0 Comments
by Paul Ducklin [00’27”] Cybersecurity tips for the holiday season and beyond. [02’20”] Fun fact: The longest-lived Windows version ever. [03’40”] Exchange at risk from public exploit. [10’34”] GoDaddy loses passwords for 1.2m users. [18’25”] Tech history: What do you mean, “It uses a mouse?” [20’25”] Don’t make your cookies public! [27’51”] Oh! No! DDoS
0 Comments
Service providers have suspended over 20 websites in Germany and the UK for disseminating online terrorist propaganda, Europol has revealed. In the last week of October, a referral action targeted 50 sites that police flagged for promoting violent jihadist ideology in support of terrorist groups such as the Islamic State (IS) and al-Qaeda. Police requested
0 Comments
Threat Summary On November 17, 2021, The US Cybersecurity & Infrastructure Security Agency (CISA) pushed an Alert entitled “Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities” which you need to pay attention to if you use Microsoft Exchange or Fortinet appliances. It highlights one Microsoft Exchange CVE
0 Comments
Threat actors have previously timed ransomware and other attacks to coincide with holidays and weekends In the run-up to Thanksgiving and the holiday season, the United States’ Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are urging organizations, especially those operating in critical infrastructure, to remain vigilant against ransomware and other
0 Comments
Overlooking a lush wetland in Hong Kong, the International Digital Economy Academy (IDEA) quietly opened last year. The research institute sits on the northern bank of the Shenzhen River, which separates Hong Kong from mainland China. But technically, it’s located inside a special area straddling the two cities: the Shenzhen-Hong Kong Innovation and Technology Cooperation
0 Comments
Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. The Cupertino-based tech giant painted NSO Group as “notorious hackers — amoral 21st century mercenaries who have
0 Comments
by Paul Ducklin At the start of this month, CVE-2021-42321 was technically an Exchange zero-day flaw. This bug could be exploited for unauthorised remote code execution (RCE) on Microsoft Exchange 2016 and 2019, and was patched in the November 2021 Patch Tuesday updates. Microsoft officially listed the bug with the words “Exploitation Detected”, meaning that
0 Comments
More than four-fifths (81%) of UK retailers are putting their customers at risk of email fraud by not implementing the recommended level of domain-based message authentication, reporting and conformance (DMARC) protection. This is according to a new study by Proofpoint, which warned of a likely surge in fraudulent emails targeting online shoppers ahead of this year’s Black
0 Comments
Cloud Security Gateways (CSGs) are one of the hottest and most sought-after technologies in the market today, driven by the adoption of cloud services for business transformation and the acceptance of hybrid workforce policies. CSGs, also commonly known as Cloud Access Security Brokers (CASBs), are responsible for enforcing security policies to protect cloud-hosted corporate assets from advanced
0 Comments
Receiving a breach notification doesn’t mean you’re doomed – here’s what you should consider doing in the hours and days after learning that your personal data has been exposed Data breaches occur when an unauthorized third-party accesses an organization’s private information. Often, they involve theft of customers’ and/or employees’ personal data. There are strict rules
0 Comments
Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that’s capable of stealing payment information from compromised websites. “The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms,” researchers from Sansec Threat Research said in an analysis.
0 Comments
The largest theft of Bitcoin from a single individual was allegedly perpetrated by a Canadian teenager. An unnamed youth was arrested last week on suspicion of stealing crypto-currency worth approximately $36.5m from an unnamed victim who is located in the United States.  It is alleged that the defendant used a SIM swapping attack to gain access to
0 Comments
With the acceleration of cloud migration initiatives—partly arising the need to support a remote workforce during the pandemic and beyond—enterprises are finding that this transformation has introduced new operational complexities and security vulnerabilities. Among these are potential misconfigurations, poorly secured interfaces, Shadow IT (access to unauthorized applications), and an increasing number of connected devices and
0 Comments
A threat actor with ties to North Korea has been linked to a prolific wave of credential theft campaigns targeting research, education, government, media and other organizations, with two of the attacks also attempting to distribute malware that could be used for intelligence gathering. Enterprise security firm Proofpoint attributed the infiltrations to a group it
0 Comments
The United States has charged two Iranian computer hackers in connection with a cyber-campaign intended to influence the outcome of America’s 2020 presidential election. An indictment unsealed in New York on Thursday alleges that 24-year-old Seyyed Mohammad Hosein Musa Kazemi and 27-year-old Sajjad Kashian conspired with others to intimidate and influence American voters, undermine voter confidence, and
0 Comments
A new business model for threat actors may level the playing field among cybercriminals and pose more trouble for enterprise security teams. While gathering vulnerability intelligence through dark web forums, Digital Shadows researchers observed discussions on the emergence of exploit as a service, which would “inevitably lower the barrier for accessing sophisticated exploits.” In this