CyberSecure Specialist

05 Jan

NATO tests AI’s ability to protect critical infrastructure against cyberattacks

Data Breaches, Malware, Social Engineering

Autonomous intelligence, artificial intelligence (AI) that can act without human intervention, can help identify critical infrastructure cyberattack patterns and network activity, and detect malware to enable enhanced decision-making about defensive responses. That’s according to the preliminary findings of an international experiment of AI’s ability to secure and defend systems, power grids and other critical assets by cyber experts at the North Atlantic Treaty Organization’s (NATO) Cyber Coalition 2022 event late last year. The simulated experiment…

Read More
05 Jan

The BISO: bringing security to business and business to security

Data Breaches, Malware, Social Engineering

Throughout her career in IT security, Irina Singh has thrived on difficult projects. With a bachelor of science degree in management of information systems and a minor in international business, she now manages a team of business information security liaisons serving four foundational business units at medical device company Medtronic. “One of my slogans is that we bring business to security and security to the business,” she says. Singh calls herself a business information security partner, but…

Read More
04 Jan

Gaming: How much is too much for our children?

Information

With many children spending a little too much time playing video games, learn to spot the signs things may be spinning out of control Across Europe, half of the population aged 6-64 plays video games, according to industry body ISFE. The number rises significantly for 6-10-year-olds (68%), and those aged 11-14 (79%) and 15-24 (72%). According to some research, teenagers may spend as many as three hours per day gaming. That’s not necessarily a problem,…

Read More
04 Jan

Serious Security: Vital cybersecurity lessons from the holiday season

Information, Malware

by Paul Ducklin Even though it’s already Day 4 of Year 2023, some of the important IT/sysadmin/X-Ops security stories of the holiday season are only popping up in mainstream news now. So we though we’d take a quick look back at some of the major issues we covered over the last couple of weeks, and (just so you can’t accuse us of sneaking out a New Year’s listicle!) reiterate the serious security lessons we can…

Read More
04 Jan

How to foster secure and efficient data practices

Attacks, Data Breaches

Companies rely on data transfers to communicate between departments and with clients. When transferring data between different people, however, there are several risks if these data transfers are insecure. If insecure file transfer methods such as unencrypted email or cloud services are used, companies can open themselves up to potential exploitation by malicious actors. These actors could look to utilize methods including poisoning uploads with malware or intercepting files to gain access to confidential data.…

Read More
04 Jan

Attackers use stolen banking data as phishing lure to deploy BitRAT

Data Breaches, Malware, Social Engineering

In a case that highlights how attackers can leverage information from data breaches to enhance their attacks, a group of attackers is using customer information stolen from a Colombian bank in phishing attacks with malicious documents, researchers report. The group, which might have been responsible for the data breach in the first place, is distributing an off-the-shelf Trojan program called ​​BitRAT that has been sold on the underground market since February 2021. Stolen data used…

Read More
04 Jan

Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says

Data Breaches, Malware, Social Engineering

The number of attacks targeting the government sector increased by 95% worldwide in the second half of 2022 compared to the same period in 2021, according to a new report by AI-based cybersecurity company CloudSek.  The increase in attacks can be attributed to rapid digitization and the shift to remote work during the pandemic, which broadened the attack surface of government entities and paved the way for an increase in cyberwarfare waged by nation-state actors,…

Read More
04 Jan

Synology Patches Severe Vulnerabilities in VPN Product

Attacks, Malware

Synology urges all VPN Plus Server for SRM (Synology Router Manager) users patch as soon as possible to the latest version. Users can apply updates by: 1. Logging into Synology Desktop environment2. Opening the Package Center app3. Click Update on the left panel to see available updates. Click the Update buttons or Update All to update packages. https://www.bleepingcomputer.com/news/security/synology-fixes-maximum-severity-vulnerability-in-vpn-routers/ https://nvd.nist.gov/vuln/detail/CVE-2022-43931 https://www.synology.com/en-us/security/advisory/Synology_SA_22_26 https://kb.synology.com/en-nz/SRM/help/SRM/PkgManApp/manage?version=1_2

Read More
04 Jan

Ongoing Flipper Zero Phishing Attacks Target Infosec Community

Attacks, Malware

As long as the interest and shortages continue, cybercriminals will continue to attempt to impersonate Flipper Zero through fake shops to trick security enthusiasts into giving up their personal information and crypto. Due to this, it is vital to be on the lookout for these promotions and shops claiming immediate product availability and only buy from the official store. https://www.bleepingcomputer.com/news/security/ongoing-flipper-zero-phishing-attacks-target-infosec-community/

Read More