admin

0 Comments
An ongoing malicious campaign that employs phony call centers has been found to trick victims into downloading malware capable of data exfiltration as well as deploying ransomware on infected systems. The attacks — dubbed “BazaCall” — eschew traditional social engineering techniques that rely on rogue URLs and malware-laced documents in favor of a vishing-like method
0 Comments
Summary While ransomware attacks continue to be primarily opportunistic rather than targeted, there has been an upward trend in threat groups targeting high-revenue organizations to maximize the ransom payout. Ransom demands have reportedly reached $50 million USD. Threat actors have also innovated, threatening to leak stolen data in ‘name-and-shame’ attacks as additional leverage. In some
0 Comments
Co-written with Northwave’s Noël Keijzer. Executive Summary For a long time, ransomware gangs were mostly focused on Microsoft Windows operating systems. Yes, we observed the occasional dedicated Unix or Linux based ransomware, but cross-platform ransomware was not happening yet. However, cybercriminals never sleep and in recent months we noticed that several ransomware gangs were experimenting
0 Comments
Twitter’s transparency report revealed that users aren’t quick to adopt 2FA and once they do enable it, they choose the least secure option According to the data shared by Twitter in its recently released transparency report, the popular social network’s users are reluctant to adopt two-factor authentication (2FA) to bolster their account security. In fact, the report paints
0 Comments
by Paul Ducklin You might be forgiven for thinking that July 2021 was Microsoft’s month for cybersecurity vulnerabilities. First there was PrintNightmare in several guises, followed by HiveNightmare (an entirely unrelated bug that nevertheless attracted the “Nightmare” moniker), followed by PetitPotam (which went down the cute aquatic mammal naming path). Now, however, it’s Apple’s turn
0 Comments
There’s a lot of misinformation about Virtual Private Networks, what they do, and the security benefits they offer. For this article, I’d like to do some myth-busting about how a VPN actually works and why you should use one.  What is a VPN and how does it protect me?  A VPN is an app that you install on your device to help keep your personal data safe as you browse the internet   You may
0 Comments
Cybersecurity researchers have discovered multiple security vulnerabilities in Zimbra email collaboration software that could be potentially exploited to compromise email accounts by sending a malicious message and even achieve a full takeover of the mail server when hosted on a cloud infrastructure. The flaws — tracked as CVE-2021-35208 and CVE-2021-35208 — were discovered and reported
0 Comments
 There’s a lot of conversation going on right now around digital apps; only it’s not about TikTok or Twitch. Instead, it’s about the spike in the number of app scams taking place every day—many of them impacting younger consumers.  In a recent report from The Washington Post, nearly two percent of the apps downloaded from the Apple store in a single day were scams costing consumers an estimated $48 million. A similar report this week in Tech Republic estimates more than
0 Comments
Equipping and guiding your digitally connected child is one of the toughest challenges you will face as a parent. As your child grows and changes, so too will their online activities. Friend groups, favorite apps, and online interests can shift from one month to the next, which is why parental controls can be a parent’s
0 Comments
Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what’s known as a “Fraud-as-a-Service” operation. The apprehended suspects, a 24-year-old software engineer, and a 15-year-old boy, are said to have been
0 Comments
People in their 20s and 30s are losing it online. And by it, I mean money—thanks to digital identity theft.  In its simplest form, your digital identity is made up of a whole host of things that can be traced back to you and who you are. That can range anywhere from photos you post online to online shopping accounts, email accounts to telephone numbers,
0 Comments
How many rooms in your home contain a smart device? From security cameras to showerheads with Bluetooth speakers, smart home technology is rapidly making its way into every room in every household. In fact, the number of smart households (those that contain smart home technology) in the U.S. is expected to grow to 77.05 million by 2025. But with new technology comes new challenges.   Many product designers rush to get their smart devices
0 Comments
The Zero Trust architecture offers an increasingly popular way to minimize cyber-risk in a world of hybrid cloud, flexible working and persistent threat actors. The post-pandemic normal for global organizations increasingly means using digital technology to support more flexible working practices. Although tech giants such as Twitter and Facebook made headlines by promising some employees they can work from home forever,
0 Comments
by Paul Ducklin [00’38”] Learning from computer virus history.  [02’26”] The PrintNightmare saga continues.  [05’27”] Apple puts out a patch, but doesn’t say why.  [08’12”] Snitch on a crook and earn $10 million.  [17’50”] Scammars do grammer and speeling correctly.  [25’12”] And the Business Email Compromise that wasn’t. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. LISTEN NOW Click-and-drag on the
0 Comments
Written by Shuborno, Principal Engineer At McAfee, architects and engineers continuously have opportunities to make decisions that impact customers and propel exciting and meaningful careers. They also work with leaders focused on supporting their learning and growth. These truths have been constant and driving forces for me throughout my 15+ years with the company. Today,
0 Comments
To mitigate the chances of their Wi-Fi home routers being compromised, users would do well to change the manufacturer’s default access credentials One in 16 home Wi-Fi routers is still sporting the manufacturer’s default admin password, a recent study conducted by technology website Comparitech revealed. This flaw could allow cybercriminals to conduct all manner of cyberattacks, including
0 Comments
Nearly three weeks after Florida-based software vendor Kaseya was hit by a widespread supply-chain ransomware attack, the company on Thursday said it obtained a universal decryptor to unlock systems and help customers recover their data. “On July 21, Kaseya obtained a decryptor for victims of the REvil ransomware attack, and we’re working to remediate customers
0 Comments
by Paul Ducklin As if one Windows Nightmare dogging all our printers were not enough… …here’s another bug, disclosed by Microsoft on 2021-07-20, that could expose critical secrets from the Windows registry. Denoted CVE-2021-36934, this one has variously been nicknamed HiveNightmare and SeriousSAM. The moniker HiveNightmare comes from the fact that Windows stores its registry
0 Comments
Cybercriminals may target the popular event with ransomware, phishing, or DDoS attacks in a bid to increase their notoriety or make money The United States’ Federal Bureau of Investigation (FBI) has issued a warning about threat actors potentially attempting to disrupt the upcoming Tokyo 2020 Summer Olympics. It went on to warn that cybercriminals could utilize various