Cyber Security

0 Comments
Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users Early in March 2019, a new macOS malware sample from the OceanLotus group was uploaded to VirusTotal, a popular online multi-scanner service. This backdoor executable bears the same features as the previous macOS variant we looked
0 Comments
How can smaller businesses address their cybersecurity risks without the resources of large organizations? There are a lot of challenges to being a small-business owner, including safely managing technology. Every risk can have an outsized effect on your ability to stay in business. And resources for protecting your business are often geared towards much larger
0 Comments
Aren’t we just making it too easy for online followers to become real-life trackers with the amount of open data we are posting online? Cyber-stalking has never been so widespread: it’s increasingly easy for stalkers to watch, analyze and even physically follow their victims. In extreme cases, we have seen murders as a result after
0 Comments
Bithumb believes that, unlike in the past, this theft was the work of rogue insiders Major South Korea-based cryptocurrency exchange Bithumb has announced that it was hit by a heist that impacted its own virtual coins. The exchange didn’t say how much was lost. However, ZDNet wrote that cryptocurrency insiders tracked down the outgoing transactions from
0 Comments
World Backup Day is a reminder that organizations and individuals need to make data backup and protection a priority The loss of data – whether a result of human error, technological failure, or a cyberattack – is one of the greatest threats to organizations and individuals today. In our increasingly digitized world, we rely on our
0 Comments
Cyberblackmail/sextortion again raises its not-so-pretty little head Vox Emptoris: “Voice of the Customer” For more than 30 years, I’ve had the privilege of assisting people get rid of viruses and other malicious software.  In the course of doing so, I’ve often been asked questions about computer security-related topics that are not product-specific.  Some are simple or
0 Comments
The electric automaker is working to release a fix for the underlying vulnerability in a matter of days A duo of white-hat hackers have earned themselves a brand new Tesla Model 3 after exposing a vulnerability in the car’s integrated browser. Richard Zhu and Amat Cam, aka team ‘Fluoroacetate’, managed to break into the electric
0 Comments
ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar This article will first describe how the OceanLotus group (also known as APT32 and APT-C-00) recently used one of the publicly available exploits for CVE-2017-11882, a memory corruption vulnerability present in Microsoft Office software, and how
0 Comments
More advice for detecting and avoiding sextortion scams Vox Emptoris: “Voice of the Customer” In my previous post, we examined a particular example of a sextortion scam, showing several indications that it was not a threat to be taken seriously.  But that kind of analysis – point-by-point deconstruction – is relatively hard work, and perhaps not
0 Comments
Facebook owned Instagram and WhatsApp also affected by unexplained interruption Facebook along with some of its most prominent family of apps were down on Wednesday leaving users around the globe unable to use their favorite services for a prolonged period of time. It was the longest outage in the history of Facebook, but at the
0 Comments
Asian game developers again targeted in supply-chain attacks distributing malware in legitimately signed software This is not the first time the gaming industry has been targeted by attackers who compromise game developers, insert backdoors into a game’s build environment, and then have their malware distributed as legitimate software. In April 2013, Kaspersky Lab reported that
0 Comments
Users should waste no time in updating to the browser’s latest version Google has revealed that the update for Google Chrome, rolled out late last week, addressed a security hole that attackers were already exploiting in the wild. “Google is aware of reports that an exploit for CVE-2019-5786 exists in the wild,” the company noted
0 Comments
Some tips that businesses can do to get better at it without breaking the bank Here at RSA Small and Medium Businesses (SMBs) are squarely faced with the daunting task of securing the explosion of IoT devices, now ever-present in the business environment. In the past, IoT in a business setting could largely be ignored,
0 Comments
The latest report from the Anti-Phishing Working Group offers a mixed bag of findings about the phishing landscape in 2018 The Anti-Phishing Working Group (APWG) has released its latest Phishing Activity Trends Report, which shows that the number of fraudulent websites designed to steal people’s sensitive data fell as 2018 went on. The drop –
0 Comments
The organization was the victim of a water-hole attack, likely attributable to the APT LuckyMouse group The International Civil Aviation Organization (ICAO) was a victim of a large-scale cyberattack back in 2016. Indeed, in November of that year, a cyber-intelligence analyst at Lockheed Martin contacted the international organization after finding that cybercriminals took control of