International Women’s Day serves as an important reminder that each and every one of us plays a role in recognizing and addressing gender bias. Together, we can make a difference in creating a more equitable world for all. At McAfee, we know that genuine change requires continuous commitment. And while we’re proud of the efforts
admin
What can social movements of the past teach you about the future – and about protecting your digital self? Being African American and working at a cybersecurity company doesn’t seem at first glance to provide fertile ground for pondering about the historical past. So, when asked in August 2021 if I could write something for
Looking to help people in Ukraine? Donate wisely – do your research first so you give without getting scammed Times of crisis may bring out the best in you, but they also have a way of bringing out the worst in scammers. They, too, follow the headlines and will go into overdrive in their attempts
As the conflict in Ukraine heightens the risk of cyberattacks globally, what can organizations do to improve their resiliency? Due to the current attack by Russian forces on Ukraine, do you expect there to be more cyberattacks? This is the most common question I am being asked post Russia unleashing its offensive in Ukraine. The
ESET researchers uncover a new wiper that attacks Ukrainian organizations and a worm component that spreads HermeticWiper in local networks As the recent hostilities started between Russia and Ukraine, ESET researchers discovered several malware families targeting Ukrainian organizations. On February 23rd, 2022, a destructive campaign using HermeticWiper targeted multiple Ukrainian organizations. This cyberattack preceded, by
Press play to hear Aryeh Goretsky, Jean-Ian Boutin and Robert Lipovsky discuss how recent malware attacks in Ukraine tie into years of cyberattacks against the country Long before the first Russian soldier set foot on Ukrainian soil, the country had been a target of sophisticated digital operations spying on its officials, and sabotaging its critical
Here are a few tips that will help you get your ‘go bag’ ready if you have to leave at a moment’s notice and need your communications and data to survive If you live in an area where emergencies aren’t rare (like I do; our area has one of the highest rates of fire evacuations
Organizations worldwide should remain on high alert for cyberattacks as the risk of major cyber-spillover from the crisis in Ukraine continues to loom large Contests between states in the so-called gray zone between war and peace have been increasing for some time in cyberspace. In Ukraine, cyberattacks have been recorded more frequently over the past
No sector or organization is immune to rapidly escalating cyberthreats, but when it comes to healthcare, the stakes couldn’t be higher Even prior to Russia’s invasion of Ukraine, there was considerable fear that military escalation would bleed (further) into cyberspace and be followed by a rash of impactful digital assaults with international implications. Organizations worldwide
A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia’s invasion of Ukraine. Google’s Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed
Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP’s UEFI firmware. The variety of devices affected includes HP’s laptops, desktops, point-of-sale (PoS) systems, and
Microsoft’s Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others. Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as
Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to “an unauthenticated attacker gaining root on these devices.” Pascom Cloud Phone System is an
APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications. The exploited vulnerabilities included “a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in
The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening. Just as it wasn’t raining when
Three high-impact security vulnerabilities have been disclosed in APC Smart-UPS devices that could be abused by remote adversaries as a physical weapon to access and control them in an unauthorized manner. Collectively dubbed TLStorm, the flaws “allow for complete remote takeover of Smart-UPS devices and the ability to carry out extreme cyber-physical attacks,” Ben Seri
Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome (CVE-2022-26143) – has been weaponized to launch significant DDoS attacks targeting broadband access ISPs, financial institutions, logistics companies,
The insidious Emotet botnet, which staged a return in November 2021 after a 10-month-long hiatus, is once again exhibiting signs of steady growth, amassing a swarm of over 100,000 infected hosts for perpetrating its malicious activities. “While Emotet has not yet attained the same scale it once had, the botnet is showing a strong resurgence
Yaroslav Vasinskyi, a Ukrainian national, linked to the Russia-based REvil ransomware group has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July. The 22-year-old had been previously arrested in Poland in October 2021, prompting the U.S. Justice Department (DoJ)
Renowned documentarist Louis Theroux described the growing societal dangers posed by social media use during the keynote interview at the Digital Transformation EXPO Europe 2021. The session came ahead of the release of Theroux’s new three-part documentary series, exploring how tech is increasingly coalescing with human psychology. In one prominent example of this, he noted that
by Paul Ducklin Back in June this year, we wrote about a ransomware-related bust in Ukraine, featuring a police video in which a high-security door was dismantled with a BFG (Big Fat Grinder), substantial piles of cash were counted out and packed into evidence bags, and numerous fancy cars were seized. Well, here’s another bust
A good time to check if someone is using your identity is before it even happens. One of identity theft’s several downsides is how people discover they’ve become a victim in the first place—by surprise. They go to rent an apartment, open a line of credit, or apply for financing, only to discover that their finances or reputation has taken a hit because of identity thief. And those
ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012 ESET researchers analyze a previously undocumented, real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which we’ve named ESPecter, can bypass Windows Driver Signature Enforcement to load its own unsigned driver, which
Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing
The offshore assets of 35 current and former world leaders have been exposed in an unprecedented leak of financial records dubbed the Pandora Papers. The cache of 11.9 million confidential files was leaked to the International Consortium of Investigative Journalists (ICIJ) in Washington, DC. Containing 2.94 terabytes of data, the Papers represent the largest trove of
by Paul Ducklin As you probably know (or, at least, as you know now!), October is Cybersecurity Awareness Month, which means it’s a great opportunity to do three things: Stop. Think. Connect. Those three words were chosen many years ago by the US public service as a short and simple motto for cybersecurity awareness. 5
Each year, Americans observe National Hispanic Heritage Month from September 15th to October 15th, by celebrating the contributions and importance of Hispanics and Latinos to the United States. The 2021 Hispanic Heritage Month theme invites us to celebrate Hispanic Heritage and to reflect on how great our tomorrow can be if we hold onto our
A newly discovered data exfiltration mechanism employs Ethernet cables as a “transmitting antenna” to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research. “It’s interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack,” Dr. Mordechai Guri, the head of R&D in
A Kittitian soccer player has made a charitable donation of the compensation he received after being racially abused on social media. Midfielder Romaine Sawyers, who is currently on loan at Stoke City Football Club from his parent club, West Bromwich Albion, was victimized by 50-year-old cyber-bully Simon Silwood of Kingswinford, West Midlands. Silwood was arrested
The United States Coast Guard has launched a new program that gives cyber professionals the chance to become Coast Guard Cyber Officers. With the launch of the Direct Commission Cyber Officer (DCCO) program, the maritime security branch of the United States military is hoping to attract top cyber talent to work in cyberspace operations, information assurance, cyber