Amazon has launched Prime Video Channels in India, allowing its customers to subscribe to eight streaming services including Discovery+ and Mubi from one hub, the latest in a series of efforts by the U.S. giant to win customers in the South Asian nation. The new offering makes it easier for users to login and pay
Cyber Security
This is where news and updates on Cyber Security are published on a daily basis.
An unpatched design flaw in the implementation of Microsoft Exchange’s Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. “This is a severe security issue, since if an attacker can control such domains or has the ability to ‘sniff’ traffic in the same network, they can
by Paul Ducklin Thanks to James Cope and Rajeev Kapur of Sophos IT for their help with this article. Researchers at a cybersecurity startup called Guardicore just published a report about an experiment they conducted over the past four months… …in which they claim to have collected hundreds of thousands of Exchange and Windows passwords
Today, Clubhouse is rolling out Wave, a feature that makes it easier to start private rooms with friends when you see that they’re online. Available globally on iOS and Android, Wave will replace starting a private room with friends. You can wave at multiple people at once, so long as they follow you, and anyone
A court in Illinois has issued an opinion clarifying how the statute of limitations should be applied to the state’s Biometric Information Privacy Act (BIPA). In what The National Law Review described as “a highly anticipated ruling,” the Illinois Appellate Court published an opinion that while a one-year deadline would be applied to claims based on unlawful profit or
Ransomware attacks threaten organizations of all types and sizes, and IT teams must be willing to take whatever steps necessary to minimize the risks. In early August, global consulting firm Accenture suffered a LockBit ransomware attack that threatened confidential data. This made the firm one more victim in a long line of organizations that have
Executive Summary Today, enterprises tend to use multiple layers of security defenses, ranging from perimeter defense on network entry points to host based security solutions deployed at the end user’s machines to counter the ever-increasing threats. This includes inline traffic filtering and management security solutions deployed at access and distribution layers in the network, as
LG Electronics, the Korean tech giant that once was a leading player in mobile phones but is now winding down that business, is making an acquisition that points to its ambitions in another, emerging area: next-generation automotive hardware and services. Today the company announced that it will be snapping up Cybellum, an Israeli automotive cybersecurity
Misconfigurations of cloud resources can lead to various security incidents and ultimately cost your organization dearly. Here’s what you can do to prevent cloud configuration conundrums. Forget shadowy attackers deploying bespoke zero-day exploits from afar. A risk that is far more real for organizations as they embark on ambitious digital transformation projects is human error.
Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that’s involved in selling phishing kits and email templates as well as providing hosting and automated services at a low cost, thus enabling cyber actors to purchase phishing campaigns and deploy them with minimal efforts. “With over 100 available phishing templates that mimic known
by Paul Ducklin VMware’s latest security update includes patches for 19 different CVE-numbered vulnerabilities affecting the company’s vCenter Server and Cloud Foundation products. All of the bugs can be considered serious – they wouldn’t be enumerated in an official security advisory if they weren’t – but VMware has identified one of them, dubbed CVE-2021-22005, as
Julio Vasconcellos Contributor Julio Vasconcellos is the managing partner of Atlantico, a venture capital fund focused on Latin America. He was previously the founder of Canary and Peixe Urbano, and was Facebook’s first employee in Brazil. More posts by this contributor Latin America’s digital transformation is making up for lost time Over the past year,
International information security accreditation and certification body CREST has appointed Rowland Johnson as its new President. Johnson will take over from Ian Glover, who retired as President of CREST on September 1 after nearly 13 years in the post. This will be for an initial term of one year. Johnson was previously a member of the CREST
BlackMatter is a new ransomware threat discovered at the end of July 2021. This malware started with a strong group of attacks and some advertising from its developers that claims they take the best parts of other malware, such as GandCrab, LockBit and DarkSide, despite also saying they are a new group of developers. We
The group used phishing, BEC and other types of attacks to swindle victims out of millions Law enforcement agencies from Europe have cracked down on an organized group that is associated with the Italian Mob and has been involved in all manner of cybercrime, including phishing campaigns, SIM swapping and Business Email Compromise (BEC). The criminal
