Month: July 2021

The digitization of your haircut may not have been on your 2020 bucket list, but 2021 has an even more surprising line item: Tech-powered barbershops are now a business proposition valued at nearly a billion dollars. Squire is a back-end barbershop management tool for independent businesses. I first covered it in the early months of
As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks. “Lack of moderation and automated security controls in public software repositories allow even inexperienced
TuSimple, the self-driving truck company that went public earlier this year, has partnered with Ryder as part of its plan to build out a freight network that will support its autonomous trucking operations. Under the deal announced this week, Ryder’s fleet maintenance facilities will act as terminals for TuSimple’s freight network. TuSimple’s so-called AFN, or
Co-written with Northwave’s Noël Keijzer. Executive Summary For a long time, ransomware gangs were mostly focused on Microsoft Windows operating systems. Yes, we observed the occasional dedicated Unix or Linux based ransomware, but cross-platform ransomware was not happening yet. However, cybercriminals never sleep and in recent months we noticed that several ransomware gangs were experimenting
There are 30 vulnerabilities listed in total; organizations would do well to patch their systems if they haven’t done so yet The leading cybersecurity and law enforcement agencies from the United States, the United Kingdom, and Australia have issued a joint cybersecurity advisory focusing on the top 30 vulnerabilities that were commonly abused by threat actors over
by Paul Ducklin [01’08”] Apple’s emergency 0-day fix. [08’51”] A new sort of Windows nightmare, this one not involving printers. [20’39”] Another new sort of Windows nightmare, also with no printers. [27’37”] Twitter hacker busted. [34’50”] Oh! No! Our very own Doug ruins a brand new TV. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge.
Cybersecurity researchers on Friday unmasked new command-and-control (C2) infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that has been spotted actively serving WellMess malware as part of an ongoing attack campaign. More than 30 C2 servers operated by the Russian foreign intelligence have been uncovered, Microsoft-owned cybersecurity subsidiary RiskIQ said
Aron Solomon Contributor Aron Solomon, J.D., is the head of Strategy for Esquire Digital and the editor of Today’s Esquire. He has taught entrepreneurship at McGill University and the University of Pennsylvania, and was the founder of LegalX, a legal technology accelerator. More posts by this contributor If you don’t want robotic dogs patrolling the
Cybersecurity recruiting is a national problem because of a shortage of talent, said U.S. House lawmakers at a hearing Thursday. But the federal government is facing some specific difficulties in hiring because of a damaged “brand” as an employer, said one witness.  The hearing on cybersecurity workforce shortages, held by the Committee on Homeland Security
Twitter’s transparency report revealed that users aren’t quick to adopt 2FA and once they do enable it, they choose the least secure option According to the data shared by Twitter in its recently released transparency report, the popular social network’s users are reluctant to adopt two-factor authentication (2FA) to bolster their account security. In fact, the report paints
Indian budget hotel chain Oyo may have lost a lot of business amid the pandemic, but it is inching closer to finding a new investor: Microsoft. Microsoft is in advanced stages of talks to invest in Oyo, according to two people with knowledge of the matter. The size of the investment and the valuation are unclear. Oyo
Architected for the cloud-first and remote-first deployments, MVISION Cloud Firewall secures access to applications and resources on the internet, accessed from every remote site and location, through a cloud-native service model. The solution inspects end-to-end user traffic – across all ports and protocols, enabling unified visibility and policy enforcement across the organizational footprint. Powered by
Summary While ransomware attacks continue to be primarily opportunistic rather than targeted, there has been an upward trend in threat groups targeting high-revenue organizations to maximize the ransom payout. Ransom demands have reportedly reached $50 million USD. Threat actors have also innovated, threatening to leak stolen data in ‘name-and-shame’ attacks as additional leverage. In some
What is Network Address Translation (NAT)? A Network Address Translation (NAT) is the process of mapping an internet protocol (IP) address to another by changing the header of IP packets while in transit via a router. This helps to improve security and decrease the number of IP addresses an organization needs. How does Network Address
Whether you’re just starting to build your SaaS empire or you’re further along in your journey, you don’t want to miss TC Sessions: SaaS 2021 on October 27. This day-long virtual event, dedicated to the increasingly sophisticated world of software-as-a-service, features some of the sector’s biggest names, plenty of actionable advice and ample opportunity to
This week, McAfee took an exciting new step in our journey—we are now a pure-play consumer company. What does that mean for consumers? It means that McAfee will be able to focus 100% of our talent and expertise on innovation and development that directly enables and improves the products and services that protect you and your family.  It’s the right time to take
by Paul Ducklin You might be forgiven for thinking that July 2021 was Microsoft’s month for cybersecurity vulnerabilities. First there was PrintNightmare in several guises, followed by HiveNightmare (an entirely unrelated bug that nevertheless attracted the “Nightmare” moniker), followed by PetitPotam (which went down the cute aquatic mammal naming path). Now, however, it’s Apple’s turn
Cary Breese Contributor Cary Breese is the CEO and co-founder of NowRx, a digital retail pharmacy. We have entered a whole new era of e-commerce centered on speed and convenience. Business leaders are being forced to prioritize delivery capabilities and push for more accelerated delivery services. “Fast/reliable delivery” was the most important online shopping attribute
There’s a lot of misinformation about Virtual Private Networks, what they do, and the security benefits they offer. For this article, I’d like to do some myth-busting about how a VPN actually works and why you should use one.  What is a VPN and how does it protect me?  A VPN is an app that you install on your device to help keep your personal data safe as you browse the internet   You may
Online abuse, disinformation, fraud and other malicious content is growing and getting more complex to track. Today, a startup called ActiveFence, which has quietly built a tech platform to suss out threats as they are being formed and planned, to make it easier for trust and safety teams to combat them on platforms, is coming