The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with “high confidence” to government operatives working for Russia’s Foreign Intelligence Service (SVR). “Russia’s pattern of malign behaviour around the world – whether in cyberspace, in election interference or in the aggressive operations of their intelligence services
Philip Choo
A man from California has been sent to prison for cyberstalking two people and threatening to murder them unless they performed sex acts on him. US Judge Dolly Gee described the actions of Covina resident Carl De Vera Bennington as “sadistic” and “cruel” before handing him a custodial sentence. One of the victims of 34-year-old Bennington was
Twitter has banned right-wing provocateur James O’Keefe, creator of political gotcha video producer Project Veritas, for violating its “platform manipulation and spam policy,” suggesting he was operating multiple accounts in an unsanctioned way. O’Keefe has already announced that he will sue the company for defamation. The ban, or “permanent suspension” as Twitter calls it, occurred
By Mark WhiteheadGuest Contributor Published: 15 Apr 2021 In recent years, boards of directors have become more interested in understanding their organizations’ level of risk and whether their CISO and security teams are doing everything they can to defend against potential threats. In fact, according to the recent Gartner 2021 Board of Directors Survey, cybersecurity
SoftBank Vision Fund 2 is in advanced stages of talks to invest up to half a billion dollars into food delivery startup Swiggy, two sources familiar with the matter told TechCrunch. The new investment values the Indian startup at about $5.5 billion, the sources said. The new investment would add to the $800 million fundraise Swiggy
An attacker can lock you out of the app using just your phone number and without requiring any action on your part If you use WhatsApp, you may want to be wary of an attack where cybercriminals could suspend your account using only your phone number. The underlying loophole abuses a lapse in security of
Let’s Make Security Easy I’ve been hearing a lot lately about tech and information overload, which is understandable given that the average U.S. household now has access to more than ten devices. (No wonder we are all spending more time online!) While technology allows us to be incredibly productive and connected, it can make our
by Paul Ducklin Remember HAFNIUM? Of course you do – it was the name behind a foursome of Exchange bugs that got patched in an emergency update early in March 2021. Even though there was just a week to go until March 2021’s Patch Tuesday, Microsoft decided to issue what have become known as the
Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even compromise encrypted communications. The flaws take aim at devices running Android versions up to and including Android 9 by carrying out what’s known as a “man-in-the-disk” attack
Cyber-attackers are believed to be targeting school districts in the New Jersey county of Somerset. Security incidents that occurred in the county over the past week caused day-long school closures at two educational establishments. Schools in Bernards were closed on April 7 and Hillsborough schools were shuttered on April 12 following suspected cyber-attacks. Computer systems and staff voicemail
Coinbase makes an impressive public debut, Dell spins out VMware and Ford announces a new hands-free driving system. This is your Daily Crunch for April 14, 2021. The big story: Coinbase goes public Cryptocurrency exchange Coinbase went public today via direct listing at an opening price of $381 per share, climbing to nearly $430 before
By What is the network layer? Located at Layer 3 of the Open Systems Interconnection (OSI) communications model, the primary function of the network layer is to move data into and through other networks. Network layer protocols accomplish this goal by packaging data with correct network address information, selecting the appropriate network routes and forwarding
Wire, the end-to-end encrypted messaging app and service, has raised a $21 million Series B funding round led by UVC Partners. As the company said a couple of years ago, the company is focusing on the enterprise market more than ever. While Wire started as a consumer app, it never managed to attract hundreds of
The McAfee Advanced Threat Research team today published the McAfee Labs Threats Report: April 2021. In this edition, we present new findings in our traditional threat statistical categories – as well as our usual malware, sectors, and vectors – imparted in a new, enhanced digital presentation that’s more easily consumed and interpreted. Historically, our reports
by Paul Ducklin Here’s another BWAIN, which is our shorthand for Bug With An Impressive Name. That’s the abbreviation we use for bugs that end up with names, logos and even dedicated websites that are catchy, cool, fancy, important or dramatic, and sometimes even all of these at the same time. Classic examples of the
Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system. Dubbed “NAME:WRECK” by Forescout and JSOF, the flaws are the latest in series of studies undertaken as part of an initiative called
A teenager from upstate New York has killed himself after experiencing cyber-bullying and online blackmail. The family of 15-year-old Riley K. Basford say he was tricked into sharing “personal” images over social media by a scammer posing as Basford’s girlfriend. After obtaining the sensitive images, the scammer threatened to share them online and send them
Coinbase, the American cryptocurrency trading giant, has set a reference price for its direct listing at $250 per share. According to the company’s most recent SEC filing, it has a fully diluted share count of 261.3 million, giving the company a valuation of $65.3 billion. Using a simple share count of 196,760,122 provided in its
Reports of another trove of scraped user data add to the recent woes of popular social media platforms It seems that threat actors are increasingly setting their sights on extracting vast amounts of data from social media platforms. The cascade of incidents started off with a data leak impacting more than half a billion Facebook
The crypto industry as a whole has seen a momentous year of growth, heavily spurred on by the entrance of institutional investors adopting bitcoin due to its store of value properties. The 2020 spike bitcoin experienced was also accelerated by its global adoption as the number of global cryptocurrency users surpassed 100 million in Q3
Recently, the McAfee Mobile Research Team uncovered several new variants of the Android malware family BRATA being distributed in Google Play, ironically posing as app security scanners. These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in question, they take full control of the device
by Paul Ducklin An iPhone and Android app called NHS COVID-19 is the official iPhone and Android coronavirus contact tracing software for the vast majority of the population of Great Britain. (England and Wales have standardised on NHS COVID-19, but Scotland has gone down a different path with an app of its own.) Today also
Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web. The leaked information includes names, email addresses, dates of birth, bank account information, and about 56 million know
Professional sports teams in the United Kingdom have stopped posting on social media in a bid to raise awareness of online abuse. Soccer clubs including Birmingham City, Swansea City, and Rangers are taking part in a week-long boycott of all their social media platforms. Swansea led the way, with the club’s official social media accounts falling silent
Northrop Grumman hit a new milestone in extending the life of active spacecraft as a purpose-built spacecraft, MEV-2, docking with Intelsat’s IS-10-02 satellite to give it another 5 years of life. It’s a strong demonstration of the possibilities in a growing field of orbital servicing operations. MEV-2 launched in August and matched the orbit of
Microsoft Exchange Server is a widely used email server application. Many utilities, as well as supporting tools and aids, have been developed for it. Considering how important email is to any organization, maintaining a secure Exchange server is an essential activity. Zero-day vulnerabilities on Exchange Server — not Exchange Online — that were exploited by
Africa’s fintech space has gained proper attention over the past few years in investments but it is not news that startups still battle with offering high-quality products. However, they seem to be doing quite well compared with traditional banks that face challenges like legacy cost structures and a major lack of operational efficiency. Appzone is
For organizations that deal with the defense infrastructure – cybersecurity is more than just a buzzword. Recently the US Department of Defense (DoD) created a new certification process – the Cybersecurity Maturity Model Certificate (CMMC) – to ensure that all its vendors and contractors follow established best cybersecurity practices. For organizations that work along the
Canada’s leading provider of laboratory diagnostic information and digital health connectivity systems today announced the launch of a new Vulnerability Disclosure Program (VDP). LifeLabs Medical Laboratory started the VDP program with the intention of strengthening cybercrime detection technology across its online tools, apps, and solutions. “Our goal is to continue to innovate and lead the health
Hello friends, and welcome back to Week in Review! Last week, I talked about Clubhouse’s slowing user growth. Well, this week news broke that they had been in talks with Twitter for a $4 billion acquisition, so it looks like they’re still pretty desirable. This week, I’m talking about a story I published a couple