In this episode, we cover Australias SBS allowing ad opt-outs on its streaming service, exploring SBSs multilingual history and its ad-funded model. We then dive into the use of emojis in passwords, discussing their pros and cons. The podcast also delves into Metas announcement of an ad-free subscription for Facebook show more ...
The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here’s a closer look at the Russia-based SWAT USA Drop Service, which currently show more ...
Gulf countries are heavily invested in GenAI, but security is still a concern.
Oil executive Amin H. Nasser calls for global cooperation and international standards to combat the dark side of artificial intelligence.
While Microsoft patched the issues in June, support for SketchUp appears to remain disabled in Microsoft 365.
The aerospace giant said it's alerting customers that its parts and distribution systems have been impacted by cyberattack.
When everybody is responsible for a task, sometimes nobody takes ownership. Here are three steps to distribute cybersecurity throughout your organization.
After 1Password, MGM, and Caesars, yet more cybersecurity woes mount for the identity and access management company.
More than 3,000 systems are exposed and vulnerable to attack on the Internet.
The government-backed APT's new malware framework represents a step up in Iran's cyber sophistication.
As cyber threats evolve, so does the shared responsibility mindset that calls for IT and security to work in tandem.
The obscure Kazuar backdoor used by Russian attack group Turla has resurfaced, and it's more dangerous than ever.
According to a report by security firm Sophos, 75% of ransomware attacks on healthcare organizations involve the malicious encryption of data. This reflects the increasing skill level of hackers in the healthcare sector.
“We are aware of a cyber incident impacting elements of our parts and distribution business,” Boeing told The Register. At the time of writing, the company’s parts and distribution website was “down due to technical issues.”
The investigation by the Electronic Frontier Foundation (EFF) found that innocent content related to education, therapy, and LGBTQ+ issues was consistently flagged as potentially harmful, leading to a "stunning invasion of privacy."
The activation of the kill switch disabled various system services, replaced the original malware, and maintained persistence, suggesting a deliberate dismantling of the botnet.
The library has stated that there is no evidence of compromised personal information, and they are actively working with cybersecurity experts and law enforcement to investigate the incident.
Dallas County in Texas has provided an update on a ransomware attack that was reported earlier this week. The county was able to stop the hackers before they could encrypt files or systems.
The attack was quickly detected and contained within one segment of the network. The compromised information may include names, addresses, birthdates, Social Security numbers, diagnosis codes, insurance information, and treatment service types.
Ransomware attacks are increasing at a record-breaking pace, with the frequency of attacks in Q3 2023 up 11% from the previous quarter and 95% from the previous year, according to Corvus Insurance.
While many organizations still run core business applications on the mainframe, the changing digital landscape and stricter data regulations highlight the need for stronger security practices.
Multiple cities and districts in western Germany have been paralyzed by a ransomware attack. The attack encrypted the servers of the local municipal service provider Südwestfalen IT, affecting over 70 municipalities.
The attack targeted a data firm called Westat, used by the Office of Personnel Management (OPM) for surveys. The hackers exploited a vulnerability in the MOVEit Transfer software developed by Ipswitch INC.
The RansomedVC group, which recently claimed responsibility for several high-profile attacks, is now up for sale. The owner, citing personal reasons and a desire to avoid monitoring by federal agencies, is offering a 20% discount to a trusted buyer.
The flaw, known as CVE-2023-46604, allows attackers to execute arbitrary shell commands by exploiting the serialized class types in the OpenWire protocol. The issue affects several versions of Apache ActiveMQ, but patches have been released.
The attackers use hijacked Facebook accounts and create multiple profiles featuring photos of young women to entice users to click on infected links. Clicking on the ads downloads a malicious file that steals browser cookies and passwords.
The new version addresses criticisms of previous versions by including metrics for safety, automation, recovery, value density, vulnerability response effort, and provider urgency.
The company failed to adequately protect electronic protected health information, violated HIPAA laws, and lacked sufficient monitoring and policies to prevent and address cyberattacks.
Querétaro Intercontinental Airport in Mexico has experienced a cyberattack, with an employee downloading a file containing malware, but the airport's operational security was not compromised and the attack has been contained and isolated.
MuddyWater's tactics have evolved over time, with the group now utilizing a new file-sharing service called Storyblok and a new command-and-control framework called MuddyC2Go.
Río Hondo College in Southern California experienced a cybersecurity incident that disrupted campus functions and financial aid disbursements, potentially indicating a ransomware attack.
Ransomware gang Alphv, also known as BlackCat, claims to have stolen data from Advarra, a firm that assists with medical trials. The criminals gained access to an executive's accounts by SIM swapping their cellphone number.
By developing a SketchUp fuzzing harness and using a dumb file format fuzzer, 20 unique vulnerabilities, including use-after-free and stack buffer overflow, were discovered in just one month.
This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees' SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this need, they often employ different approaches and technologies, leading to unnecessary confusion and complexity. Enter
The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign "exhibits updated TTPs to previously reported MuddyWater activity,"
As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege may erase/alter firmware, and/or elevate [operating system] privileges," Takahiro Haruyama, a
The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to provide the highest fidelity of vulnerability assessment for both industry and the public," FIRST said in a statement.
Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7 disclosed in a
The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened in China. While the mysterious control payload – aka kill switch – stripped Mozi bots of most
Workers wonder if their colleagues are actually AI, and we take a deeper look into the curious scams going on via Booking.com. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
