admin

0 Comments
Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browsers include UCWeb, Yandex Browser, Bolt Browser, and RITS Browser. The flaws were discovered by Pakistani security
0 Comments
Deep Instinct has appointed former managing director and partner at Goldman Sachs Heather Bellini as its new chief financial officer.  The deep learning cybersecurity company, which was founded in 2015 and is headquartered in New York, announced the appointment today.  While at Goldman Sachs, Bellini led the research diligence and investor education initial public offering (IPO) process
0 Comments
by Paul Ducklin Do you browse with Google Chrome or a related product such as Chromium? If so, please check that your auto-updater is working and that you have the latest version. A trip to the About Chrome or About Chromium dialog should give the version identifier 86.0.4240.111. That’s the version that was released yesterday
0 Comments
What are some of the key security risks to be aware of when using USB flash drives and how can you mitigate the threats? Most of you probably own at least one USB thumb drive, which you typically use either to transfer data or as a backup for sensitive documents. Alternatively, you may like to
0 Comments
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the
0 Comments
Cyber-criminals have exfiltrated data from an Ohio school district and published personal information of faculty, staff, and students online. According to 13abc news, nearly 9GB of sensitive data belonging to Toledo Public Schools (TPS) has been exposed. Information leaked by attackers includes names, addresses, dates of birth, phone numbers, and Social Security numbers.  The data’s appearance online follows
0 Comments
The flaws, neither of which is being actively exploited, were fixed merely days after the monthly Patch Tuesday rollout Microsoft has rushed out fixes for two security vulnerabilities affecting Microsoft Windows Codecs Library and Visual Studio Code. The security flaws are classified as Remote Code Execution (RCE) vulnerabilities and if successfully exploited could allow threat
0 Comments
A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users’ data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbed “GravityRAT” — now masquerades as legitimate Android and macOS apps to
0 Comments
A Mississippi school district has voted to pay $300,000 to recover files that were encrypted during a suspected ransomware attack. A federal investigation was launched after threat actors accessed Yazoo County School District’s information technology system without authorization.  Superintendent Dr. Ken Barron told WLBT news that the school became aware of the cyber-attack on Monday, October 12.
0 Comments
A major healthcare provider whose systems were knocked offline for three weeks by a ransomware attack has been asked by a US senator to answer questions about its cybersecurity practices.  Universal Health Services announced on Monday that all 400 of its health system sites were back online after being hit by a cyber-attack in the early hours of September
0 Comments
Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the complexity of managing multiple security
0 Comments
Iran has reported falling victim to two large-scale cyber-attacks, one of which was leveled at the country’s government institutions. The Iranian government’s Information Technology Organization on Thursday reported that two institutions had been compromised by attackers. No party has claimed responsibility for the attack, and Iranian government officials have not stated whether the attack was domestic or
0 Comments
by Paul Ducklin The US Department of Justice (DOJ), together with government representatives from six other countries, has recently re-ignited the perennial Battle to Break Encryption. Last weekend, the DOJ put out a press release co-signed by the governments of the UK, Australia, New Zealand, Canada, India and Japan, entitled International Statement: End-To-End Encryption and
0 Comments
A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye’s Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations’ networks, in
0 Comments
Students learning remotely in Massachusetts have had their lessons disrupted by distributed-denial-of-service, or DDoS, attacks. Sandwich Public Schools suffered a week of connection issues after what was first identified as a firewall failure occurred on October 8. A new firewall put in place to resolve the issue subsequently crashed, prompting the technology department to source a firewall
0 Comments
The videoconferencing platform is making the feature available to users of both free and paid tiers The Zoom videoconferencing platform has announced that starting next week it will begin rolling out long-awaited end-to-end encryption (E2EE) to users. The feature will be released as a technical preview, with the company proactively seeking the feedback of its
0 Comments
Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ
0 Comments
Twitter temporarily suspended the account of the president of the United States’ election campaign for “posting private information.” The account @TeamTrump was locked for attempting to tweet a video referencing a recent article by the New York Post along with text describing presidential candidate Joe Biden as “a liar who has been ripping off our country for years.” The New
0 Comments
Carnival Corporation has disclosed that passenger and employee data from three different cruise lines was accessed in a ransomware attack that took place in August. On August 15, the British-American cruise operator discovered that an unauthorized third party had compromised its computer system and downloaded data files. An update issued by the corporation yesterday states that personal data
0 Comments
Bad actors have accessed US elections support systems, although there’s no evidence to suggest that election data has been compromised, say FBI and CISA Threat actors have been chaining vulnerabilities in Windows and Virtual Private Network (VPN) services to target various government agencies, critical infrastructure and election organizations, according to a warning by the United