0 Comments
An American company dedicated to thwarting cyber-attacks has been snapped up by a global private equity firm.  Skyview Capital, LLC announced its acquisition of Fidelis Cybersecurity, Inc yesterday. Fidelis is located in the Maryland town of Bethesda, which a 2015 NerdWallet survey found to be the most educated place in America.  Fidelis Cybersecurity is a leading provider of
0 Comments
New research into the latest victims of Emotet has found increased instances of the malware affecting the United States of America’s government and military. The pernicious malware, which is spread via email, has been infecting organizations all over the world since 2014. By shining a spotlight on Emotet’s recent activities, researchers at Cisco Talos discovered that the US government
0 Comments
Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization’s IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used
0 Comments
Two Dagenham residents have been put behind bars after compromising more than 700 bank accounts and cell phone accounts to commit fraud in a six-year crime spree. Nigerian-born Oluwaseun Ajayi, aged 39, and 49-year-old Inga Irbe hacked into bank accounts then applied for loans, credit cards, and additional bank accounts in the names of their victims. 
0 Comments
After years of criticism from the infosec community about hoarding critical vulnerabilities, the National Security Agency may be changing course. The highlight of Microsoft’s first Patch Tuesday of 2020 is a vulnerability in the Windows cryptography core first reported to vendor by the NSA. The flaw in CryptoAPI DLL (CVE-2020-0601) affects Windows 10 and Windows
0 Comments
Multiple cable modem models from various manufacturers found vulnerable to takeover attacks Hundreds of millions of cable modems from various manufacturers may be susceptible to a critical vulnerability that can enable attackers to intercept people’s private messages or redirect their internet traffic, new research has found. Tracked as CVE-2019-19494 and nicknamed Cable Haunt, the vulnerability
0 Comments
The US government is planning to ground a fleet of nearly 1,000 drones it fears could be compromised by the People’s Republic of China (PRC). As reported by the Financial Times yesterday, the Interior Department is halting the use of over 800 drones that contain parts developed in the PRC.  The decision to ground the unmanned flying
0 Comments
A threat group has once again taken to the internet to publish data stolen from alleged victims who refuse to cooperate with its ransom demands.  In December 2019, the MAZE ransomware group published online a portion of the 120 GB of data they claimed to have stolen from Southwire, North America’s most prominent wire and cable manufacturer,
0 Comments
Patients of a hacked facial surgery company in Florida are being individually threatened by cyber-criminals, who are demanding money in return for not releasing stolen personal information to the public. The Center for Facial Restoration, Inc. (TCFFR), located in Miramar, became the victim of a cyber-attack in November last year.  In a statement published on the TCFFR
0 Comments
It’s now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix’s NetScaler ADC and
0 Comments
Students in the Pittsburg Unified School District of Pennsylvania were left without internet access on Monday as the result of a ransomware attack. With schools’ internet servers and email compromised, youngsters returning to classes after the winter break were forced to enrich their brains the old-fashioned way, through books and direct teaching.  “We will be
0 Comments
by Paul Ducklin Right at the end of 2019, we wrote about the “decade-ending Y2K bug that wasn’t” in a serious article with a humorous side. In that article, we described a perennial “gotcha” facing Java programmers faced with the simple task of printing out the year. If you tell Java to treat the date