Gartner predicts privacy law changes, consolidation of cybersecurity services and ransomware laws for next 4 years
For 2023, Gartner expects 75% of the world to be covered under some kind of privacy law with built in subject rights requests and consent. The key, they said, will
Google Crushes YouTube Cookie-Stealing Channel Hijackers
google has caught and brushed off a bunch of cookie-stealing youtube channel hijackers who were running cryptocurrency scams on the ripped-off channels. In a Wednesday post, Ashley Shen, with Google’s
Space ISAC and NY InfraGard to Collaborate on Cybersecurity in Space
Space ISAC and NY InfraGard to Collaborate on cybersecurity in Space The Space Information Sharing and Analysis Center (Space ISAC) and the New York Metro InfraGard Members Alliance (NYM-IMA) have
Data Breach Could Cost Missouri $50M
Data Breach Could Cost Missouri $50M A data breach that may have exposed the Social Security numbers of tens of thousands of teachers, administrators, and counselors across Missouri could end
VPN Exposes Data for 1M Users, Leading to Researcher Questioning
Experts warn that virtual private networks are increasingly vulnerable to leaks and attack. Free virtual private network (VPN) service Quickfox, which provides access to Chinese websites from outside the country,
Notorious Russian ransomware gang Evil Corp. reportedly hit Sinclair Broadcast Group
Written by AJ Vicens Oct 20, 2021 | CYBERSCOOP Evil Corp., one of the most notorious and prolific Russian cybercrime groups in recent years with a leader who has been
Hacker steals govt database with info of entire Argentine population
Reportedly, the database also contains personal information of Argentinian President Alberto Fernández, football superstars Sergio Aguero and Lionel Messi. After the infamous La Gorra Leaks in 2017 and the exposure
These hackers dodge Windows and target Linux as they look to steal phone data
A stealthy hacking group is infiltrating telecommunications companies around the world in a campaign which researchers have linked to intelligence gathering and cyber espionage. The campaign, which has been active
Vulnerability Patched in Sassy Social Share Plugin
WordFence – Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. In 2010, Steffan Esser gave a
Scammers targeted YouTube creators to takeover accounts, promote crypto investment fraud
Written by Tonya Riley Oct 20, 2021 | CYBERSCOOP Scammers have been targeting YouTube creators with fake content collaboration offers in order to steal their accounts, according to a Google
Best VPN for torrenting 2021
BitTorrent is a complex topic. As a technology, it’s perfectly legal. But what you do with it could be illegal. Before we dive into the legalities of torrenting, let’s do
Acer Hit Twice in One Week by the Same Hacker
Threat actors identified as ‘Desorden’ claimed they had hacked Acer India’s computers and stolen data, including client information. What Happened? Acer reacted in a press release saying this was an
Geriatric Microsoft Bug Exploited by APT Using Commodity RATs
Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that’s as potent as it is ancient. An APT described
Good News! A Free Decryptor for BlackByte Ransomware Has Just Been Released
We know you are tired of reading about ransomware attacks, ransoms, and impacted organizations every single day, that’s why we are so glad to tell you the good news of
Candy corn producer says ransomware incident 'not likely' to sour Halloween supplies
Written by Jeff Stone Oct 20, 2021 | CYBERSCOOP A major U.S. candy-maker says it’s returning to service after a ransomware incident in which intruders interrupted operations at some facilities
Foiling Cybercrime Around the World – An Interview with a Cybercrime Investigator
The threat of ransomware has grown dramatically in recent years. The recent emergence of ransomware as a service (RaaS) has made it possible for those with little technical know-how to
New Linux kernel memory corruption bug causes full system compromise
Researchers dubbed it a “straightforward Linux kernel locking bug” that they exploited against Debian Buster’s 4.19.0.13-amd64 kernel. In 2017, MacAfee researchers disclosed a memory corruption bug inside the Linux kernel’s UDP
81% of UK Healthcare Organizations Hit by Ransomware in Last Year
81% of UK Healthcare Organizations Hit by Ransomware in Last Year More than four-fifths (81%) of UK healthcare organizations suffered a ransomware attack in the last year, according to a
Black market traders cash in on fake COVID-19 vaccination records
Researchers have uncovered a lively trade online in the sale of fake vaccination records and passports. COVID-19 prompted panic buying and price hikes for basic necessities worldwide when the pandemic
A Well-Known Bug Bounty Platform Wants Zero-day Exploits for Windows VPN Clients
Zerodium is a premium bug bounty platform created by cybersecurity specialists with zero-day exploit and vulnerability research experience. The goal of Zerodium is to gather together independent security researchers to
Over 25% of Malicious JavaScript Is Being Obfuscated, Research Shows
According to a new study of over 10,000 malicious JavaScript samples, over 25% of the samples analyzed use JavaScript obfuscation methods to prevent detection and analysis. What Is Obfuscation? Obfuscation
Hackers are disguising their malicious JavaScript code with a hard-to-beat trick
Over 25% of malicious JavaScript code is obfuscated by so-called ‘packers’, a software packaging method that has given attackers a way of evading signature-based detection, according to security and content
Twitter Pulls Account After Argentinian Mega Breach Claims
Twitter Pulls Account After Argentinian Mega Breach Claims Twitter has suspended the account of an individual who claims to have obtained an ID card database covering the entire population of
