Social media is part of our social fabric. So much so that nearly 50% of the global population are social media users to some degree or other. With all that sharing, conversing, and information passing between family and friends, social media can be a distinct digital extension of ourselves—making it important to know how you
Month: June 2022
A group of security researchers from Abuse.ch and ThreatFox launched a new hub for scanning and hunting files. Dubbed YARAify, the defensive tool is designed to scan suspicious files against a large repository of YARA rules. “YARA is an open source tool for pattern matching,” Abuse.ch founder Roman Hüssy said in an interview with The Daily Swig. “It allows anyone […]
by Paul Ducklin This month’s scheduled Firefox release is out, with the new 102.0 version patching 19 CVE-numbered bugs. Despite the large number of CVEs, the patches don’t include any bugs already being exploited in the wild (known in the jargon as zero-days), and don’t include any bugs labelled Critical. Perhaps the most significant patch
War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security posture European business leadership, especially CISOs, CTOs, and chief data officers (CDOs), are adjusting to the fact that the war in Ukraine is a war in Europe and has global implications. Sanctions, military aid, and even incoming refugees are
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed “YTStealer” by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar. “What sets YTStealer aside
An analysis from cybersecurity firm Cyble has found over 900,000 Kubernetes (K8s) exposed across the internet and thus vulnerable to malicious scans and/or data-exposing cyberattacks. The researchers clarified that while not all exposed instances are vulnerable to attacks or the loss of sensitive data, these misconfiguration practices might make companies lucrative targets for threat actors (TA) in
by Paul Ducklin Sadly, over the years, we’ve needed to write numerous Naked Security warnings about romance scammers and sextortionists. Although those are general-sounding terms, they’ve come to refer to two specific sorts of online crime: Romance scamming. This typically refers to a long-game confidence trick in which cybercriminals court your online friendship under a
A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office (SOHO) routers as part of a sophisticated campaign targeting North American and European networks. The malware “grants the actor the ability to pivot into the local network and gain access to additional systems on the LAN by hijacking network communications to
The internet is a big place. While it’s changed the world for the better — making our daily lives that much easier! — it can also be a playground for cybercriminals who would love to get their hands on our personal information. When this happens, it can result in identity theft. While it can be
An unidentified hacker group has stolen more than $100m from Californian cryptocurrency firm Harmony. The company made the announcement last Thursday in a Twitter thread, saying they had identified a theft occurring on the Horizon bridge amounting to approximately $100m. “We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the
There has been a critical error on this website.