Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
The University of Texas at San Antonio (UTSA) is to create and lead a new federal digital research institute that will devise ways to shield America’s manufacturers from cyber-threats.  In addition to assisting US industry in blocking cyber-attacks, the Cybersecurity Manufacturing Innovation Institute (CyManII) will explore how to help manufacturers achieve energy efficiency.  Other areas
0 Comments
The 40-year-old one-time CEO of a Utah tech company is serving a custodial sentence after downloading over 13,000 images of child sexual abuse, bestiality, and rape.  Douglas Eugene Saltsman was sentenced yesterday to 210 days in prison and 48 months of probation by Utah 3rd District Judge Douglas Hogan after being convicted on three felony charges of
0 Comments
Microsoft has warned of a new type of data stealing Java-based ransomware, dubbed PonyFinal. PonyFinal is what Microsoft describes as “human-operated ransomware” — to distinguish it from commoditized variants that are distributed in an automated way by hackers. The tech giant’s Security Intelligence group revealed in a series of tweets this week that the first
0 Comments
by Paul Ducklin If you’re a Naked Security Podcast listener, you’ll have heard Sophos’s own Peter Mackenzie telling some fairly wild ransomware stories. Peter works in the Managed Threat Response (MTR) part of our business – in his own words, if your network’s on fire, he’s one of the people who will rush in to
0 Comments
Ransomware operators had another standout year in 2019, with attacks and ransom demands soaring according to new data from Group-IB. The Singapore-based security vendor claimed that, after a relatively quiet 2018, ransomware was back with a vengeance last year, as attack volumes climbed by 40%. As large enterprises became an increasing focus for attacks, ransom
0 Comments
Donald Trump has decided to pick a fight with Twitter after one of his posts on the upcoming election was labelled misleading by the social media platform. The original tweet claimed that Mail-In (postal) ballots during the November Presidential election would be “substantially fraudulent.” The issue has become a partisan one of late, as Democrats
0 Comments
by Paul Ducklin Apple’s latest iOS versions have only been out for a week. The updates are new enough that Apple’s own Security updates page still lists [2020-05-26T14:00Z] the security holes that were fixed in iOS 13.5 and iOS 12.4.7 as “details available soon”. But there’s a jailbreak available already for iOS 13.5, released by
0 Comments
The personal details of over 29 million Indian jobseekers have been posted to a dark web site, free for anyone to access. Cybersecurity firm Cyble, which discovered the trove on an unnamed hacking forum, has in turn added the compromised information to its breach notification site AmIBreached. It claimed to have found the posting during
0 Comments
Microsoft is warning of a major new COVID-19 phishing campaign using malicious Excel macros to achieve remote access of victims’ machines via a legitimate support tool. Microsoft Security Intelligence revealed the news in a series of tweets, claiming the campaign began on May 12. “The emails purport to come from Johns Hopkins Center bearing ‘WHO
0 Comments
A threat group that claims to have stolen nearly a terabyte of data from a prominent entertainment law firm has said it will put sensitive information relating to Madonna up for auction. REvil allegedly made off with 756GB of data from New York lawyers Grubman Shire Meiselas & Sack in a ransomware attack earlier this month. The
0 Comments
Cyber-attacks against API endpoints have increased since lockdown measures were introduced to slow the spread of COVID-19. Threat research published today by California cybersecurity software company Cequence noted a huge spike in malicious traffic since April, with API endpoints being targeted far more than usual.  Describing the number of threats leveled at just one of their customers, Cequence researchers saw
0 Comments
by Lisa Vaas When work-from-home became a sudden, urgent need in March, many organizations slapped together cloud-collaboration services such as Microsoft Office 365 for their newly locked-down staff. Unfortunately and understandably, pressure was high. People were scrambling. Thus did a number of those services get put together with a wing, a prayer, and misconfigurations that
0 Comments
Norway’s state-owned investment fund Norfund has halted all payments after losing $10m in an “advanced data breach.” Norfund is a private equity company established by the Norwegian Storting in 1997 and owned by the Norwegian Ministry of Foreign Affairs. The fund receives its investment capital from the state budget and is the largest sovereign wealth fund in the