The beginning of the summer break is the perfect time for parents to remind their children about the importance of safe online habits The sun’s out, and so is school. But despite our best efforts, the chances are that our children will spend the coming summer holiday period glued to their devices. Depending on their
Month: June 2023
The Swiss Federal Intelligence Service (FIS) released its latest situation report on Tuesday, highlighting the ongoing impact of Russia’s aggression against Ukraine on national and international security. The report emphasized that the increasing rivalry between significant powers heavily influences Switzerland’s security. It also showed how the decline in the effectiveness of international forums like the
Jun 30, 2023The Hacker NewsCyber Espionage/ Malware Charming Kitten, the nation-state actor affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. “There have been improved operational security measures placed in the malware to make it more
WhatsApp today announced a new and quicker to transfer chat from your old phone to a new phone through a QR-code-based method. The company said that users migrating to another phone with the same operating system will be able to transfer WhatsApp data using a local Wi-Fi connection. Image Credits: WhatsApp To transfer your chat
Seoul-based e-commerce company Levit, an operator of the shopping app Alwayz, wants to make the shopping experience more entertaining and affordable. The two-year-old startup has recently raised $46 million in a Series B round of funding led by DST Global Partners with participation from new investor BOND and existing backers KB Investment, Mirae Asset Capital,
While employee monitoring software may boost productivity, it may also be a potential privacy minefield and it can affect your relationship with your employees Things may not always run smoothly in the workplace and bosses and workers may not always see eye to eye on many things. But there may be another “threat” in town:
A new wave of powerful DDoS attacks has emerged across the threat landscape, and cybersecurity vendors say previous mitigation efforts are becoming increasingly ineffective. Recent attacks over the past year against prominent vendors such as Microsoft and Google represent a shift to application layer, or Layer 7, DDoS attacks, but it doesn’t stop there. The
The US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published a comprehensive set of guidelines aimed at defending Continuous Integration/Continuous Delivery (CI/CD) environments. The guidelines address the rising threat of malicious cyber actors (MCAs) exploiting vulnerabilities in CI/CD pipelines, particularly through the exposure of secrets. CI/CD pipelines are essential
by Paul Ducklin PONG FOR ONE!? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS
Jun 29, 2023Ravie Lakshmanan The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that’s been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023 attack on Technion, an Israeli research institute,
Apple recently hit a market cap of $3 trillion only two years after it crossed the $2 trillion mark. Before that, it had taken more than 40 years to make it to $1 trillion. The company recorded revenue of almost $400 billion last year. If Apple were a country, according to the CIA’s World Factbook,
Cybercriminals can use USB charging stations in airports, hotels, malls or other public spaces as conduits for malware Over the past 10-plus years, modern smartphones and other portable devices have become our constant companions. These days, smartphones let us do much more than make phone calls or send text messages. Mobile technology puts the world
DoorDash will give delivery workers the option to be paid a guaranteed hourly minimum rate instead of being paid per delivery, the company said Wednesday. The new option, a novelty in the gig worker industry, comes as DoorDash and other app-based gig companies like Lyft and Uber will have to provide New York City delivery
Canada’s leading integrated energy company Suncor Energy has announced earlier this week that it experienced a cybersecurity incident resulting in technical problems at its subsidiary, Petro-Canada. As a result, more than 1500 gas stations nationwide are unable to accept credit card payments and customers cannot use rewards points. Suncor Energy, ranked as the 48th-largest public company
by Naked Security writer The latest high-profile cybercrime exploits attributed to the Clop ransomware crew aren’t your traditional sort of ransomware attacks (if “traditional” is the right word for an extortion mechanism that goes back only to 1989). Conventional ransomware attacks are where your files get scrambled, your business gets totally derailed, and a message