Specialty Steel Works turns cyber skills into life skills
Specialty Steel Works Incorporated is no stranger to setting high standards as the leader in innovative steel solutions. That’s why they went straight to the top when implementing their new
False Government Websites Steal Private Financial Data, FBI warns
A warning comes from the FBI announcing that cybercriminals use new methods to collect financial data and personal information, making use of false websites posing as government platforms. Their goal
Microsoft, Intel and Goldman Sachs Team Up For New Supply Chain Security Initiative
Microsoft, Intel and Goldman Sachs Team Up For New Supply Chain Security Initiative Microsoft has teamed up with Intel and Goldman Sachs to push for hardware security improvements that could help
Security, remote work support top concerns amongst firms
Increasing adoption of hybrid work practices has pushed the need to enable and secure remote workers as a top challenge for IT managers. Security threats also have evolved amidst this
Supply chain attacks are the hacker's new favourite weapon. And the threat is getting bigger
Compromising a business supply chain is a key goal for cyber attackers, because by gaining access to a company that provides software or services to many other companies, it’s possible
LightBasin Operation Compromises 13 Global Telcos in Two Years
LightBasin Operation Compromises 13 Global Telcos in Two Years Researchers have uncovered a “highly sophisticated” two-year espionage campaign against global telcos that has already compromised 13 organizations. Dubbed “LightBasin” by
Case Study: How Can Heimdal™’s Next-Gen Antivirus Help You Stay Safe?
Business IT Plus has recently published a very interesting case study in which they explore the importance of having a good antivirus solution installed. Business IT Plus has been working
Cyber incident impact sits at over $500,000 for half of small to medium APAC businesses
Image: Cisco 51% of Asia Pacific small to medium-sized businesses that were hit with a cyber incident in the past year saw the cost of that incident exceed $500,000, according
Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services
The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and
Customer services firm Atento hit by cyberattack
Business process outsourcing (BPO) and customer relationship management multinational Atento has been hit by a cyberattack, with the greatest impact seen in Brazil, its largest operation in Latin America. The
Fresh APT Harvester Reaps Telco, Government Data
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. A previously unseen advanced persistent threat (APT) group dubbed Harvester by researchers
Apple iCloud Hacker Steals Nudes
Apple iCloud Hacker Steals Nudes A 40-year-old man from California has admitted his role in a conspiracy to break into the private digital photo libraries of Apple customers to locate
Twitter suspends hacker who allegedly stole data of 45 million Argentinians
Twitter has suspended a hacker who allegedly stole all of the data from Argentina’s database holding the IDs and information of all 45 million citizens of the country. A threat
Prison for UPMC Data Thief
Prison for UPMC Data Thief A hacker from Michigan who stole and sold the sensitive data of tens of thousands of University of Pittsburgh Medical Center (UPMC) employees has been
REvil ransomware gang goes dark after its Tor sites are hacked
In July 2021 the REvil ransomware group vanished due to mounting US pressure after the Kaseya attack. However, the group was back in September 2021 by carrying out extortion-based DDoS
Data Breach Hits US Dental Patients
Data Breach Hits US Dental Patients A cyber-attack on the vendor of a network of dental practices may have exposed the data of tens of thousands of patients. A cyber-criminal
Lyceum APT Returns, This Time Targeting Tunisian Firms
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on
CISA says BlackMatter ransomware group behind recent attacks on agriculture companies
CISA, the FBI and NSA officially implicated the BlackMatter ransomware group in the recent attacks on two agriculture companies, confirming the assessments of some security researchers who said the gang
Duckduckgo vs Google: A Security Comparison and How to Maximize Your Privacy
Are you preoccupied with privacy? You’ve come to the right place. In today’s guide, I’ll go through everything you should know about Duckduckgo vs Google, how each of them works
A Guide to Doing Cyberintelligence on a Restricted Budget
Cybersecurity budget cuts are everywhere. Chad Anderson, senior security researcher at DomainTools, discusses alternatives to fancy tooling, and good human skills alignment. For those in the industry, it comes as
Chinese VPN app Quickfox caught exposing 1 million users’ data
The Quickfox VPN is mainly used by Chinese citizens living abroad who need to access Chinese websites as most of these sites are geo-restricted. Wizcase’s team of ethical researchers, led
How to Stay Safe from BlackMatter Ransomware Attacks
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) all provide data that can assist companies in defending against and
83% of ransomware victims paid ransom: survey
A new survey of 300 US-based IT decision makers found that 64% have been victims of a ransomware attack in the last 12 months and 83% of attack victims paid
83% of Ransomware Victims Pay the Demand
83% of Ransomware Victims Pay the Demand More than four in five (83%) ransomware victims in the last 12 months felt they had no option but to pay the extortion
What Is Privileged Account and Session Management (PASM)?
Privileged Account and Session Management (PASM) is a new PAM (Privileged Access Management) that focuses on privileged account monitoring and management for compliance, security, and data integrity purposes. Whereas PAM