CyberSecure Specialist

16 May

Re-Victimization from Police-Auctioned Cell Phones

Information, Insights

Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for items seized in U.S. law enforcement investigations says it now ensures that all phones sold through its platform will be data-wiped prior to auction. Researchers at the University…

Read More
16 May

CISA and Partners Release BianLian Ransomware Cybersecurity Advisory

Attacks, Insights, Malware

CISA, the Federal Bureau of Investigation (FBI), and the Australian Cyber Security Centre (ACSC) have released a joint Cybersecurity Advisory (CSA) with known BianLian ransomware and data extortion group technical details. Microsoft and Sophos contributed to the advisory. To reduce the likelihood and impact of BianLian and other ransomware incidents, CISA encourages organizations to implement mitigations recommended in this advisory. Mitigations align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and the National Institute of…

Read More
16 May

New APT targets South and Southeast Asia with custom-written backdoor

Data Breaches, Malware, Social Engineering

Lancefly, an APT group, is using a custom-written backdoor in attacks targeting government, aviation, education, and telecom organizations in South and Southeast Asia in an activity that has been ongoing for the past five years, according to Symantec. The group has been seen carrying out the activity with the motive of intelligence gathering. Lancefly has been deploying the Merdoor backdoor in highly targeted attacks since 2018 to establish persistence, execute commands, and perform keylogging on…

Read More
15 May

World Backup Day: Avoiding a data disaster is a forever topic 

Information

By failing to prepare you are preparing to fail. Make sure you’re able to bounce back if, or when, a data disaster strikes. “Backup refers to copying physical and virtual files, or databases, to a secondary location for preservation in case of equipment failure or catastrophe. Backing up data is pivotal to any successful disaster recovery plan.” Honestly, this definition should be justification enough for you to consider backing up your files. However, since it…

Read More
15 May

Avoiding data backup failures – Week in security with Tony Anscombe

Information

Today is World Backup Day, but maybe we also need a “did you test your backups” day? When did you last attempt to restore your data? Today is World Backup Day, but maybe we also need a “did you test your backups” day? Why is that? Because many people and organizations that do create backups don’t make sure that their data can be efficiently restored should a data loss incident strike. For example, it’s not…

Read More
15 May

Spring into action and tidy up your digital life like a pro

Information

Spring is in the air and as the leaves start growing again, why not breathe some new life into the devices you depend on so badly? It’s spring time in the northern hemisphere, and chances are good that you have a whole new spring in your step (excuse the pun!) thanks to the weather becoming warmer and the days getting longer and lighter. But this time of year invites us not just to venture outdoors;…

Read More
15 May

Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble in France

Information

by Paul Ducklin Here’s how the French data protection regulator describes controversial facial recognition service Clearview AI, in its own words, in clear and plain English: CLEARVIEW AI collects photographs from a wide range of websites, including social networks, and sells access to its database of images of people through a search engine in which an individual can be searched using a photograph. The company offers this service to law enforcement authorities. Facial recognition technology…

Read More
15 May

New ransomware gang RA Group quickly expanding operations

Data Breaches, Malware, Social Engineering

Researchers warn of a new ransomware threat dubbed RA Group that also engages in data theft and extortion and has been hitting organizations since late April. The group’s ransomware program is built from the leaked source code of a different threat called Babuk. “Like other ransomware actors, RA Group also operates a data leak site in which they threaten to publish the data exfiltrated from victims who fail to contact them within a specified time…

Read More
15 May

Law enforcement crackdowns and new techniques are forcing cybercriminals to pivot

Data Breaches, Malware, Social Engineering

It can seem like cybercriminals are running rampant across the world’s digital infrastructure, launching ransomware attacks, scams, and outright thefts with impunity. Over the last year, however, US and global authorities seized $112 million from cryptocurrency investment scams, disrupted the Hive ransomware group, broke up online illegal drug marketplaces, and sanctioned crypto money launderers, among other operations to crack down on internet-enabled crimes. These developments highlight how quickly investigative tools have evolved to track and…

Read More
15 May

New security tool lets you bypass SSL errors

Data Breaches, Malware, Social Engineering

Endpoint-based web and cloud security provider Dope Security has launched a new instant secure socket layer (SSL) error resolution feature on its secure web gateway (SWG) offering, Dope.swg. The new feature is added to simplify SSL inspection conducted by Dope’s SWG and helps admins bypass SSL errors generated as a result of the inspection. “Dope’s main differentiation is its ‘fly-direct’ architecture — rather than re-route all of your Internet traffic to a data center for…

Read More