News
Why do hackers keep coming back to attack you? Because they can
Webinar Hackers have a tendency to return to the scene of their crimes over and over again. But it’s not because they’re unimaginative creatures of habit. It’s because infosec teams make it so easy for them, they’d be foolish not to.…
Facebook opens political ad data vaults to researchers
Meta's ad transparency tools will soon reveal another treasure trove of data: advertiser targeting choices for political, election-related, and social issue spots.…
It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017
HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.…
Screencastify fixes bug that would have let rogue websites spy on webcams
Screencastify, a popular Chrome extension for capturing and sharing videos from websites, was recently found to be vulnerable to a cross-site scripting (XSS) flaw that allowed arbitrary websites to dupe people into unknowingly activating their webcams.…
How to find NPM dependencies vulnerable to account hijacking
Following the recent disclosure of a technique for hijacking certain NPM packages, security engineer Danish Tariq has proposed a defensive strategy for those looking to assess whether their web apps include dependencies tied to subvertable email domains.…
Microsoft sounds the alarm on — wait for it — a Linux botnet
Microsoft has sounded the alarm on DDoS malware called XorDdos that targets Linux endpoints and servers.…
South Korean and US presidents gang up on North Korea's cyber-offensives
US president Biden and South Korea's new president Yoon Suk Yeol have pledged further co-operation in many technologies, including joint efforts to combat North Korea.…
Conti: Russian-backed rulers of Costa Rican hacktocracy?
In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. …
China-linked Twisted Panda caught spying on Russian defense R&D
Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research.…
Microsoft patches the patch that broke Windows authentication
Microsoft has released an out-of-band patch to deal with an authentication issue that was introduced in the May 10 Windows update.…
Microsoft Bing censors politically sensitive Chinese terms
Updated Microsoft search engine Bing censors terms deemed sensitive in China from its autosuggestion feature internationally, according to research from Citizen Lab.…
Protecting data now as the quantum era approaches
Analysis Startup QuSecure will this week introduce a service aimed at addressing how to safeguard cybersecurity once quantum computing renders current public key encryption technologies vulnerable.…
Canada bans Huawei and ZTE from 5G networks, citing national security risks
The Canadian government has joined many of its allies and banned the use of Huawei and ZTE tech in its 5G networks, as part of a new telecommunications security framework.…
India slightly softens infosec incident reporting and data retention rules
India has slightly softened its controversial new reporting requirements for information security incidents and made it plain they apply to multinational companies.…
US won’t prosecute ‘good faith’ security researchers under CFAA
The US Justice Department has directed prosecutors not to charge "good-faith security researchers" with violating the Computer Fraud and Abuse Act (CFAA) if their reasons for hacking are ethical — things like bug hunting, responsible vulnerability disclosure, or above-board penetration testing.…
US recovers a record $15m from the 3ve ad-fraud crew
The US government has recovered over $15 million in proceeds from the 3ve digital advertising fraud operation that cost businesses more than $29 million for ads that were never viewed.…
Iran, China-linked gangs join Putin's disinformation war online
Pro-Beijing and Iran miscreants are using the war in Ukraine to spread disinformation that supports these countries' political interests — namely, advancing anti-Western narratives – according to threat-intel experts at Mandiant.…
Hot glare of the spotlight doesn’t slow BlackByte ransomware gang
The US government's alert three months ago warning businesses and government agencies about the threat of BlackByte has apparently done little to slow down the ransomware group's activities.…
The cyber threat isn’t going anywhere, but the fight back starts in London
Sponsored Post It might feel like you’re facing down the cyber bad guys all on your own sometimes but be assured that’s not the case. In fact, if you head to CyberThreat 22 this Autumn you can draw on the expertise of some of the world’s most experienced practitioners.…
Your snoozing iOS 15 iPhone may actually be sleeping with one antenna open
Some research into the potentially exploitable low-power state of iPhones has sparked headlines this week.…
Pages
