0 Comments
Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan (RAT) by purporting to contain a sex scandal video of U.S. President Donald Trump. The emails, which carry with the subject line “GOOD LOAN OFFER!!,” come attached with a Java archive (JAR) file called “TRUMP_SEX_SCANDAL_VIDEO.jar,” which, when downloaded, installs Qua or
0 Comments
Cybersecurity firm Ericom Software has announced the appointment of Dr Chase Cunningham as its first chief strategy officer. Joining from market research company Forrester, Cunningham will be responsible for shaping Ericom’s strategic vision, roadmap and key partnerships. Cunningham has over 19 years of experience in the cybersecurity sector, with particular expertise in the area of
0 Comments
The scam starts with a text warning victims of suspicious activity on their accounts A new SMS-based phishing campaign is doing the rounds that attempts to part PayPal users from their account credentials and sensitive information, BleepingComputer reports. The ploy consists of SMS text messages that impersonate the popular payment processor and inform potential victims
0 Comments
A British court has rejected the U.S. government’s request to extradite Wikileaks founder Julian Assange to the country on charges pertaining to illegally obtaining and sharing classified material related to national security. In a hearing at Westminster Magistrates’ Court today, Judge Vanessa Baraitser denied the extradition on the grounds that Assange is a suicide risk
0 Comments
The European Court of Human Rights has fallen victim to a cyber-attack after publishing a ruling regarding the fate of an incarcerated Turkish political leader.  According to Bloomberg, hackers struck at the Court’s website on Tuesday, knocking it offline for approximately 16 hours. The website has now been restored, and the order is one again accessible
0 Comments
The infamous advanced persistent threat group (APT) Lazarus is behind two recent cyber-attacks that targeted two separate entities related to COVID-19 research. In one attack, a Ministry of Health body was hit with malware. The other incident involved the use of a different kind of malware against a pharmaceutical company that is developing a vaccine
0 Comments
by Paul Ducklin How did the movie “Hackers” inspire a girl to grow up to become a hacker herself? Find out from security analyst and friendly hacker Keren Elazari. Hear about Keren’s incredible journey, why hackers should be welcomed with open arms, and the inspiration that guided her career. Keren Elazari Interviewer: Kimberly Truong. Special
0 Comments
Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices. The flaw, tracked as CVE-2020-29583 (CVSS score 7.8), affects version 4.60 present in wide-range of Zyxel devices, including Unified
0 Comments
A man from New York City has been charged with waging a grim cyber-stalking campaign against a female college student.  Desmond Babloo Singh allegedly created over 100 accounts on social media platforms and email services and used them to harass a former classmate of his sister for whom he claimed to have developed romantic feelings.  Nineteen-year-old Singh
0 Comments
Threat actors such as the notorious Lazarus group are continuing to tap into the ongoing COVID-19 vaccine research to steal sensitive information to speed up their countries’ vaccine-development efforts. Cybersecurity firm Kaspersky detailed two incidents at a pharmaceutical company and a government ministry in September and October leveraging different tools and techniques but exhibiting similarities
0 Comments
The UK’s National Cyber Security Centre (NCSC) has issued its first ever guidance for farmers, in a sign of the growing cyber-threat facing rural businesses. Published on Tuesday, Cybersecurity for Farmers is a comprehensive guide to best practices covering everything from spotting suspicious emails and phone calls to password management, device security and the importance
0 Comments
Citrix has issued an emergency advisory warning its customers of a security issue affecting its NetScaler application delivery controller (ADC) devices that attackers are abusing to launch amplified distributed denial-of-service (DDoS) attacks against several targets. “An attacker or bots can overwhelm the Citrix ADC [Datagram Transport Layer Security] network throughput, potentially leading to outbound bandwidth
0 Comments
America’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning over the widespread impact of a recent hacking attack that compromised the SolarWinds Orion software supply chain. The assault on SolarWinds hit the headlines earlier this month after it was discovered and disclosed by researchers at FireEye. The advanced persistent threat (APT) group behind the attack was
0 Comments
An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that’s used to interface with all other Orion system monitoring and management products suffers from
0 Comments
American cybersecurity company White Ops announced today that it has been acquired by Goldman Sachs‘ Merchant Banking Division in partnership with ClearSky Security and NightDragon.  Terms of the transaction, which follows Goldman Sachs’ and ClearSky’s initial investment in White Ops earlier this year, were not disclosed. The business was acquired from previous investors Paladin Capital Group, Grotech Ventures, and other shareholders. White Ops was