0 Comments
The ‘it won’t happen to me’ mindset leaves you unprepared – here are some common factors that put any of us at risk of online fraud Sometimes you need to say things that go without saying: The internet has revolutionized our lives, changing the way we work, learn, entertain ourselves and interact with each other.
0 Comments
What can organizations do to capitalize on the current fluidity in the job market and bring fresh cybersecurity talent into the fold? We all know there’s a cybersecurity skills shortage. Across the globe, the shortfall of talent is now measured in the millions. We’ve also all heard about the Great Resignation: a once-in-a-generation period of
0 Comments
The Spanish government has sacked its spy chief Paz Esteban amid a dual phone-hacking scandal involving Pegasus spyware, the country’s defense minister said today. The National Intelligence Center (CNI) that Esteban headed faced controversy recently for reportedly using Pegasus, developed by Israel’s NSO Group, to spy on leaders of the Catalan independence movement. CNI was
0 Comments
The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed. “Analysis of these samples indicates that the developer has access to REvil’s source code, reinforcing the likelihood that the threat group has reemerged,” researchers from Secureworks Counter Threat Unit
0 Comments
Russians tuning in to view the country’s Victory Day parade today were shocked to find anti-war messages after the country’s television listings system was hacked. The hack affected several major networks, including Channel One, Rossiya-1 and NTV-Plus, the BBC reported. The name of every program was replaced with a message stating, per the BBC’s translation: “On your
0 Comments
by Paul Ducklin Popular package management site RubyGems.org, which stores and supplies hundreds of thousands of modules for the widely-used programming language Ruby, just patched a dangerous server-side vulnerability. The bug, dubbed CVE-2022-29176, could have allowed attackers to remove a package that wasn’t theirs (yanking it, in RubyGems jargon), and then to replace it with
0 Comments
Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat (aka DarkCrystal RAT) that’s offered on sale for “dirt cheap” prices, making it accessible to professional cybercriminal groups and novice actors alike. “Unlike the well-funded, massive Russian threat groups crafting custom malware […], this remote access Trojan (RAT) appears to be
0 Comments
The US National Institute of Standards and Technology (NIST) has updated its guidance on supply chain cybersecurity. The revised publication, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, gives organizations key practices to adopt as they manage cybersecurity risks across their supply chains. In particular, it advises organizations to consider vulnerabilities in the components of a
0 Comments
The conflict in Ukraine has highlighted the risks of cyberespionage attacks that typically involve Advanced Persistent Threat groups and often target organizations’ most valuable data The conflict in Ukraine has highlighted the risks of cyberespionage and sabotage, which typically involve Advanced Persistent Threat (APT) groups. In this special edition of Week in security, Tony looks
0 Comments
Here’s what you should know about some of the nastiest mobile malware – from malicious software that takes phones and data hostage to RATs that allow hackers to control devices remotely These days, the device in your pocket can do far more than call or send text messages. Your smartphone stores almost every aspect of
0 Comments
Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the malware to a cluster named “Raspberry Robin,” Red Canary researchers noted that the worm “leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.” The earliest signs of the
0 Comments
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. [00’23”] Fun Fact. What comes after “123”? [01’57”] World Password Day. (We still need it!) [04’20”] GitHub authentication troubles. [11’55”] This Week in Tech History. Sasser, the sassy Windows worm. [15’55”] Firefox hits
0 Comments
By Oliver Devane  McAfee has identified several Youtube channels which were live-streaming a modified version of a live stream called ‘The B Word’ where Elon Musk, Cathie Wood, and Jack Dorsey discuss various aspects of cryptocurrency.   The modified live streams make the original video smaller and put a frame around it advertising malicious sites that