Novel device registration trick enhances multi-stage phishing attacks
Microsoft has disclosed details of a large-scale phishing campaign using a novel device registration technique to target other enterprises. Microsoft...
News
QNAP force-installs update against the recent wave of DeadBolt ransomware infections
QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt...
US FCC bans China Unicom Americas telecom over national security risks
The Federal Communications Commission (FCC) revoked the license for the China Unicom Americas over serious national security concerns. The Federal...
NCSC warns UK entities of potential destructive cyberattacks from Russia
The UK’s National Cyber Security Centre (NCSC) urges organizations to improve cybersecurity due to the risk of imminent destructive cyberattacks...
This Week in Security News – January 28th, 2022
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened...
3 Remote Work Security Tips for CISOs
How can CISOs manage remote work security? Explore 3 tips to secure networks, endpoints, and users. If you like the...
What is Cloud Native?
You’ve most likely heard the term “cloud native,” but what does it really mean? This article explores the five requirements...
QNAP update stops Deadbolt ransomware, annoys some users, starts debate
Earlier this week (25 January, 2022) news broke that a ransomware group was targeting QNAP Network Attached Storage (NAS) devices....
Finnish diplomats’ devices infected with Pegasus spyware
Finland Ministry for Foreign Affairs revealed that devices of Finnish diplomats have been infected with NSO Group’s Pegasus spyware. Finland’s...
Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits
Zero-day exploit broker Zerodium announced it will pay $400,000 for zero-day RCE in Microsoft Outlook email client. The zero-day exploit...
Delta Electronics, a tech giants’ contractor, hit by Conti ransomware
Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti...
Experts devise a technique to bypass Microsoft Outlook Security feature
A researcher devised a technique to bypass a security feature of Microsoft Outlook and deliver a malicious link to the...
Big Mother is watching: What parents REALLY think about tracking their kids
Every year on Data Privacy Day, we’re greeted with countless arguments about the absolute merits of data privacy (protections good,...
Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems
In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data...
Update now! Apple patches another actively used zero-day
Apple has released patches for iOS 15.3, iPadOS 15.3, and macOS Monterey 12.2 and is urging users to update. The...
Let’s Encrypt to revoke “mis-issued” certificates
If you use a Let’s Encrypt SSL/TLS certificate, you may wish to check your account over the coming days. Revocation...
Puerto Rico was hit by a major cyberattack
Puerto Rico’s Senate announced that is was it by a cyberattack that shut down its internet provider, phone system and...
North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks
North Korea-linked Lazarus APT group uses Windows Update client to deliver malware on Windows systems. North Korea-linked Lazarus APT started...
Popular apps left biometric data, IDs of millions of users in danger
Personal data belonging to millions of customers of large businesses have been exposed due to a flaw in Onfido IDV....
North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign
This blog was authored by Ankur Saini and Hossein Jazi Lazarus Group is one of the most sophisticated North Korean...
Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to date
Microsoft announced to have mitigated a record 3.47 Tbps distributed denial of service (DDoS) attack targeting an Azure customer. Microsoft announced that...
Lockbit ransomware gang claims to have hacked Ministry of Justice of France
A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. The Ministry...
A new highly evasive technique used to deliver the AsyncRAT Malware
Experts spotted a sophisticated malware campaign delivering the AsyncRAT trojan since September 2021. Researchers from Morphisec spotted a sophisticated phishing...
Ransomware gangs are recruiting breached individuals to persuade companies to pay up
You’ve heard about ransomware, where attackers lock up your files and demand a payment for the decryption key. You may...
