba; not...
What is Ransom Cartel? A ransomware gang focused on reputational damage
What is Ransom Cartel? A ransomware gang focused on reputational damageRansom Cartel, a ransomware-as-a-service (RaaS) operation, has stepped up its attacks over the past year after...
Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
Number Nine! Chrome fixes another 2022 zero-day, Edge patched tooNinth more unto the breach, dear friends, ninth more.Leer másNaked SecurityNinth more unto the breach, dear friends,...
Apple pushes out iOS security update that’s more tight-lipped than ever
Apple pushes out iOS security update that’s more tight-lipped than everWe grabbed the update, based on no information at all, just in case we came across...
Hackers Use Archive Files and HTML Smuggling to Bypass Detection Tools
Hackers Use Archive Files and HTML Smuggling to Bypass Detection ToolsHP's latest report suggests 44% of malware was delivered via archive files in Q3 2022Leer másHP's...
Ransomware attackers allegedly demand ransom from AIIMS: police deny report
Ransomware attackers allegedly demand ransom from AIIMS: police deny reportA hacker has allegedly demanded Rs 200 crore in cryptocurrency from the All India Institute of Medical...
LastPass admits to customer data breach caused by previous breach
LastPass admits to customer data breach caused by previous breachSeems that the developer account that the crooks breached last time gave indirect access to customer data...
Medibank prognosis gets worse after more stolen data leaked
Medibank prognosis gets worse after more stolen data leakedPlus Australia launches an investigation into insurer's data privacy practices Australian health insurer Medibank's prognosis following an October...