0 Comments
Ransomware was the most observed threat in 2020, according to a global corporate investigations and risk consulting firm based in New York City. Kroll‘s proprietary data on cyber incident response cases shows that ransomware attacks accounted for over one-third of all cases as of September 1, 2020.  While this particular form of malware has struck
0 Comments
It’s easy to reset your password or PIN after a data breach. But reset your face? Not so much. You can reset your PIN after a data breach, you can reset your password after a data breach, you can reset your security questions after a data breach – but can you reset your face? Sure,
0 Comments
The Pentagon is to significantly increase the size of the United States Space Force’s cybersecurity team. Plans to add over a thousand new personnel were revealed by the force’s chief technology and innovation officer, US Space Force Major General Kimberly Crider. Speaking at the CyberSatGov virtual event held yesterday, Crider said that 130 cybersecurity officers would be
0 Comments
Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk Labs today and shared with The Hacker News, the high privileges often associated with anti-malware products render
0 Comments
A Tennessee firm that provides health data management services has agreed to pay the United States Office for Civil Rights (OCR) $2.3m to settle charges related to a data breach.  Charges were brought against Tennessee-based Community Health Systems (CHSPSC LLC) by 28 states after the personal health information (PHI) of millions of people ended up in the hands
0 Comments
by Paul Ducklin “If you connect it, protect it” is a short and simple slogan that we’ve taken straight from this year’s Cybersecurity Awareness Month (CSAM). We wrote about CSAM last week, on the first of the month, to explain why we think CSAM is still worth supporting, for two main reasons. The first reason
0 Comments
Cyber-attacks have been levied against journalists in Angola after they reported that the Angolan president’s chief of staff had embezzled public funds. Independent online news provider Correio Angolense published an article online covering the claims against Edeltrudes Costa that were first made by the Portuguese TV channel Televisão Independente (TVI). The broadcaster launched an investigation after companies
0 Comments
Bad actors have launched a phishing campaign that aims to infect supporters of President Donald Trump with a dangerous banking Trojan.  The malicious campaign was detected by Area 1 Security on August 21. Victims are enticed to open messages that appear to be from legitimate political action committees (PACs) but are in fact fake. The messages refer to highly
0 Comments
by David Mitchell David Mitchell, Senior Director of Email Product Management at Sophos, shares his top tips to optimize workplace email security. How many work emails have you sent and received today? Despite the rise of workplace chat and instant messaging apps, for many of us email continues to dominate business communications both internally and
0 Comments
Credit-card skimming malware has been detected on the website of a mobile virtual network operator (MVNO).  According to new research published yesterday by Malwarebytes Labs, cyber-criminals have launched a successful attack against Boom! Mobile that is ongoing. Headquartered in Oklahoma, Boom! Mobile is a wireless provider that sells contract-free cell phone plans to its customers.  “Our crawlers recently
0 Comments
As we steadily adopt smart devices into our lives, we shouldn’t forget about keeping them secured and our data protected As we aim to make our lives simpler to manage, especially in this hurried day and age, we increasingly rely on our connected devices. With Internet of Things (IoT) and smart devices becoming cheaper and
0 Comments
An advanced persistent threat (APT) espionage campaign that uses a rare form of malware has been observed attacking diplomats and members of NGOs.  The campaign, which relies on a firmware bootkit, was identified by researchers at Kaspersky who were operating UEFI/BIOS scanning technology. The previously unknown malware was identified in the Unified Extensible Firmware Interface (UEFI). UEFI firmware
0 Comments
ESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East We have discovered a previously unreported version of Android spyware used by APT-C-23, a threat group also known as Two-tailed Scorpion and mainly targeting the Middle East. ESET products detect the malware as Android/SpyC23.A.