Cyber Security

0 Comments
What are some of the most interesting takeaways from Verizon’s latest annual security report? Data breach, yawn. Those two little words that occur so frequently in the media and will have you switching off. Last week, Verizon released their 2019 Data Breach Investigations Report (DBIR) which provides valuable insight spanning across 86 countries and 41,686
0 Comments
ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments Due to security improvements in operating systems, rootkit usage has been in constant decline for several years. As such, malware developers – especially those working in espionage groups – have been busy developing new stealthy userland malware. Recently, ESET researchers
0 Comments
The notorious six-digit string continues to ‘reign supreme’ among the most-hacked passwords An analysis of the 100,000 most-commonly re-occurring breached passwords confirms that ‘123456’ is the undisputed king of atrocious passwords. Using data from Have I Been Pwned (HIBP), a website that allows users to check if their email addresses or passwords have appeared in
0 Comments
On the good news front, the FBI notes the success of its newly-established team in recovering some of the funds lost in BEC scams Losses emanating from Business Email Compromise (BEC) and Email Account Compromise (EAC) scams reached nearly US$1.3 billion in 2018, which was nearly double the amount (US$675 million) lost in the year
0 Comments
Some users of Microsoft’s web-based email services such as Outlook.com had their account information exposed in an incident that, as it later emerged, also impacted email contents Microsoft has acknowledged a security incident that, for almost three months, gave hackers access to information related to an unknown number of email accounts on the tech giant’s
0 Comments
The new wireless security protocol contains multiple design flaws that hackers could exploit for attacks on Wi-Fi passwords WPA3, a new Wi-Fi security protocol launched in June 2018, suffers from vulnerabilities that make it possible for an adversary to recover the password of a wireless network via “efficient and low cost” attacks, according to a
0 Comments
Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users Early in March 2019, a new macOS malware sample from the OceanLotus group was uploaded to VirusTotal, a popular online multi-scanner service. This backdoor executable bears the same features as the previous macOS variant we looked
0 Comments
How can smaller businesses address their cybersecurity risks without the resources of large organizations? There are a lot of challenges to being a small-business owner, including safely managing technology. Every risk can have an outsized effect on your ability to stay in business. And resources for protecting your business are often geared towards much larger
0 Comments
Aren’t we just making it too easy for online followers to become real-life trackers with the amount of open data we are posting online? Cyber-stalking has never been so widespread: it’s increasingly easy for stalkers to watch, analyze and even physically follow their victims. In extreme cases, we have seen murders as a result after
0 Comments
Bithumb believes that, unlike in the past, this theft was the work of rogue insiders Major South Korea-based cryptocurrency exchange Bithumb has announced that it was hit by a heist that impacted its own virtual coins. The exchange didn’t say how much was lost. However, ZDNet wrote that cryptocurrency insiders tracked down the outgoing transactions from
0 Comments
World Backup Day is a reminder that organizations and individuals need to make data backup and protection a priority The loss of data – whether a result of human error, technological failure, or a cyberattack – is one of the greatest threats to organizations and individuals today. In our increasingly digitized world, we rely on our
0 Comments
Cyberblackmail/sextortion again raises its not-so-pretty little head Vox Emptoris: “Voice of the Customer” For more than 30 years, I’ve had the privilege of assisting people get rid of viruses and other malicious software.  In the course of doing so, I’ve often been asked questions about computer security-related topics that are not product-specific.  Some are simple or
0 Comments
The electric automaker is working to release a fix for the underlying vulnerability in a matter of days A duo of white-hat hackers have earned themselves a brand new Tesla Model 3 after exposing a vulnerability in the car’s integrated browser. Richard Zhu and Amat Cam, aka team ‘Fluoroacetate’, managed to break into the electric
0 Comments
ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar This article will first describe how the OceanLotus group (also known as APT32 and APT-C-00) recently used one of the publicly available exploits for CVE-2017-11882, a memory corruption vulnerability present in Microsoft Office software, and how
0 Comments
More advice for detecting and avoiding sextortion scams Vox Emptoris: “Voice of the Customer” In my previous post, we examined a particular example of a sextortion scam, showing several indications that it was not a threat to be taken seriously.  But that kind of analysis – point-by-point deconstruction – is relatively hard work, and perhaps not