Month: February 2024
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that’s capable of harvesting identity documents, facial recognition data, and intercepting SMS. “The GoldPickaxe family is available for both iOS and Android platforms,” Singapore-headquartered Group-IB said in an extensive report…
Read MoreNorth Korea successfully hacks email of South Korean President’s aide, gains access to sensitive information
- by nlqip
The office of South Korean president Yoon Suk Yeol has confirmed that it believes North Korea hacked into the emails of one of its staff members. The hack of an unidentified member of the presidential staff’s personal email account occurred in the run-up to a three-day visit to Europe in November, where Yoon met British…
Read MoreFeb 15, 2024NewsroomThreat Intelligence / Vulnerability Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as…
Read MoreThe burgeoning field of digital forensics plays a crucial role in investigating a wide range of cybercrimes and cybersecurity incidents. Indeed, in our technology-centric world, even investigations of ‘traditional’ crimes often include an element of digital evidence that is waiting to be retrieved and analyzed. This art of uncovering, analyzing and interpreting digital evidence has…
Read MoreSmashing Security podcast #359: Declaring war on ransomware gangs, mobile muddles, and AI religion
- by nlqip
Holy mackerel! AI is jumping on the religion bandwagon, ransomware gangs target hospitals, and what’s happened to your old mobile phone number? All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by “Ransomware Sommelier” Allan Liska.…
Read MoreStriking a balance between sufficient visibility into cloud computing environments and the potential for an overdose of false positives and duplicate alerts is the key challenge facing cloud security professionals, according to the State of Security Remediation report from the Cloud Security Alliance (CSA). The report, released today, detailed a raft of important issues facing…
Read MoreSecurity researchers warn that an ongoing cloud account takeover campaign has impacted dozens of Microsoft Azure environments owned by organizations from around the world. The attackers have compromised hundreds of accounts since late November 2023 including managers and senior executives. “The varied selection of targeted roles indicates a practical strategy by threat actors, aiming to…
Read MoreThreat actors have stepped up their efforts over the last year to launch attacks aimed at disabling enterprise defenses, according to the annual Red Report released Tuesday by Picus Security. The findings demonstrate a drastic shift in adversaries’ ability to identify and neutralize advanced enterprise defenses, such as next-generation firewalls, antivirus software, and EDR solutions,…
Read MoreJoin me and Metomic CEO Richard Vibert for a discussion about some of the cybersecurity challenges faced by the financial services industry, and how you can best protect your organisations. In a webinar entitled “Fortifying financial services: mastering data security in the digital age”, we will be: describing the diverse threat landscape – I’ve got…
Read MoreAccording to an IBM study, the average cost of a ransomware attack (all ransomware is malware) is $4.54 million. Here, we will discuss what Malware is, its types, and security tips to protect yourself from Malware attacks. The term Malware was first used in 1990 by computer scientist Yisrael Radai. Malware is a common term…
Read MoreRecent Posts
- Bob Sullivan Discovers a Scam That Strikes Twice
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA