by Paul Ducklin [00’29”] Don’t miss our cybersecurity podcast minisodes! [01’46”] Bliss is a hill in wine country. [03’37”] Lessons from a cryptotrading hamster. [08’46”] Ransomware gang hacked back. [20’27”] Docusign phishers go after 2FA codes. [30’23”] Oh! No! Sleep mode considered harmful. With Paul Ducklin and Doug Aamoth. Intro and outro music by Edith
Month: October 2021
Law enforcement agencies in the United States have searched the Florida premises of a Chinese payment-terminal provider. A warehouse and offices belonging to multinational Pax Technology were scoured by the Federal Bureau of Investigation, the Department of Homeland Security, and other agencies on Tuesday after concerns were reportedly raised over the company’s security. The FBI said that
By What is shoulder surfing? Shoulder surfing is using direct observation techniques, such as looking over someone’s shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it’s relatively easy to stand next to someone and watch as they fill out a form, enter a PIN at an
Kathryn Kosmides Contributor Kathryn Kosmides is a survivor of gender-based violence and the founder of nonprofit background check Garbo. Facebook whistleblower Frances Haugen’s message about Instagram’s impact on teenage girls was unequivocal: Facebook’s studies found that 13% of British teens said Instagram prompted thoughts of suicide, and 17% of teen girls say Instagram makes eating
12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups. The arrests were made earlier this week on October 26 in Ukraine and Switzerland, resulting
Welcome to Startups Weekly, a fresh human-first take on this week’s startup news and trends. To get this in your inbox, subscribe here. I spent the past month interviewing current and former employees at Ro, a health tech unicorn, about rising tensions within the company as it struggles to grow into its $5 billion valuation.
by Naked Security writer In an intriguingly worded news statement issued today, Europol has announced police action in both Switzerland and Ukraine against 12 cybercrime suspects. The document doesn’t actually use words such as a “arrested” or “charged with criminal offences”, saying merely that: A total of 12 individuals wreaking havoc across the world with
A man from Minnesota has been charged with hacking four major American professional sports leagues and defrauding them of millions of dollars by illegally streaming copyrighted live games. St. Louis Park resident Joshua Streit, who is also known as Josh Brody, allegedly intruded into the computer systems of the National Basketball Association (NBA), the National Football League
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor ESET researchers have discovered a unique and previously undescribed loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory. We have named this new malware Wslink
What is risk appetite and how is it different from risk tolerance? Risk appetite is the amount of risk an organization is willing to take in pursuit of objectives it deems have value. Risk appetite can also be described as an organization’s risk capacity, or the maximum amount of residual risk it will accept after
What do social media companies really know about you? It’s a fair question. And the quick answer is this: the more you use social media, the more those companies likely know. The moment you examine the question more closely, the answer takes on greater depth. Consider how much we use social media for things other than connecting with friends.
Tracie Gildea Contributor Tracie Gildea is chief marketing officer of STANLEY Security and is a vocal advocate for diversity and inclusion in the workplace. My son was diagnosed with autism spectrum disorder in the first grade. As a mother, it took an ecosystem of support from schools, counselors and family members to ensure that we
An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. The malware has been named “AbstractEmu” owing to its use of code abstraction and anti-emulation checks to avoid running while under
Jonathan Greechan Contributor Jonathan Greechan is CEO and co-founder of the world’s largest pre-seed accelerator, Founder Institute. More posts by this contributor Do you fit the mold for the next generation of values-driven VCs? These best practices maximize the value of your online events Earlier this year, a report from the EU showed that 42%
The police sting spanned three continents and involved crackdowns in nine countries Law enforcement agencies from Europe, the United States and Australia have teamed up to arrest some 150 people who are believed to have sold and bought illegal drugs and other illicit goods on the dark web. “More than €26.7 million (USD 31 million)
by Paul Ducklin When we wrote about Apple’s latest security patches earlier this week, we noted that: There are 37 listed fixes covering everything from AppKit to zsh. 15 of these were of the “malicious application may be able to execute arbitrary code” sort, with 9 of those bugs dealing with code execution bugs in
RED74, a managed security services provider based in New Jersey, has been acquired by cybersecurity consulting and managed services firm Cerberus Cyber Sentinel Corporation. The financial terms of the acquisition were not disclosed when the deal was announced on Thursday. RED74 is a privately held company whose clientele are primarily in the financial services and distribution/warehouse management sectors.
