10 Free and Best OSINT Tools 2021
OSINT or Open source intelligence refers to information about businesses or people that can be collected from online sources. However, it requires tools to do so, and here are the
Ransomware strikes Toronto transit system, disrupting some services
Written by Tim Starks Nov 1, 2021 | CYBERSCOOP A ransomware attack on Toronto’s transit agency knocked some systems offline over the weekend, an incident that occurred days after another
iOS 15, Windows 10 and Google Chrome Hacked During the Tianfu Cup Contest
During the weekend of 16th -17th October, a hacking competition took place in China, more specifically in Chengdu’s Sichuan province. The most prestigious and biggest competition in this sense in
How Threat Hunting Can Protect the Healthcare Industry
There’s been no slowdown when it comes to healthcare-related security breaches. For the 12 months through July 2021, 706 healthcare data breaches (of 500 or more records) were reported to
Inside 1,602 pentests: Common vulnerabilities, findings and fixes
Infosec Institute – Each year, Cobalt releases its State of Pentesting report, which extracts trends and statistics about the state of security from penetration testing engagements on its platform. This
Minecraft Alt Lists Used by Chaos Ransomware
Chaos ransomware is an in-development ransomware builder that is being advertised as the latest iteration of Ryuk on underground hacker forums. Fake Minecraft alt lists published on gaming forums are used
Hive Ransomware Now Encrypts Linux and FreeBSD Operating Systems
The double-extortion ransomware group dubbed Hive also encrypts Linux and FreeBSD with new malware versions designed specifically for these operating systems. According to ESET, a Slovak internet security company that
Microsoft: This macOS flaw could have let attackers install undetectable malware
Apple has patched a security flaw in macOS that Microsoft researchers found could be used to install a malicious kernel driver, otherwise known as a ‘rootkit’. The flaw resided
BlackMatter Group Speeds Up Data Theft with New Tool
BlackMatter Group Speeds Up Data Theft with New Tool Security researchers have discovered a new data exfiltration tool designed to accelerate information theft for ransomware groups using the BlackMatter variant.
Conti Group Leak Celebs' Data After Ransom Attack on Jeweller
Conti Group Leak Celebs' Data After Ransom Attack on Jeweller Data on countless celebrities, politicians and heads of state appear to be in the hands of ransomware actors after a
Euro Police Swoop on 12 Suspected Ransomware Gang Members
Euro Police Swoop on 12 Suspected Ransomware Gang Members Twelve threat actors were singled out by Europol last week in a major ransomware operation targeting multiple organized crime groups. The
Signal unveils how far US law enforcement will go to get information about people
Image: Getty Images Signal has released the details of a search warrant it received from police in Santa Clara, California, unveiling the efforts US law enforcement authorities will undertake to
None of NSW's lead cluster agencies have implemented all Essential Eight controls
Image: Audit Office of New South Wales The cybersecurity policy for New South Wales government agencies is not sufficiently robust which is a cause for “significant concern”, according to the
China's personal data protection law kicks in today
China’s Personal Information Protection Law (PIPL) is now in force, laying out ground rules around how data is collected, used, and stored. It also outlines data processing requirements for companies
How to transform compliance training into a catalyst for behavior change
Inflection Point Systems was tasked with strengthening cybersecurity education for their 200-plus employees across the U.S. and Mexico. The result? A major shift in employee behaviors and recognition as an
Fortinet warns of Black Friday scams involving PS5s, Xboxes and fake Amazon gift card generators that steal crypto
Fortinet’s FortiGuard Labs has discovered a new scam using the lure of an Amazon gift card generator to steal cryptocurrency from people. Researchers with FortiGuard Labs said they found a
Mozilla Firefox joins browsers implementing Global Privacy Control
Mozilla has become the latest browser to test the waters in incorporating the Global Privacy Control in Firefox this week, calling itself “the first major web browser” to do so.
TA575 criminal group using 'Squid Game' lures for Dridex malware
Cybersecurity firm Proofpoint has found evidence of a prolific cybercrime group using the popularity of Netflix hit “Squid Game” to spread the Dridex malware. In a blog post, Proofpoint said
Michigan police execute warrant looking for missing election equipment
Written by AJ Vicens Oct 29, 2021 | CYBERSCOOP The Michigan State Police launched a criminal investigation this week after a piece of election equipment went missing. The inquiry comes
Minnesotan Charged with Hacking Pro Sports Leagues
Minnesotan Charged with Hacking Pro Sports Leagues A man from Minnesota has been charged with hacking four major American professional sports leagues and defrauding them of millions of dollars by illegally streaming
Cerberus Sentinel Acquires RED74
Cerberus Sentinel Acquires RED74 RED74, a managed security services provider based in New Jersey, has been acquired by cybersecurity consulting and managed services firm Cerberus Cyber Sentinel Corporation. The financial terms of the
The best free VPNs: Why they don't exist
TANSTAAFL. If you’ve read your Heinlein, you know it’s an acronym for “There ain’t no such thing as a free lunch.” That phrase has actually been around since the days
FBI Raids Chinese Payment-Terminal Company
FBI Raids Chinese Payment-Terminal Company Law enforcement agencies in the United States have searched the Florida premises of a Chinese payment-terminal provider. A warehouse and offices belonging to multinational Pax Technology were
Let's Encrypt explains last month's outages caused by certificate expiration
Dozens of websites and services reported issues late last month thanks to the expiration of a root certificate provided by Let’s Encrypt, one of the largest providers of HTTPS certificates.
