The final game in yesterday’s online Chess Olympiad was declared a draw after a widespread internet outage interrupted play. An issue at internet service provider CenturyLink has been blamed for global connectivity problems that disrupted the tournament and caused issues for Cloudflare, Hulu, Reddit, EA, Steam, the PlayStation Network, Xbox Live, Feedly, Discord, and dozens
Month: August 2020
“In today’s knowledge economy, continual learning is an imperative.” — Those words from Aytekin Tank, the founder of JotForm, are particularly important for anyone working in IT or development. With over 1,000 premium courses (complete list) from top instructors, StackSkills Unlimited provides endless learning opportunities. Right now, you can grab lifetime membership for $59. Categories
The Democratic National Committee sent out a nationwide alert on Wednesday warning romance-seeking campaign staffers to be wary of what information they reveal to people they match with on dating apps. Staffers were instructed to “swipe carefully” and to “trust but verify” any facts they were supplied with by prospective partners. They were also told to use
It’s one thing for APT groups to conduct cyber espionage to meet their own financial objectives. But it’s an entirely different matter when they are used as “hackers for hire” by competing private companies to make away with confidential information. Bitdefender’s Cyber Threat Intelligence Lab discovered yet another instance of an espionage attack targeting an
The United States is trying to forfeit 280 cryptocurrency accounts tied to cyber-attacks on two virtual currency exchanges, which were allegedly perpetrated by North Korean threat actors. According to a civil forfeiture complaint filed by the Justice Department yesterday, malicious actors stole millions of dollars’ worth of cryptocurrency and ultimately laundered the funds through Chinese over-the-counter (OTC)
by Paul Ducklin Thanks to Craig Jones, Director of Information Security at Sophos, and the Sophos Security Teamfor their behind-the-scenes work on this article. If you’re a Google Android user, you may have been pestered over the past week by popup notifications that you didn’t expect and certainly didn’t want. The first mainstream victim seems
An Iranian cyberespionage group known for targeting government, defense technology, military, and diplomacy sectors is now impersonating journalists to approach targets via LinkedIn and WhatsApp and infect their devices with malware. Detailing the new tactics of the “Charming Kitten” APT group, Israeli firm Clearsky said, “starting July 2020, we have identified a new TTP of
A government ministry in Jakarta has suggested that a recent spate of cyber-attacks against its critics could be an attempt by a third party to turn public opinion against the government. This month, the Southeast Asia Freedom of Expression Network (SafeNet) recorded six cyber-attacks against high-risk groups such as journalists, academics, and activists. One attack was on
The extortionists attempt to scare the targets into paying by claiming to represent some of the world’s most notorious APT groups Over the last few weeks, a cybercrime group has been extorting various organizations all over the world by threatening to launch distributed denial-of-service (DDoS) attacks against them unless they pay thousands of dollars in
by Paul Ducklin Here’s a cybercrime conspiracy story with a difference. When we write about network-wide ransomware attacks where a whole company is blackmailed in one go, two burning questions immediately come up: How much money did the crooks demand? Did the victim pay up? The answers vary, but as you have probably read here
A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point Research today, the latest wave of Qbot activity
Chrome gets a new way of managing tabs while Firefox now features a new add-ons blocklist Google and Mozilla have each released new stable versions of their web browsers for desktop platforms, with both Chrome and Firefox bringing a slew of new features and security fixes that are being rolled out to Windows, Mac and
A joint effort by agencies in the United States and Europe has brought down an online piracy group that cost film production studios tens of millions of dollars in lost revenue. Indictments unsealed yesterday in Manhattan federal court charge Umar Ahmad and Jonatan Correa with copyright infringement conspiracy. A third man, George Bridi, was charged with wire
Cybercriminals take aim at teleworkers, setting up malicious duplicates of companies’ internal VPN login pages The United States’ Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory to warn about a surge in voice phishing (vishing) attacks targeting staff at a number of companies. The spike in
by Paul Ducklin A recent article on the APNIC blog, entitled Chromium’s impact on root DNS traffic, has set the Chromium browser project thinking about a feature in the browser code that’s known as the Intranet Redirect Detector. To explain. APNIC is the Asia Pacific Network Information Centre, headquartered in Brisbane, Australia, one of five
