Month: December 2020

Cybersecurity researchers on Thursday disclosed details of a previously undiscovered in-memory Windows backdoor developed by a hacker-for-hire operation that can execute remotely malicious code and steal sensitive information from its targets in Asia, Europe, and the US. Dubbed “PowerPepper” by Kaspersky researchers, the malware has been attributed to the DeathStalker group (formerly called Deceptikons), a
A cybersecurity company has urged the rising number of smart sex toy owners to think about protection. Sales of internet-connected sex toys, also known as teledildonics, have increased since lockdown measures were introduced to slow the spread of COVID-19.  In March alone, sex toy revenue in France, Italy, and Spain, where lockdown measures were particularly stringent, exceeded
A trio of companies is launching a new research institute whose intended purpose is to strengthen privacy and trust for decentralized artificial intelligence (AI).  The Private AI Collaborative Research Institute, originally established by Intel‘s University Research & Collaboration Office (URC), is launching as a joint project involving digital security and privacy products vendor Avast and AI software-defined secure computing
Security operations, or SecOps, has had a direct, if increasingly challenging, mandate since the dawn of enterprise networking: detect, respond to, predict and prevent cyberattacks. But SecOps roles and responsibilities are shifting to accommodate growing interest in an offensive, rather than defensive, approach to cybersecurity. By staying ahead of threats and anticipating bad actors’ next
A global spear-phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, according to new research. Attributing the operation to a nation-state actor, IBM Security X-Force researchers said the attacks took aim at the vaccine cold chain, companies responsible for storing and delivering the COVID-19 vaccine at safe temperatures.
Universities and colleges around the world are being targeted by a new phishing campaign, according to fresh research published by RiskIQ. Among the educational establishments to be hit by the Shadow Academy campaign are Louisiana State University (LSU) in the United States and Oxford, Brighton, and Wolverhampton Universities in the United Kingdom. RiskIQ researchers got wind
TrickBot, one of the most notorious and adaptable malware botnets in the world, is expanding its toolset to set its sights on firmware vulnerabilities to potentially deploy bootkits and take complete control of an infected system. The new functionality, dubbed “TrickBoot” by Advanced Intelligence (AdvIntel) and Eclypsium, makes use of readily available tools to check
The CEO and co-founder of a billion-dollar cybersecurity company has moved its headquarters out of San Francisco because it’s “not the city it was.” Forty-year-old Orion Hindawi helped to build up two successful companies in the San Francisco Bay Area where he was born. Now he is relocating the head office of Tanium—the endpoint security
Without ever setting foot in the lab, a threat actor could dupe DNA researchers into creating pathogens, according to a study describing “an end-to-end cyber-biological attack” Researchers have described a theoretical cyberattack that could be used to dupe unsuspecting scientists into producing dangerous biological substances, toxins and synthetic viruses. The paper, authored by researchers from Israel’s
Having employees connect remotely to your corporate network is not new. Most companies use cloud-based software-as-a-service (SaaS) applications and have some virtual private network (VPN) or remote desktop capabilities to enable field sales staff or roaming users to connect to essential applications and data. However, few — if any — companies were prepared for our
Multiple botnets are targeting thousands of publicly exposed and still unpatched Oracle WebLogic servers to deploy crypto miners and steal sensitive information from infected systems. The attacks are taking aim at a recently patched WebLogic Server vulnerability, which was released by Oracle as part of its October 2020 Critical Patch Update and subsequently again in
An American hacker has been sent to prison for carrying out a series of cyber and swatting attacks, including sending bogus threats of shootings and bombings to schools in the United Kingdom and the United States. North Carolina resident Timothy Dalton Vaughn also called in a false report of an airplane hijacking involving a jetliner
Baltimore County Public Schools became the latest victim of ransomware attacks against the K-12 education sector, which have seen increases in frequency, sophistication and ransom demands in recent months. Since the start of the new school year, the hurried switch to remote learning brought on by COVID-19 has caused significant cybersecurity risks, which were only
Denmark’s largest news agency has refused to pay a ransom to cyber-criminals who attacked its computer system with ransomware.  Wire service Ritzau was knocked offline following an attack that occurred early last week. The incident infected roughly a quarter of the agency’s 100 servers with malware, causing editorial systems to be shut down. Copenhagen-based Ritzau, which has