CyberSecure Specialist

12 May

Key findings from ESET’s new APT Activity Report – Week in security with Tony Anscombe

Information

What have some of the world’s most infamous advanced threat actors been up to and what might be the implications of their activities for your business? This week, ESET researchers released a new issue of the APT Activity Report that looks at the activities of selected advanced persistent threat (APT) groups from October 2022 to March 2023. Among other things, the report shows that some of the most notorious China-aligned threat actors had their sights…

Read More
12 May

Whodunnit? Cybercrook gets 6 years for ransoming his own employer

Information

by Naked Security writer This wasn’t your typical cyberextortion situation. More precisely, it followed what you might think of as a well-worn path, so in that sense it came across as “typical” (if you will pardon the use of the word typical in the context of a serious cybercrime), but it didn’t happen in the way you would probably have assumed at first. Starting in December 2020, the crime unfolded as follows: Attacker broke in…

Read More
12 May

Toyota: Data on More Than 2 Million Vehicles in Japan Were at Risk in Decade-Long Breach

Data Breaches, Information, News

A decade-long data breach in Toyota’s much-touted online service put some information on more than 2 million vehicles at risk, the Japanese automaker said Friday. Spanning from January 2012 to April 2023, the problem with Toyota’s cloud-based Connected service pertains only to vehicles in Japan, said spokesperson Hideaki Homma. The Connected service reminds owners to get maintenance checks and links to streaming entertainment and provides help during emergencies. It can call for help after a…

Read More
12 May

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

Information, News

A vulnerability discovered in the official website of luxury sports car maker Ferrari could have exposed potentially sensitive information, according to a cybersecurity firm. The issue was discovered in March by researchers at Char49, a company that provides penetration testing, auditing and training services. Ferrari addressed the weakness within a week. The researchers noticed that the ‘media.ferrari.com’ domain is powered by WordPress and it was running a very old version of W3 Total Cache, a…

Read More
11 May

Discarded, not destroyed: Old routers reveal corporate secrets

Information

When decommissioning their old hardware, many companies ‘throw the baby out with the bathwater’ Taking a defunct router out of an equipment rack and sliding in a shiny new replacement is probably an everyday occurrence in many business networking environments. However, the fate of the router being discarded should be as important, if not more so, as the smooth transition and implementation of the new kit in the rack. Unfortunately, this appears often not to…

Read More
11 May

PC running slow? 10 ways you can speed it up

Information

Before you rush to buy new hardware, try these simple tricks to get your machine up to speed again – and keep it that way. A slow-running computer can be a major headache, affecting your productivity and causing unnecessary stress. But before frustration kicks in and makes you run to buy a new machine, there are several simple and effective steps you can take to speed up your current PC. From freeing up space on…

Read More
11 May

Turning on stealth mode: 5 simple strategies for staying under the radar online

Information

Have your cake and eat it too – enjoy some of what the online world has to offer without always giving out your contact details We’ve all lost count of how many times we’ve entered our email address and phone number to sign up for an online service, access a website or an app, read the news or log into any of the social media accounts most of us have. Put bluntly, our contact information…

Read More
11 May

S3 Ep134: It’s a PRIVATE key – the hint is in the name!

Information

by Paul Ducklin “PRIVATE KEY”: THE HINT IS IN THE NAME No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Bluetooth trackers, bothersome bootkits, and how not…

Read More
11 May

Israeli threat group uses fake company acquisitions in CEO fraud schemes

Data Breaches, Malware, Social Engineering

A group of cybercriminals based in Israel has launched more than 350 business email compromise (BEC) campaigns over the past two years, targeting large multinational companies from around the world. The group stands out with some of the techniques it uses, including email display name spoofing and multiple fake personas in the email chains, and through the abnormally large sums of money the attempt to extract from organizations. “Like most other threat actors that focus…

Read More
11 May

This New Era of Security Requires Secure Networking, Vendor Consolidation, and Focus on OT

Information, News

Organizations are reinventing how they build and maintain their network infrastructures, primarily driven by developments like digital transformation, Work from Anywhere (WFA), and the adoption of cloud computing and Operational Technology (OT) devices. While these changes provide businesses of all sizes and industries with the flexibility and adaptability today’s digital marketplace requires, IT and security professionals are now responsible for protecting their enterprise’s people, data, and devices across a highly distributed—and constantly expanding—environment. At the…

Read More