admin

0 Comments
Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its “complex multi-step attack flow” and an improved mechanism to evade security analysis. Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their
0 Comments
An ex-Canadian government employee pleaded guilty in Florida court earlier this week to charges of involvement with the NetWalker ransomware group. Sebastien Vachon-Desjardins, 34, was accused of conspiracy to commit computer fraud and wire fraud, as well as intentional damage to a protected computer and transmitting a demand concerning damaging a protected computer. Vachon-Desjardins was extradited in March, following
0 Comments
Social media is part of our social fabric. So much so that nearly 50% of the global population are social media users to some degree or other. With all that sharing, conversing, and information passing between family and friends, social media can be a distinct digital extension of ourselves—making it important to know how you
0 Comments
A group of security researchers from Abuse.ch and ThreatFox launched a new hub for scanning and hunting files. Dubbed YARAify, the defensive tool is designed to scan suspicious files against a large repository of YARA rules. “YARA is an open source tool for pattern matching,” Abuse.ch founder Roman Hüssy said in an interview with The Daily Swig. “It allows anyone […]
0 Comments
War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security posture European business leadership, especially CISOs, CTOs, and chief data officers (CDOs), are adjusting to the fact that the war in Ukraine is a war in Europe and has global implications. Sanctions, military aid, and even incoming refugees are
0 Comments
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed “YTStealer” by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar. “What sets YTStealer aside
0 Comments
An analysis from cybersecurity firm Cyble has found over 900,000 Kubernetes (K8s) exposed across the internet and thus vulnerable to malicious scans and/or data-exposing cyberattacks. The researchers clarified that while not all exposed instances are vulnerable to attacks or the loss of sensitive data, these misconfiguration practices might make companies lucrative targets for threat actors (TA) in
0 Comments
by Paul Ducklin Sadly, over the years, we’ve needed to write numerous Naked Security warnings about romance scammers and sextortionists. Although those are general-sounding terms, they’ve come to refer to two specific sorts of online crime: Romance scamming. This typically refers to a long-game confidence trick in which cybercriminals court your online friendship under a
0 Comments
An unidentified hacker group has stolen more than $100m from Californian cryptocurrency firm Harmony. The company made the announcement last Thursday in a Twitter thread, saying they had identified a theft occurring on the Horizon bridge amounting to approximately $100m. “We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the
0 Comments
by Paul Ducklin Another day, another De-Fi (decentralised finance) attack. This time, online smart contract company Harmony, which pitches itself as an “open and fast blockchain”, has been robbed of more than $80,000,000’s worth of Ether cryptocoins. Surprisingly (or unsurprisingly, depending on your point of view), if visit Harmony’s website, you’ll probably end up totally
0 Comments
The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. “Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals,
0 Comments
We live online these days, sharing everything from vacation pictures to what we eat for breakfast on the internet. The internet is also useful for daily activities, like buying groceries or paying bills. While it’s convenient to connect with people and complete tasks online, cybercriminals are eager to use the internet to steal financial or
0 Comments
The internet makes it easy to get a lot done, but not all of it needs to be public. That’s where incognito mode comes in, letting you hide your search history from others who are using your internet-connected device. For example, imagine searching online for “ideas for a surprise birthday party.” You wouldn’t want the
0 Comments
The second day of InfoSecurity Europe 2022 saw Geoff White, investigative journalist and author of Penguin Books’ The Lazarus Heist, discuss how government-sponsored cyber-attackers increasingly interact with organized crime gangs, operating seamlessly on a global scale. White also touched upon the emerging world of cryptocurrency theft. In illuminating the increasing connection between cybersecurity and geopolitical
0 Comments
In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management Framework — a U.S. government guideline for taking care of data. The NIST Cybersecurity &
0 Comments
If you’re one of the countless Apple iPhone owners out there, there’s a good chance that one of the reasons you love your smartphone is because you’ve heard that Apple devices tend to have fewer vulnerabilities to viruses.   Because of their shared operating system, iOS devices enjoy Apple’s security measures, which keeps them protected from
0 Comments
The closing keynote discussion of the InfoSecurity Europe 2022 conference was titled ‘Next Generation, Next Challenges, New Opportunities’ and was moderated by Eleanor Dallaway, editorial director of Infosecurity Magazine. Dallaway was joined onstage by specialists Marc Avery, CISO & director, Cyber Chain Alliance, Jonathan Kidd, global CISO, Computershare and Chris Green, head of PR and