How much can you make with an associate in cybersecurity?
An associate degree in cybersecurity gives you the knowledge and skills to work on the front lines of electronic data safety while taking home a lucrative salary. The degree also
Google Chrome is Abused to Deliver Malware as ‘Legit’ Win 10 App
Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency. Crooks behind a newly
A New Zero-day Vulnerability Is Impacting All Windows Versions
A security researcher recently revealed technical details for a zero-day privilege elevation vulnerability in Windows and also a public proof-of-concept (PoC) exploit that provides SYSTEM access under certain settings. As
New Malware Dubbed AbstractEmu Goes Undetected
A new malware was detected. Named by security researchers AbstractEmu, its attack methods consist of the use of anti-emulation checks and also code abstraction techniques. All these can result in
US charges alleged extortionist, HeheStreams operator with demanding $150k from MLB
Written by Jeff Stone Oct 29, 2021 | CYBERSCOOP U.S. prosecutors have charged a 30-year-old man with attempting to extort Major League Baseball and broadcasting illegal game streams after he
Schreiber Foods back to normal after ransomware attack shuts down milk plants
Schreiber Foods said its plants and distribution centers are back up and running after a ransomware attack took down their systems earlier last weekend. The food production giant became the
Ransomware: Police sting targets suspects behind 1,800 attacks that 'wreaked havoc across the world'
Twelve people have been targeted by an international law enforcement operation for involvement in over 1,800 ransomware attacks on critical infrastructure and large organisations around the world. A statement by
Google fixes two high-severity zero-day flaws in Chrome
It’s time to update Chrome and once again, for the third month in a row, Google has fixed two previously unknown ‘zero-day’ bugs in the world’s most popular desktop browser.
Forrester Predicts Mass Cybersecurity Brain Drain
Forrester Predicts Mass Cybersecurity Brain Drain Analyst house Forrester has warned of a significant exodus of cybersecurity professionals from the industry due to stress, burnout and limited career progression opportunities. In its
Misconfigured Database Leaks 880 Million Medical Records
Misconfigured Database Leaks 880 Million Medical Records Researchers have found an unsecured database leaking over 886 million sensitive patient records online. The non-password-protected data trove was found by Jeremiah Fowler
Suspected Trickbot Malware Developer Faces 60 Years in Jail
Suspected Trickbot Malware Developer Faces 60 Years in Jail A suspected member of the infamous Trickbot group has been extradited to the US, where he faces decades behind bars if
AFP confiscates AU$1.7m from Sydney man who stole Netflix, Spotify, Hulu accounts
Australian Federal Police (AFP) has ordered an individual to forfeit AU$1.66 million for stealing the log-ins and passwords for Hulu, Netflix, and Spotify accounts. The culprit, based in Sydney, conspired
Services Australia testifies Cellebrite tech only used for fraud and identity theft cases
A demonstration of Cellebrite technology being used. Image: Getty Images In testimony to Australia’s Senate Estimates, Services Australia said its use of Cellebrite software has only been for looking into
Ransomware Negotiation Scenarios: What to Expect
Trend Micro – This standard introduction shows a level of professionalism, indicating that the ransomware group uses a standard playbook for negotiating staff. While other ransomware families do not start
Cybersecurity Trends & Predictions for CISOs
Trend Micro – Staying one step ahead of the bad guys is the best way to stop cyberattacks. Trend Micro’s VP of Threat Research, Jon Clay, provides in-depth predictions of
XSS Vulnerability in NextScripts: Social Networks Auto-Poster Plugin Impacts 100,000 Sites
WordFence – Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On August 19, 2021, the Wordfence
Best VPN 2021: Top VPN services reviewed
To find the best VPN service for your personal or business needs, you’ll need to compare brands, prices, features, and more. But first, you need to understand how a VPN
Manual certificate management falling way behind PKI growth
Public key infrastructure (PKI) is a system of processes, technologies, and policies for encrypting and signing data. It plays an essential role in authenticating users, servers, devices, software, and digital
All Sectors Are Now Prey as Cyber Threats Expand Targeting
Aamir Lakhani, security researcher at Fortinet, says no sector is off limits these days: It’s time for everyone to strengthen the kill chain. Ransomware doesn’t discriminate – today, every sector
Russian national allegedly behind TrickBot malware extradited to US, makes court appearance
Written by AJ Vicens Oct 28, 2021 | CYBERSCOOP Vladimir Dunaev, a Russian national accused of being part of the group behind the notorious TrickBot malware, appeared in federal court
Suspected REvil Gang Insider Identified
German investigators have identified a deep-pocketed, big-spending Russian billionaire whom they suspect of being a core member of the REvil ransomware gang. He lolls around on yachts, wears a luxury
Data Breach at University of Colorado
Data Breach at University of Colorado An American university is notifying thousands of former and current students that their personal information may have been compromised during a recent data breach.
Luxury hotel chain in Thailand reports data breach
A luxury hotel chain in Thailand is reporting a data breach thanks to a notorious group of cybercriminals who have been behind a spate of attacks in recent weeks. Thirayuth
Cops Receive Stalkerware Training
Cops Receive Stalkerware Training Members of the Coalition Against Stalkerware are helping law enforcement agencies to investigate cases involving digital stalking. The Coalition was created in 2019 by ten founding partners: Avira,