0 Comments
Jan 08, 2023Ravie LakshmananCyberespionage / Threat Analysis The Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by a decade-old malware to deliver its own reconnaissance and backdoor tools to targets in Ukraine. Google-owned Mandiant, which is tracking the operation under the uncategorized cluster moniker UNC4210, said the hijacked servers
0 Comments
Meta’s instant messaging subsidiary WhatsApp has officially introduced proxy support, reportedly to tackle internet disruption tactics used by repressive governments. The company made the announcement in a blog post on Thursday, saying the new feature is designed to put the power into people’s hands to maintain access to WhatsApp if their connection is blocked or
0 Comments
by Paul Ducklin There’s been a bit of a kerfuffle in the technology media over the past few days about whether the venerable public-key cryptosystem known as RSA might soon be crackable. RSA, as you probably know, is short for Rivest-Shamir-Adleman, the three cryptographers who devised what turned into an astonishingly useful and long-lived encryption
0 Comments
Jan 06, 2023Ravie LakshmananCryptocurrency / GitHub A South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to create GitHub accounts in a programmatic fashion as part of a freejacking campaign dubbed PURPLEURCHIN. The group “primarily targets cloud platforms offering limited-time trials of cloud resources in order to perform their
0 Comments
Threat actors have exploited Fortinet Virtual Private Network (VPN) devices to try and infect a Canadian-based college and a global investment firm with ransomware. The findings come from eSentire’s Threat Response Unit (TRU), which reportedly stopped the attacks and shared information about them with Infosecurity ahead of publication. eSentire said the threat actors tried to
0 Comments
It has a way of sneaking up on you. Credit theft and fraud.   Maybe it’s happened to you. Maybe it’s happened to a friend or family member. There’s a call from the bank, a notification in your financial app, or a charge on the statement that’s beyond explanation. Someone else has tapped into your funds.
0 Comments
Jan 05, 2023Ravie LakshmananCyber Attack / Malware A financially motivated threat actor tracked as Blind Eagle has resurfaced with a refined toolset and an elaborate infection chain as part of its attacks targeting organizations in Colombia and Ecuador. Check Point’s latest research offers new insights into the Spanish-speaking group’s tactics and techniques, including the use
0 Comments
It’s been a particularly busy and colourful week, scam-wise in our household. Between 4 family members, we’ve received almost 20 texts or emails that we’ve identified as scams. And the range was vast: from poorly written emails offering ‘must have’ shopping deals to terse text messages reprimanding us for overdue tolls plus the classic ‘Dear
0 Comments
Are your virtual doctor visits private and secure? Here’s what to know about, and how to prepare for, connecting with a doctor from the comfort of your home. Telehealth services were one of the tech success stories of the COVID-19 pandemic. Just as cloud-based services helped suddenly locked-down workers to stay productive, telemedicine consultations ensured
0 Comments
A previously unknown strain of Linux malware is targeting WordPress based websites, according to research by cybersecurity firm Dr.Web. Dubbed Linux.BackDoor.WordPressExploit.1, the Trojan targets 32-bit versions of Linux but can also run on 64-bit versions. Its main function is to hack websites based on a WordPress content management system (CMS) and inject a malicious JavaScript
0 Comments
With many children spending a little too much time playing video games, learn to spot the signs things may be spinning out of control Across Europe, half of the population aged 6-64 plays video games, according to industry body ISFE. The number rises significantly for 6-10-year-olds (68%), and those aged 11-14 (79%) and 15-24 (72%).
0 Comments
Jan 02, 2023Ravie LakshmananOnline Scam / Cybersecurity Chinese international students in the U.K. have been targeted by persistent Chinese-speaking scammers for over a year as part of an activity dubbed RedZei (aka RedThief). “The RedZei fraudsters have chosen their targets carefully, researched them and realized it was a rich victim group that is ripe for
0 Comments
The FCC is going after an alleged prolific robocall company, with a proposed record-breaking fine in the hundreds of millions of dollars. The regulator said an operation run by Roy Cox, Jr. and Michael Aaron Jones made billions of illegal robocalls via their Sumco Panama company and numerous other entities located in the US, Panama
0 Comments
Dec 29, 2022Ravie LakshmananServer Security / Citrix Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), which were addressed by the virtualization services provider on November 8
0 Comments
The global political unrest from this year will seep into 2023 with serious ramifications for the security industry, according to Infosecurity Europe’s community of cybersecurity leaders. However, with stricter regulations and developments in Artificial Intelligence (AI) and Machine Learning (ML), CISOs may be in a stronger position to minimise threats next year.  The organisers of