Uber, Lyft, Spin, Bird, Lime and other mobility companies have been working with cities to develop a set of guidelines over how to protect riders’ data. The Privacy Principles for Mobility Data, which were presented at the annual North American Bikeshare & Scootershare Association (NABSA) conference on Thursday, marks a new level of cooperation between cities
What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet? Halloween, the scariest day of the year, is upon us. That can mean only one thing: children donning costumes of either their heroes or the scariest thing
Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input in a feature called Intents as well as a case of inappropriate
Facebook is working on a new high-end VR headset codenamed Project Cambria. The company teased the device during its recent Connect conference on Thursday. It plans to release the headset sometime next year. Facebook CEO Mark Zuckerberg said it will be a separate “high-end” product from the company’s $299 Quest 2 headset. It will also cost
by Paul Ducklin We’ve been using Edge on Linux for quite some time, first in Dev Build form, then in its Beta flavour… …but when we went to check Microsoft’s repository tonight, we were surprised to see a build package that had arrived just an hour earlier with the name microsoft-edge-stable-95.0.1020.38-1.x86_64.rpm. So, the Eagle, or
Microsoft has announced plans to fill 250,000 cybersecurity roles by working with community colleges across the United States. As part of the recruitment drive, the American multinational technology corporation said today that it intends to invest millions of dollars in education and teacher training over the next three years. As of January 2021, there were
Twitter detailed its process for onboarding 100% of employee accounts with physical Yubico security keys in a blog post Wednesday. The post comes a little over a year after last summer’s Twitter hack, in which attackers used a social engineering attack that granted access to administrative systems and tools within the company. Through this access,
Cybersecurity professionals know this drill well all too well. Making sense of lots of information and noise to access what really matters. XDR (Extended Detection & Response) continues to be a technical acronym thrown around in the cybersecurity industry with many notations and promises. Every vendor offering cybersecurity has an XDR song to sing. Interestingly,
Twitter is rolling out a new feature called ‘Labs’ for Twitter Blue, its premium subscription service. Labs will give Twitter Blue subscribers early access to features that Twitter is testing as a part of that bundle, which is currently only available in Canada and Australia. Now, Labs subscribers now have the ability to upload videos
A new spam email campaign has emerged as a conduit for a previously undocumented malware loader that enables the attackers to gain an initial foothold into enterprise networks and drop malicious payloads on compromised systems. “These infections are also used to facilitate the delivery of additional malware such as Qakbot and Cobalt Strike, two of
Wavemaker Impact’s founders: (from left to right) Quentin Vaquette, Doug Parker, Marie Cheong, Paul Santos, and Steve Melhuish Wavemaker Partners doesn’t just want to invest in climate tech and sustainability startups. It also wants to help build them. Today, the Singapore-based firm announced the launch of Wavemaker Impact, a venture builder that identifies potential business
by Paul Ducklin First thing this morning, just after midnight, we received the latest slew of Apple Security Bulletins by email. As often seems to happen with Cupertino’s patches, the emails were informative and confusing in equal measure, offering an intriguing mix of security update information: The latest macOS 12 Monterey emerges as 12.0.1. We’re
The United States government has launched an appeal against a UK court’s decision to refuse to extradite Wikileaks founder Julian Assange. Australian citizen Assange, who is aged 50, was indicted by the US Department of Justice in 2019 over his alleged involvement in the acquisition and publication of thousands of classified US diplomatic and military documents. The
- 1
- 2
- 3
- …
- 8
- Next Page »