0 Comments
Nearly half (48%) of US hospitals have disconnected their networks in the past six months due to ransomware, according to a new study from Philips and CyberMDX. The Perspectives in Healthcare Security Report is based on interviews with 130 IT and cybersecurity hospital executives and biomedical engineers and technicians. The findings revealed the outsized impact ransomware continues to have on
0 Comments
Texts purporting to be from parcel and delivery companies are the most prevalent form of ‘smishing’ scams, according to new data provided to UK Finance by cybersecurity firm Proofpoint. The data showed that over two-thirds (67.4%) of all UK texts reported as spam to the NCSC’s 7726 text messaging system, operated by Proofpoint, during the 30
0 Comments
The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers ESET researchers have discovered and analyzed a previously undocumented backdoor, implemented as an extension for Internet Information Services (IIS), Microsoft’s web server software. The backdoor, which we
0 Comments
American tech-driven beauty brand IL MAKIAGE has acquired Israeli deep-tech AI-based computational imaging startup Voyage81 for $40m.  IL MAKIAGE, which is based in New York City’s Soho area, was relaunched in 2018 by brother and sister duo Oran Holtzman and Shiran Holtzman-Erel. Two years later, the company became the fastest-growing online beauty brand in the United States. Voyage81
0 Comments
Microsoft has disclosed details of an evasive year-long social engineering campaign wherein the operators kept changing their obfuscation and encryption mechanisms every 37 days on average, including relying on Morse code, in an attempt to cover their tracks and surreptitiously harvest user credentials. The phishing attacks take the form of invoice-themed lures mimicking financial-related business
0 Comments
by Paul Ducklin [02’31”] Home and small business routers under attack. [16’22”] A hacking tool favoured by crooks gets hacked. [23’56”] The Navajo Nation’s selfless cryptographic contribution to America. [29’43”] A cybercrook gets aggrieved at being ripped off by cybercrooks. [38’33”] Oh! No! The steaming CEO with the flashing phone. With Doug Aamoth and Paul
0 Comments
Co-written by Catherine Huang, Ph.D. and Abhishek Karnik  Artificial Intelligence (AI) continues to evolve and has made huge progress over the last decade. AI shapes our daily lives. Deep learning is a subset of techniques in AI that extract patterns from data using neural networks. Deep learning has been applied to image segmentation, protein structure, machine translation, speech recognition and robotics. It has outperformed human champions in the game of Go. In recent years, deep
0 Comments
Ransomware operators such as Magniber and Vice Society are actively exploiting vulnerabilities in Windows Print Spooler to compromise victims and spread laterally across a victim’s network to deploy file-encrypting payloads on targeted systems. “Multiple, distinct threat actors view this vulnerability as attractive to use during their attacks and may indicate that this vulnerability will continue
0 Comments
A Virginia businessman who conned his victims out of more than a million dollars has been sentenced to prison. Glen Allen resident Gordon G. Miller III was the owner and operator of software engineering company G3 Systems and of purported venture capital company, G3i Ventures, LLC. From 2017, the 56-year-old began running multiple fraud schemes
0 Comments
The last in our series on IIS threats introduces a malicious IIS extension used to manipulate page rankings for third-party websites ESET researchers have discovered and analyzed a previously undocumented server-side trojan that manipulates search engine results by hijacking the reputation of the websites it compromises. We named the trojan IISerpent to highlight its two
0 Comments
This month’s Patch Tuesday brings us a relatively small number of CVEs being patched, but an abnormally high percentage of noteworthy critical vulnerabilities. Vulnerability Analysis: CVE-2021-34535 One such vulnerability is identified as CVE-2021-34535, which is a remote code execution flaw in the Remote Desktop client software, observed in mstscax.dll, which is used by Microsoft’s built-in
0 Comments
As fraud involving highly believable synthetic media soars, what can you do to avoid getting scammed? Deepfake renditions of loved ones saying they’ve been kidnapped paint a grim picture of what future deepfakes – specially constructed videos from real data – purport to bring next to technology. After machine learning ingests the droves of images
0 Comments
The owner of a martial arts academy in Florida is in custody after allegedly installing hidden cameras in the restroom to spy on students.  Police in Broward County arrested 64-year-old martial arts instructor Robert Danilo Franco on Friday. An investigation was launched after a 17-year-old female student spotted the devices and tipped off police. Investigators said the
0 Comments
Every organization has data moving to the multi-cloud; digital transformation is occurring rapidly, is here to stay, and is impacting every major industry.  Organizations are working hard to adopt Zero Trust architectures as their critical information, trade secrets, and business applications are no longer stored in a single datacenter or location. As a result, there
0 Comments
How peering into the innards of a future satellite can make cybersecurity in space more palatable Here at DEF CON 29, the Aerospace Village is alive and well, and aside from the repeated wailing of the neighboring car hacking village setting the car alarm off every 30 seconds, the hardware sitting here, called a Flat
0 Comments
by Paul Ducklin [00’26”] Timezone curiosities – when modular arithmetic gets weird [04’38”] Microsoft researcher found Apple 0-day in March, didn’t report it [13’18”] Retro computing – the TRS-80 arrived in August 1977 [19’17”] BazarCaller – the crooks who talk you into infecting yourself [33’02”] Oh! No! A billionaire… but only for 5 minutes With
0 Comments
In the last week there has been change, but a lot remains the same, too. First, we are now McAfee Enterprise, a pure-play enterprise cybersecurity company under the new ownership of Symphony Technology Group (STG). It’s an exciting change and true focus for our company, allowing us to concentrate on enterprise and commercial business needs.