Hackers always find a way in, even if there’s no software vulnerability to exploit. The FBI has arrested a Russian national who recently traveled to the United States and offered $1 million in bribe to an employee of a targeted company for his help in installing malware into the company’s computer network manually. Egor Igorevich
Cybersecurity professionals want stricter measures to tackle the rising amount of online misinformation and fake domains, according to new research by the Neustar International Security Council (NISC). A new report by NISC found that almost half (48%) of cybersecurity professionals regard these problems as a threat to their enterprise, while the other half (49%) rank
From keeping your account safe to curating who can view your liked content, we look at how you can increase your security and privacy on TikTok TikTok, one of the most recent additions to the roster of major social media platforms, has been enjoying immense popularity since its debut three years ago. The app is
Disinformation is a known tool for nation-state threat actors. Learn what it means for threat intelligence practitioners. Tuesday, August 25, 2020 By: Secureworks When the first page of the calendar turned to 2020, none of us knew what would come in a few months’ time. In fact, Secureworks’ Senior Security Researcher Rafe Pilling thought the
A popular iOS software development kit (SDK) used by over 1,200 apps—with a total of more than a billion mobile users—is said to contain malicious code with the goal of perpetrating mobile ad-click fraud and capturing sensitive information. According to a report published by cybersecurity firm Snyk, Mintegral — a mobile programmatic advertising platform owned
A cyber-attack has shut down virtual classes in a Los Angeles school district two weeks after the FBI issued a cybersecurity warning to schools offering online learning. In a grim foreshadowing of what was to come, FBI supervisory special agent Corey Harris said on August 11: “We want all school districts to be prepared and understand
Several services, including the national revenue agency, had to be shut down following a series of credential-stuffing attacks Cybercriminals set their sights on the Canadian government at the beginning of August, when several government services were disabled following a series of cyberattacks. On August 15, the Treasury Board Secretariat announced that approximately 11,000 online government
Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities. Tracked as CVE-2020-1530 and CVE-2020-1537, both flaws reside in the Remote Access Service (RAS) in a way it manages memory and file operations and could let remote
The first day of online classes at a North Carolina school was memorable for all the wrong reasons after a hacker disrupted a lesson with offensive content. Virtual classes, taught via Google Meet, began at Lee County High School, Sanford, on Monday, August 17, as part of an effort to slow the spread of COVID-19.
The South African arm of one of the world’s largest credit check companies Experian yesterday announced a data breach incident that exposed personal information of millions of its customers. While Experian itself didn’t mention the number of affect customers, in a report, the South African Banking Risk Information Centre—an anti-fraud and banking non-profit organization who
Cross-site scripting has topped the 2020 list of the 25 Most Dangerous Software Weaknesses compiled by the Common Weakness Enumeration (CWE). The vulnerability, described by the CWE as “improper neutralization of input during web page generation,” was given a threat score of 46.82. Describing the dangers posed by cross-site scripting (XSS), CWE wrote: “The attacker could transfer private information,
by Younghoo Lee Younghoo Lee is a Senior Data Scientist at Sophos. Together with Joshua Saxe, Sophos Chief Scientist, he recently presented these findings at DEFCON 28 AI Village. Business Email Compromise (BEC), is a form of targeted phishing where attackers disguise themselves as senior executives to dupe employees into doing something they absolutely shouldn’t,
An unpatched security weakness in Google Drive could be exploited by malware attackers to distribute malicious files disguised as legitimate documents or images, enabling bad actors to perform spear-phishing attacks comparatively with a high success rate. The latest security issue—of which Google is aware but, unfortunately, left unpatched—resides in the “manage versions” functionality offered by
Beware the tax bogeyman – there are tax scams aplenty Although it’s been some weeks since the height of the income tax season in many countries around the globe, the year 2020 has been looking less than normal even for cybercriminal activity. For several months, various threat actors have been attempting to impersonate governmental organizations,
The Tennessee Bureau of Investigation said yesterday that the number of tips received regarding cybercrimes against children has increased sharply since the outbreak of COVID-19. Speaking to media, TBI Director David Rausch said investigators had received more than twice the usual number of tips concerning this type of cybercrime since the pandemic began. In 2020, the
- 1
- 2
- 3
- 4
- Next Page »