North Korean state-backed hackers and insecure decentralized finance (DeFi) protocols helped to make 2022 a record year for cryptocurrency heists, according to Chainalysis. The blockchain analysis company teased the figures ahead of an upcoming annual crypto crime report. A total of $3.8bn was stolen from cryptocurrency firms last year, 82% of which resulted from targeting
Month: February 2023
by Paul Ducklin It’s been a newsworthy few weeks for password managers – those handy utilities that help you come up with a different password for every website you use, and then to keep track of them all. At the end of 2022, it was the turn of LastPass to be all over the news,
Lose what you don’t use and other easy ways to limit your digital footprint and strengthen your online privacy and security In case you missed it, last week was Data Privacy Week, an awareness campaign to remind everybody that any of our online activities creates a trail of data and that, therefore, we need to
Over the past few years, cybersecurity has become a major concern for businesses around the globe. With the total cost of cybercrime in 2023 forecasted to reach $8 Trillion – with a T, not a B – it’s no wonder that cybersecurity is top of mind for leaders across all industries and regions. However, despite
Security researchers have discovered underground cybercrime sites selling cheating services, leaked courses and fake certificates to help unscrupulous individuals gain security qualifications and/or a leg up in their careers. Dov Lerner, head of threat research at Cybersixgill, said in a new report out today that his team found fake CompTIA CySA+ diplomas, among other security-related
by Paul Ducklin Another day, another access-token-based database breach. This time, the victim (and in some ways, of course, also the culprit) is Microsoft’s GitHub business. GitHub claims that it spotted the breach quickly, the day after it happened, but by then the damage had been done: On December 6, 2022, repositories from our atom,
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T3 2022 ESET APT Activity Report T3 2022 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from September until the end of December 2022. In the monitored timespan,
Feb 01, 2023Ravie LakshmananPayment Security / Risk The Brazilian threat actors behind an advanced and modular point-of-sale (PoS) malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions. Russian cybersecurity firm Kaspersky said it detected three versions of Prilex (06.03.8080, 06.03.8072, and 06.03.8070) that