26
Jul
Dear all! What are some common subject lines in phishing emails?
Scammers exploit current ongoing events, account notifications, corporate communication, and a sense of urgency.
Read More
26
Jul
Zenbleed: How the quest for CPU performance could put your passwords at risk
by Paul Ducklin Remember Heartbleed? That was the bug, back in 2014, that introduced the suffix -bleed for vulnerabilities that leak data in a haphazard way that neither the attacker nor the victim can reliably control. In other words, a crook can’t use a bleed-style bug for a precision attack, such as “Find the shadow password file in the /etc directory and upload it to me,” or “Search backwards in memory until the first run…
Read More
26
Jul
Russia Sends Cybersecurity CEO to Jail for 14 Years
The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions. Ilya Sachkov. Image: Group-IB.com.…
Read More
26
Jul
Ex-NSA Official Harry Coker Tapped for National Cyber Director Job
Former Navy commander and senior official in the NSA and CIA Harry Coker has been formally tapped to replace the retired Chris Inglis as the U.S. government’s National Cyber Director. Coker’s nomination, announced by the Biden administration on Wednesday, puts him in line to lead the implementation of the government’s newly formed national cybersecurity strategy and manage the tricky relationship between the federal government and big-tech vendors struggling to cope with nonstop malicious hacker attacks.…
Read More
26
Jul
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2022 (FY22). The analysis details a sample attack path including tactics and steps a cyber threat actor could follow to compromise an organization with weaknesses representative of those CISA observed in FY22 RVAs. The infographic highlights the most successful techniques for each tactic that RVAs documented. Both the…
Read More
25
Jul
Who and What is Behind the Malware Proxy Service SocksEscort?
Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. In a report released July 12, researchers at Lumen’s Black Lotus…
Read More
25
Jul
The slow Tick-ing time bomb: Tick APT group compromise of a DLP software developer in East Asia
ESET Research uncovered a campaign by APT group Tick against a data-loss prevention company in East Asia and found a previously unreported tool used by the group
Read More
25
Jul
Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets
ESET researchers analyzed Android and Windows clippers that can tamper with instant messages and use OCR to steal cryptocurrency funds
Read More
25
Jul
Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day
by Paul Ducklin Two weeks ago, we urged Apple users with recent hardware to grab the company’s second-ever Rapid Response patch. As we pointed out at the time, this was an emergency bug fix to block off a web-browsing security hole that had apparently been used in real-world spyware attacks: Component: WebKit Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively…
Read More
25
Jul
Webinar Tomorrow: Exposing Common Myths of OT Cybersecurity
While silos pose significant dangers to an enterprise’s cybersecurity posture, consolidation serves as a powerful solution to overcome these risks, offering improved visibility, efficiency, incident response capabilities, and risk management. (Matt Wilson)
Read More