Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
A non-profit educational foundation has teamed up with a cybersecurity company to develop a game that reveals what happens in a cyber-attack. The online simulation is the joint effort of Kaspersky and the DiploFoundation, and is based on the Kaspersky Interactive Protection Simulation (KIPS). The game was created with the intention of helping diplomats and professionals who lack
0 Comments
A new Guinness World Record in cybersecurity training has been set by a cloud-based identity and access management (IAM) provider, a security awareness training platform, and a PR firm.  The first-of-its-kind record was for the most views of a virtual cybersecurity lesson in 24 hours, and it was achieved on October 14 through the joint
0 Comments
by Paul Ducklin According to Reuters, the REVil ransomware operation was “hacked and forced offline this week by a multi-country operation”. Reuters writes that one of its sources claims the hack-back against this notorious ransomware crew was achieved thanks to the combined efforts of the FBI, the US Cyber Command, the Secret Service “and like-minded
0 Comments
A team of law enforcement officials from South Carolina has seized first place in a nationwide cybersecurity contest. More than 200 teams from across the United States participated in the National Computer Forensics Institute’s (NCFI’s) Training and Cyber Games competition, which took place earlier this month. During the event, teams of NCFI-trained local law enforcement officials
0 Comments
by Paul Ducklin [00’30”] Hook up with our forthcoming Live Malware Demo presentation. [02’02”] How to build your cybersecurity career. [07’24”] Why we think you should celebrate Global Encryption Day. [10’55”] A whole new twist on bogus online “friendships”. [21’01”] How to stop your network cables giving you away. [34’50”] Oh! No! Why superglue is
0 Comments
The United States’ Department of Justice (DOJ) is seeking to recover a financial penalty of nearly $10m that was imposed on a man from Montana for operating malicious robocalling campaigns.  The Federal Communication Commission (FCC) fined Libby resident Scott Rhodes $9,918,000 in January 2021 after discovering that he had illegally used caller ID spoofing with
0 Comments
The Space Information Sharing and Analysis Center (Space ISAC) and the New York Metro InfraGard Members Alliance (NYM-IMA) have agreed to work together to advance the mission of cybersecurity in space.  A Memorandum of Understanding (MOU) enabling collaboration between the two organizations was signed earlier this month. In a statement released to announce the news, the organizations
0 Comments
A 40-year-old man from California has admitted his role in a conspiracy to break into the private digital photo libraries of Apple customers to locate and steal sexually explicit images. Hao Kuo Chi, a resident of the city of La Puenta in Los Angeles County, pleaded guilty to charges of computer fraud and conspiracy on Friday, October
0 Comments
South Korea is seeking assistance from the International Criminal Police Organization (Interpol) to arrest two foreign nationals suspected of being cyber-criminal gang leaders. The two individuals allegedly played a key role in multiple cyber-attacks and a major extortion scam that claimed victims in both South Korea and the United States.  On Friday, South Korea said that it
0 Comments
The personal data of thousands of individuals have been stolen from a non-profit professional membership organization located in Illinois. Cyber-thieves struck the American Osteopathic Association (AOA) in the summer of 2020, making off with information that included names, Social Security numbers, and financial account details. The AOA, which is headquartered in Chicago, represents around 151,000
0 Comments
Apple’s plans to implement new phone-scanning features have been heavily criticized by more than a dozen cybersecurity experts. The tech company announced in August its intention to start scanning iPhone users’ iCloud Photos libraries. Apple presented the move under the pretext that it would locate users’ caches of illicit content, including child sexual abuse material (CSAM). In
0 Comments
Organizations around the world take on average more than two business days to respond to a cyber-attack, according to new research by American cybersecurity company Deep Instinct.  The finding was published in the company’s second bi-annual Voice of SecOps Report, which was based on a survey of 1,500 senior cybersecurity professionals in 11 countries who work for
0 Comments
Social media company Facebook has announced plans to selectively protect some of its better-known users from being harassed on its platform. Updates to the company’s bullying and harassment policies were announced yesterday by Facebook’s global head of safety, Antigone Davis. The announcement coincided with National Bullying Prevention and Awareness Day in the United States.  Davis said Facebook is introducing
0 Comments
A cybersecurity official in the Ghanaian police force has cautioned women and girls against using digital devices to take and share intimate pictures.  The assistant commissioner of police, Dr. Gustav Herbert Yankson, who is the director of the Cybercrime Unit at the CID Headquarters of the Ghana Police Service, gave the warning while speaking at
0 Comments
by Paul Ducklin It’s been a wild few weeks for Apple, or perhaps an “in-the-wild” few weeks, with several zero-day bugs necessitating emergency updates. We were going to say “unexpected updates”, but all (or almost all) Apple security patches are, of course, unexpected by design. Apple deliberately announces security fixes only after they’ve been published,
0 Comments
Google is bringing together a bevy of in-house experts to form a new cybersecurity advisory team. In a statement released earlier today, Google announced the creation of its new Google Cybersecurity Action Team, which it says will have “the singular mission of supporting the security and digital transformation of governments, critical infrastructure, enterprises, and small businesses.” In pursuit of
0 Comments
by Paul Ducklin It’s the second week of Cybersecurity Awareness Month 2021, and this week’s theme is an alliterative reminder: Fight the Phish! Unfortunately, anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it’s what computer scientists or mathematical analysts call
0 Comments
Data belonging to patients of a hospital in New Mexico has been deleted by an unknown cyber-attacker.  The IT network of San Juan Regional Medical Center in Farmington was breached by an unauthorized individual in September last year. The attack was reported to the United States Department of Health and Human Services’ Office for Civil Rights on June 4
0 Comments
An authentication error left the personal data of hundreds of thousands of BrewDog customers and Equity for Punks shareholders exposed for a year and a half.  The gaffe involving an API bearer token was discovered by researchers at security consulting and testing company Pen Test Partners.  “Every mobile app user was given the same hard-coded API Bearer Token,
0 Comments
A student at East Carolina University has been charged with cyber-stalking after allegedly posing as a member of a rival fraternity to upload a racist post to social media. A police investigation was launched after an offensive message, purporting to be from the university’s Theta Chi chapter, was uploaded anonymously to Yik Yak in August. 
0 Comments
Patching vulnerabilities is too labor intensive and convoluted a process for most IT security professionals, according to new research by Ivanti.  The Utah-based software company surveyed over 500 enterprise IT and security professionals across North America, Europe, the Middle East, and Africa about their patch management challenges.  Nearly three-quarters of respondents (71%) found patching to be “overly complex,