News
-
Google identifies Threat Actors using new tricks with Code SigningGoogle’s Threat Analysis Group found that threat actors have recently used a new trick of code signing to avoid detection on Windows systems and have notified Microsoft of their findings. OpenSUpdater operations had used legitimate code-signing…
-
Microsoft offers passwordless sign-onsIn an effort to strengthen security for Microsoft users, the company is now rolling out a way to access Microsoft accounts such as Microsoft 365, Teams, Outlook, OneDrive, and Family Safety without passwords. The feature is available after linking users…
-
Easy-to-use GENESIS marketplace for cyber criminals on the riseCyber criminals are flocking to the GENESIS marketplace, a one-stop shop for login credentials, cookies, device fingerprints, website vulnerabilities and other sensitive data on Hackers’ wish list. The invite-only market has become an important tool for…
-
Online scam targets gift cards and loyalty cardsOnline scam targets gift cards and loyalty cards Over 100,000 inboxes are the target of an under the radar approach to extracting small amounts of funds from giftcards, credits, and other valuables that show up in people’s inboxes. This cybercrime…
-
Major companies meet with President Biden and promise billions in spending on cybersecurityAt a productive White House meeting on August 25th, Microsoft, Google, Amazon, Apple, IBM and others committed to significant efforts in the cybersecurity area. Google plans to invest more than 10 billion to strengthen cybersecurity and train 100,000…
-
Tuya's IOT products may be a high security riskCyber experts warn that Chinese tech giant Tuya’s IOT products may be a high security risk. Tuya makes products that have been incorporated into many of today's, smart devices including smart TVs, smart home security camera, home thermostats and…
-
White Hacker rewarded with $500K bug bounty for returning millions in hacked cryptocurrencyWhite Hacker returns millions in cryptocurrency hacked from Poly Network last week. The company has decided to offer the hacker a $500K bug bounty. The white hat hacker had stated that he/she had initiated the hack for fun—and was motivated to…
-
Three random words beat out jumble of letters and numbers for secure passwordsThe UK National Security Centre recommends using three random words as passwords because they are easy to remember and are often stronger that the combinations of letters and numbers that people are led to create. Their research found that hacking…
-
Fraudulent phone call centers trick users into downloading ransomwareMicrosoft alerts that the BazaCall attack starts with malicious emails that tricks the users into calling the fake call center. Claiming that a demo service is ending and the user will be charged for a premium service.
-
Cyber Security booklet for Middle and High School studentsThe National Cryptologic Foundation Cyber Center for Education and Innovation has just released a great booklet, Outsmart Cyberthreats, on cyber security for Middle and High School students. The scenarios show students how to protect themselves and…
-
Facebooks takes down over 200 Iranian Hacker Accounts used to target US Military PersonnelFacebooks takes down over 200 Iranian Hacker Accounts used to target US Military Personnel This week Facebook disabled a sophisticated online cyber espionage campaign by Iranian threat actor AKA Tortoiseshell which was targeting about 200 military…
-
Kaseya victim of sophisticated ransomware attackKaseya which provides solutions to managed service providers (MSP) was the victim of a ransomware attack on July 2. There were up to 1500 small to medium-sized companies that may have had their systems compromised through their MSP.Kayseya provides…
-
PrintNightmare impacts all Windows versionsThe PrintNightmare vulnerability is part of the Windows Print Spooler and allows remote code execution. This enables hackers to gain system privileges on a device to install programs, view, change, and delete data and create accounts with full user…
-
Firmware Security Issues put 30 Million Dell Devices at Risk30 million Dell devices are at risk from firmware security issues. Researchers from Eclypsium report that 128 recent models including desktops, laptops, and tablets are exposed. The problems show up in a Dell feature called BIOSConnect which allows…
-
Chris Inglis confirmed as first national cyber directorFormer NSA’er Chris Inglis was confirmed by the Senate as the first national cyber director. His job is to make sure that all federal agencies are operating consistent with the national cyber policy. The director will be the Biden administration’s main…
-
FBI recovers part of Colonial Piple line ransomFBI recovers a chunk of the BITCOIN Ransom paid for the Colonial Pipeline ransom attack. The victim contacted the FBI and then agreed to pay the ransom. The FBI was able to track the origin back to a hacking group called Darkside. They followed the…