Jun 28, 2023Ravie LakshmananFirmware Security / Tech Drones that don’t have any known security weaknesses could be the target of electromagnetic fault injection (EMFI) attacks, potentially enabling a threat actor to achieve arbitrary code execution and compromise their functionality and safety. The research comes from IOActive, which found that it is “feasible to compromise the
Hello, and welcome back to Equity, a podcast about the business of startups, where we unpack the numbers and nuance behind the headlines. All the cool kids are filling out the Equity listener survey. We want to hear from you! This is our Wednesday show, where we niche down to a single person, think about their work
Amazon subsidiary Zoox has begun testing its purpose-built, electric, autonomous robotaxis on public streets in Las Vegas, the company announced Tuesday. Zoox says this marks the first time that an autonomous vehicle built without pedals or a steering wheel has operated on public roads in Nevada. Zoox is starting small with a one-mile loop around
Threat actors using the notorious banking Trojan Anatsa have launched a new campaign targeting banks in the US, UK and the DACH region (Germany, Austria and Switzerland). According to a new blog post by ThreatFabric, this ongoing campaign started around March 2023 and has witnessed over 30,000 installations of the malware so far. The security experts highlighted
Jun 27, 2023Ravie LakshmananMalware / Cyber Threat A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. “The injection is executed without space allocation, setting permissions or even starting a thread,” Security Joes researchers Thiago Peixoto, Felipe Duarte, and Ido Naor
Today’s the day that Showtime officially integrates with Paramount+ in the U.S., giving subscribers access to all Showtime titles, including “Billions,” “Dexter,” “Yellowjackets,” “George & Tammy” and more. The new ad-free plan, Paramount+ with Showtime, costs $11.99 per month and is replacing Paramount+’s premium ad-free plan, which was $9.99. Existing premium subscribers — with or
Arkam Ventures is courting its second fund, aiming for $180 million, nearly doubling the size of its maiden fund, as the Indian venture capital firm gears up to double down on the expanding ‘middle India’ opportunity. The firm’s partners said in an interview that they are hopeful to retain support from high-profile international institutional investors
APIs are a lucrative attack vector for cybercriminals and malicious hackers. In fact, API security vendor Salt Security found 4,845 unique API attackers operated in December 2022 — a 400% increase from six months prior. To reduce the risk of an API-based security breach, the deployment, configuration and security of an API gateway must be
A trojanized Super Mario Bros game installer has been found to contain multiple malicious components, including an XMR miner, the SupremeBot mining client and the open-source Umbral Stealer. The discovery comes from security researchers at Cyble Research and Intelligence Labs (CRIL), who described the threat in an advisory published last Friday. According to the technical
by Naked Security writer Some hacks become so notorious that they acquire a definite article, even if the word THE ends up attached to a very general technical term. For example, you can probably trot out the names of dozens of well-known internet worms amongst the millions that exist in the zoos maintained by malware
Jun 26, 2023Ravie LakshmananCryptocurrency / Endpoint Security An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy. Elastic Security Labs, which is monitoring the intrusion set under the name REF9134, said the attack led to the installation of Swiftbelt, a
I hope you like gray. The 2024 Chevrolet Silverado EV Work Truck is, well, a work truck. Besides the impressive Ultima EV powertrain, there’s nothing spectacular about this truck. The seats have manual adjustments; the LCD control screens are small with huge bezels. Everything is gray, from the dashboard to the seats to the wheel
Of the many issues highlighted by the collapse of Silicon Valley Bank, one big one was the liability of having too much cash sitting in too few bank accounts. Today a London startup called TreasurySpring — which has built a platform for businesses to put some of their cash reserves to work, in investments —
New versions of Chinese espionage malware have been observed spreading rapidly through infected USB drives. The malicious software tools were discovered by Check Point Research (CPR) as part of an attack against a healthcare institution in Europe and described in an advisory published on Thursday. The Check Point Incident Response Team (CPIRT) investigated the malware
by Matt Fairbanks Ransomware – as readers here know only too well – is one of the biggest cybercrime challenges we collectively face today. That’s why Sophos has recently visited cities around the globe to dive deep into the real story behind ransomware. We captured more than 100 hours of interviews with cybercriminals, cybersecurity experts,
- 1
- 2
- 3
- …
- 6
- Next Page »