Kavak, a Mexico City-based startup that operates a pre-owned car marketplace in Latin America, announced today that it has raised a massive $700 million in a Series E round that more than doubles the company’s valuation to $8.7 billion. This news is notable for a few reasons. For one, it’s a staggering sum for any
Cybersecurity researchers on Tuesday disclosed details of an unpatched vulnerability in macOS Finder that could be abused by remote adversaries to trick users into running arbitrary commands on the machines. “A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands, these files can be embedded inside emails which if the
by Paul Ducklin Apple’s iOS 15 is now out – the very latest software version for iPhones, just in time for the official launch of the new iPhone 13 later in the week. (Yes, you can buy an iPhone 13 today, but only by placing what modern sales and marketing jargon refers to as a
After years of working in marketing for a number of financial services companies, Solape Akinpelu came to a conclusion: There was an “alarmingly low adoption” by women for financial services in her home country of Nigeria and all of Africa as a whole. “I could see women living the reality around me,” Akinpelu recalls. “These
The United Kingdom’s Ministry of Defense has apologized for sending an email that exposed the data of more than 250 Afghan interpreters who worked for British forces. The impacted interpreters are seeking to be relocated to the UK either from Afghanistan, where many are currently in hiding from the Taliban, which seized power in August, or from another country to
Companies know the danger ransomware poses and that a successful attack is inevitable. If ransomware isn’t detected in time, business-critical data could be encrypted, exfiltrated and posted publicly on file-sharing sites. Once a company has received a ransom demand, it’s too late to protect its systems. The attack is done, and the company is a
Microsoft is warning its users of a zero-day vulnerability in Windows 10 and versions of Windows Server that is being leveraged by remote, unauthenticated attackers to execute code on the target system using specifically crafted office documents. Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a
Joseph Wengier Contributor Joseph Wengier competed in five Paralympics and won nine gold medals. He promotes the advancement of a more inclusive internet as an ambassador for accessibility technology company UserWay. After winning my first gold medal in the 1972 Paralympics, I went out with the swim team for a celebratory dinner. I’ll never forget
Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was involved in online fraud, money laundering, drug trafficking, and property crime, netting the gang about €10 million ($11.7 million) in illegal proceeds in just a year. “The suspects defrauded hundreds of victims through phishing attacks
by Paul Ducklin We’ve been warning about fake courier scams on Naked Security for many years, even before the coronavirus pandemic increased our collective reliance on home deliveries. These scams can take many different forms, including: A fake gift sent by an online “friend” is delayed by customs charges. This is a common ruse used
Fivetran, the data connectivity startup, had a big day today. For starters it announced a $565 million investment on $5.6 billion valuation, but it didn’t stop there. It also announced its second acquisition this year, snagging HVR, a data integration competitor that had raised over $50M, for $700 million in cash and stock. The company
A British cybersecurity researcher stumbled across his own personal data online after discovering an unsecured database containing the personal information of millions of visitors to Thailand. Bob Diachenko, leader of cybersecurity research at Comparitech, found the unprotected Elasticsearch database on August 22, 2021. Inside the 200GB digital index were records dating back ten years containing
What is COBIT (Control Objectives for Information and Related Technologies)? COBIT is an IT governance framework for businesses wanting to implement, monitor and improve IT management best practices. COBIT is the acronym for Control Objectives for Information and Related Technologies. The COBIT framework was created by ISACA to bridge the crucial gap between technical issues,
Summary McAfee Enterprise’s Advanced Threat Research (ATR) team provided deep insight into a long-term campaign Operation Harvest. In the blog, they detail the MITRE Tactics and Techniques the actors used in the attack. In this blog, our Pre-Sales network defenders describe how you can defend against a campaign like Operation Harvest with McAfee Enterprise’s MVISION
Meet Xata, a startup with a new take on managed databases. The company runs your database for you and turns it into an API so that you can query and update it from your serverless app. Xata has raised a $5 million funding round. Its product is not yet ready for prime time but the
- 1
- 2
- 3
- …
- 227
- Next Page »