Google Gmail client-side encryption is available globallyGmail client-side encryption (CSE) is now available for Workspace Enterprise Plus, Education Plus, and Education Standard customers. Google announced that...
Day: March 2, 2023
GootLoader and FakeUpdates Malware Campaign Targets Law Firms
GootLoader and FakeUpdates Malware Campaign Targets Law FirmsTwo separate threat campaigns targeted six different law firms in January and February 2023, distributing GootLoader and FakeUpdates, also...
Stay Vigilant: Trezor Reports a Massive Crypto Wallet Phishing Scam
Stay Vigilant: Trezor Reports a Massive Crypto Wallet Phishing ScamA phishing campaign poses as a Trezor data breach notification order to steal a target’s cryptocurrency wallet...
What Is Clone Phishing? Definition, Examples, and Prevention Measures
What Is Clone Phishing? Definition, Examples, and Prevention MeasuresCybercriminals are using phishing attacks to spread malware and other online threats. But as we get smarter and...
WhatsApp, Teams, and Telegram – Banned in Russian Government Organizations
WhatsApp, Teams, and Telegram – Banned in Russian Government OrganizationsStarting March 1st, the Russian law ”On Information, Information Technologies and Information Protection” forbids state organizations to...
Most Popular Ethical Hacking Tools in 2023
Most Popular Ethical Hacking Tools in 2023Last time we talked about what ethical hacking is, what are its key concepts and what are the benefits it...
Can The US-Led Multinational Counterattack Stop Ransomware’s Gold Rush?
Can The US-Led Multinational Counterattack Stop Ransomware’s Gold Rush?By Camellia Chan, CEO & founder of Flexxon I was honored to be one of the representatives from...
Cybersecurity Attacks To Come: Here’s How To Prepare
Cybersecurity Attacks To Come: Here’s How To PrepareBy Russ Reeder, CEO, Netrix Global Ensuring 100% prevention against all cyberattacks is impossible today, as modern perpetrators find...
Detect PlugX Trojan Masquerading as a Legitimate Windows Debugger Tool to Fly Under the Radar
Detect PlugX Trojan Masquerading as a Legitimate Windows Debugger Tool to Fly Under the Radar Old dog, new tricks! Security researchers revealed PlugX remote access Trojan...
Indigo Books & Music refuses to pay ransom after hackers stole employee information
Indigo Books & Music refuses to pay ransom after hackers stole employee informationFollowing what it called a "cybersecurity incident" three weeks ago, Canadian bookstore chain Indigo...
WH Smith investigates hacking attack after employee data stolen
WH Smith investigates hacking attack after employee data stolenBritish high street giant WH Smith has revealed that it has suffered a "cybersecurity incident," which has seen...
Trezor crypto wallets under attack in SMS phishing campaign
Trezor crypto wallets under attack in SMS phishing campaignWillie Sutton, the criminal who became legendary for stealing from banks during a forty year career, was once...
Vice Society publishes data stolen during Vesuvius ransomware attack
Vice Society publishes data stolen during Vesuvius ransomware attackA notorious ransomware gang has claimed responsibility for a cyber attack against Vesuvius, the London Stock Exchange-listed molten...
Dumb Password Rules
Dumb Password RulesTroy Hunt is collecting examples of dumb password rules. There are some pretty bad disasters out there. My worst experiences are with sites that...
Google Trust Services now offers TLS certificates for Google Domains customers
Google Trust Services now offers TLS certificates for Google Domains customersAndy Warner, Google Trust Services, and Carl Krauss, Product Manager, Google Domains We’re excited to announce...
Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks
Leveraging Data Science to Minimize the Blast Radius of Ransomware AttacksIn this blog entry, we present a case study that illustrates how data-science techniques can be...
Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer
Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine StealerFind out how the Managed XDR team uncovered RedLine Stealer’s evasive spear-phishing campaign that targets the...
CISA releases free ‘Decider’ tool to help with MITRE ATT&CK mapping
CISA releases free ‘Decider’ tool to help with MITRE ATT&CK mappingThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released 'Decider,' an open-source tool that helps...
British retail chain WH Smith says data stolen in cyberattack
British retail chain WH Smith says data stolen in cyberattackBritish retailer WH Smith has suffered a data breach that exposed information belonging to current and former...
White House releases new U.S. national cybersecurity strategy
White House releases new U.S. national cybersecurity strategyThe Biden-Harris administration today released its national cybersecurity strategy that focuses on shifting the burden of defending the country's...
Cyber-attack on WH Smith targets personal staff details
Cyber-attack on WH Smith targets personal staff detailsRetailer says breach has not affected customer details, or had impact on website or general trading WH Smith has...
Okta CEO: Identity Governance Has ‘The Markings of a Hit’
Okta CEO: Identity Governance Has 'The Markings of a Hit'Big Enterprises Embrace Okta Identity Governance in Competitive Bake-Offs, CEO SaysOkta Identity Governance has enjoyed success in...
White House Unveils Biden’s National Cybersecurity Strategy
White House Unveils Biden's National Cybersecurity StrategyFocus Includes Critical Infrastructure Security, Secure Software DevelopmentThe Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges...
British Retailer WH Smith Discloses Breach of Employee Data
British Retailer WH Smith Discloses Breach of Employee DataWebsite Unaffected and No Customer Accounts or Databases Exposed, Company ReportsHigh street retailer WH Smith reports that it...
Google Gmail client-side encryption is available globally
Google Gmail client-side encryption is available globallyGmail client-side encryption (CSE) is now available for Workspace Enterprise Plus, Education Plus, and Education Standard customers. Google announced that...
Smashing Security podcast #311: TikTok, wiretapping, and your deepfake voice is your password
Smashing Security podcast #311: TikTok, wiretapping, and your deepfake voice is your passwordWho has been warning Italian criminals that their phones are wiretapped? Can you trust...
Russia bans foreign messaging apps in government organizations
Russia bans foreign messaging apps in government organizationsRussia's internet watchdog agency Roskomnadzor is warning that today is the first day that laws banning the use of many...
Cisco patches critical Web UI RCE flaw in multiple IP phones
Cisco patches critical Web UI RCE flaw in multiple IP phonesCisco has addressed a critical security vulnerability found in the Web UI of multiple IP Phone...
Iron Tiger hackers create Linux version of their custom malware
Iron Tiger hackers create Linux version of their custom malwareThe APT27 hacking group, aka "Iron Tiger," has prepared a new Linux version of its SysUpdate custom...
Microsoft Exchange Online outage blocks access to mailboxes worldwide
Microsoft Exchange Online outage blocks access to mailboxes worldwideMicrosoft is investigating an ongoing outage that is blocking Exchange Online customers worldwide from accessing their mailboxes via...