The U.K. Labour Party discloses a data breach
The U.K. Labour Party discloses a data breach after a ransomware attack hit a service provider that is managing its...
News
Cyber Defense Magazine – November 2021 has arrived. Enjoy it!
Cyber Defense Magazine September 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with 155 pages of excellent...
NSO Group, Positive Technologies and other firms sanctioned by the US government
The U.S. sanctioned four companies for the development of surveillance malware or the sale of hacking tools used by nation-state...
Credit card skimmer evades Virtual Machines
This blog post was authored by Jérôme Segura There are many techniques threat actors use to slow down analysis or,...
Update now! Mozilla fixes security vulnerabilities in Firefox 94
In a security advisory, Mozilla’s announced that several security issues in its Firefox browser have been fixed. Several of these...
Trojan Source: Hiding malicious code in plain sight
Researchers at the University of Cambridge, UK, have released details of a cunning and insidious new class of software vulnerability...
BlackMatter ransomware group announces shutdown. But for how long?
The BlackMatter ransomware gang has announced they are going to shut down their operation, citing pressure from local authorities. And...
Cybercrime underground flooded with offers for initial access to shipping and logistics orgs
Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global...
BlackMatter ransomware gang is shutting down due to pressure from law enforcement
The BlackMatter ransomware gang announced it is going to shut down its operation due to pressure from law enforcement. The...
Google fixes actively exploited Zero-Day Kernel flaw in Android
Google’s Android November 2021 security updates address a zero-day vulnerability in the Kernel that is actively exploited in the wild....
This Steam phish baits you with free Discord Nitro
Weeks ago, we talked about the one effective lure that could get a Discord user to consider clicking on a...
Facebook is going to shut down Face Recognition system and data it collected
Facebook announced to shut down its Face Recognition system and is going to delete over 1 billion people’s facial recognition...
Ransomware gangs target companies involved in time-sensitive financial events, FBI warns
The FBI warns of ransomware attacks on businesses involved in “time-sensitive financial events” such as corporate mergers and acquisitions. The Federal...
Zuckerberg’s Metaverse, and the possible privacy and security concerns
The news is currently jam-packed with tales of Facebook’s Meta project. Of particular interest to me is Facebook’s long-stated desire...
Google patches zero-day vulnerability, and others, in Android
Google has issued security patches for the Android Operating System. In total, the patches address 39 vulnerabilities. There are indications...
Google triples bounty for new Linux Kernel exploitation techniques
Google is going to increase the bounty for finding and exploiting privilege escalation vulnerabilities in the Linux kernel. Good news...
50% of internet-facing GitLab installations are still affected by a RCE flaw
Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited in the...
What is Twitch?
Twitch is primarily a site dedicated to live streaming content. It also offers the ability to chat with others in...
Trojan Source attack method allows hiding flaws in source code
Researchers devised a new attack method called ‘Trojan Source’ that allows hide vulnerabilities into the source code of a software...
Is Apple’s Safari browser the last, best hope for web privacy?
What browser do you use? There’s a good chance—roughly one in seven—that it’s Google Chrome. And even if you prefer...
The Toronto Transit Commission (TTC) hit by a ransomware attack
A ransomware attack hit the systems at the Toronto Transit Commission public transportation agency and disrupted its operations. The Toronto...
Spam and phishing in Q3 2021
Quarterly highlights Scamming championship: sports-related fraud This summer and early fall saw some major international sporting events. The delayed Euro 2020...
US-CERT Bulletin (SB21-305):Vulnerability Summary for the Week of October 25, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
HelloKitty ransomware gang also targets victims with DDoS attacks
The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands)....
