Top VPN Scams Revealed – Here’s What to Look Out for in 2022
The VPN scams discussed in this article may sound harmless to many but in reality, they are happening every day and causing a lot of damage. A VPN is a
Malware Builder Leverages Discord Webhooks
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. On April 23rd, 2022, a Discord user with the handle “Portu” began advertising a
Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Francesco Benvenuto and Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker
You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius
Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company’s attack surface and the “blast radius” of a potential attack. Lately, I’ve started wondering if the
South Asian Governments Targeted by Bitter APT Group
Bitter, an APT group reportedly engaged in cyber espionage activities, has been observed targeting the Bangladesh government by leveraging new malware that shows remote file execution functionalities. The campaign has
Nerbian RAT Malware, New Threat on The Market
Nerbian RAT, a novel malware variant that comes with a long list of capabilities, including the ability to avoid detection and analysis by security researchers, has been recently spotted. The
Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks
The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found. A newly discovered and complex remote access trojan (RAT)
Hackers Are Going After Managed Security Providers
Australia, Canada, New Zealand, the United Kingdom, and the United States are the members of the intelligence partnership known as the “Five Eyes,” sometimes abbreviated as “FVEY.” These nations are signatories
Government Initiative Promises Rapid Blocking of Scam Sites
Real-time data sharing with ISPs could stop fraud at scaleRead More: https://www.infosecurity-magazine.com/news/government-initiative-rapid/
Trustpilot Forced to Delete Millions of Fake Reviews in 2021
Persistent fraud threatens trust in e-commerceRead More: https://www.infosecurity-magazine.com/news/trustpilot-delete-millions-fake/
Quarter of Security Pros Say Mental Health Has Worsened
Over a fifth are “very stressed” at workRead More: https://www.infosecurity-magazine.com/news/quarter-security-pros-mental/
Beware of state actors stepping up attacks on managed service providers: Cyber agencies
Written by Chris Duckett, APAC Editor Chris Duckett APAC Editor Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer.
Microsoft Patch Tuesday: Fixes for 0-Day and 74 Other Flaws Released
The latest edition of Patch Tuesday offers fixes for 7 critical flaws, including 5 RCE (remote code execution) bugs and 2 EoP (elevation of privilege) flaws, and 67 other relatively
Google I/O: New security features include virtual credit cards, account safety status
Written by Jason Cipriani, Contributing Writer Jason Cipriani Contributing Writer Jason Cipriani is based out of beautiful Colorado and has been covering technology news and reviewing the latest gadgets as
British Man Charged With Hacking US Bank Computers, Stealing Millions
The 10-count complaint alleges Idris Dayo Mustapha used phishing and other means to obtain user credentialsRead More: https://www.infosecurity-magazine.com/news/british-charged-hacking-us-bank/
6 Legal and Free Streaming Services to Consider in 2022
The streaming industry is changing rapidly with new services popping up and others disappearing, it’s important to stay ahead of the curve. This article provides an overview of the top
U.S., allies warn of rising recent and future attacks on managed service providers
Written by AJ Vicens May 11, 2022 | CYBERSCOOP Cybersecurity authorities in the U.S., U.K., Australia, Canada and New Zealand released a joint advisory Wednesday warning that they “expect malicious
Legislator slams Biden administration for dialing back DOD cyber operation authorities
Written by Suzanne Smalley May 11, 2022 | CYBERSCOOP Cyberspace Solarium Commission Co-Chair Rep. Mike Gallagher lambasted the White House Wednesday, saying the decision to give the State Department more
How to delete your Twitter account and protect your data
Whether it’s because a move Twitter itself made that you’re not fond of, a decision to move to another platform instead, or you’ve just had enough of social media as
Ransomware is a national security threat, so please tell us about attacks, says government
Victims of ransomware attacks are being urged to come forward and report incidents in order to help prevent other companies being hit with what’s described as the biggest cybersecurity threat
Fake WHO Safety Emails on COVID-19 Dropping Nerbian RAT Across Europe
The novel Nerbian RAT (remote access trojan) is currently targeting’ entities in Spain, Italy, and the United Kingdom. Proofpoint’s security researchers have warned users of a new RAT dubbed Nerbian written in
Five Eyes Nations Issue New Supply Chain Security Advisory
The joint advisory is designed to enable transparent discussions between MSPs and their customers on securing sensitive dataRead More: https://www.infosecurity-magazine.com/news/five-eyes-supply-chain-security/
Most Brazilian companies don't pay to get data back after ransomware attacks
Written by Angelica Mari, Contributing Editor Angelica Mari Contributing Editor Angelica Mari is a Brazil-based technology journalist. She started working at age 15 as a computer instructor and started writing
How to delete yourself from internet search results and hide your identity online
Go incognito. Getty Images/iStockphoto There is now a very thin line, easily broken, which separates our physical and digital identities. Social networks have evolved from the days of MySpace to
SockDetour: the backdoor impacting U.S. defense contractors
SockDetour is a new backdoor identified by the Unit42 research team and found on U.S. defense contractors’ networks as a backup backdoor to maintain persistence and access. SockDetour is a
Cybersecurity has a desperate skills crisis. Rural America could have the answer
Written by Owen Hughes, Senior Editor Owen Hughes Senior Editor Owen is a senior editor at ZDNet. Based in London, UK, Owen covers software development, IT workforce trends and the
Biden Urges US Businesses to Bolster Cybersecurity Protection
Security Intelligence – Biden Urges US Businesses to Bolster Cybersecurity Protection Home / News Biden Urges US Businesses to Bolster Cybersecurity Protection Share President Joe Biden warned U.S. businesses of possible
A New Phishing-as-a-Service Toolkit Was Discovered
Phishing-as-a-service, often known as PhaaS, is a black-market industry in which trained cybercriminals offer access to the tools and information necessary to carry out a phishing assault in a manner
Intel Memory Bug Poses Risk for Hundreds of Products
Dell and HP were among the first to release patches and fixes for the bug. Chipmaker Intel is reporting a memory bug impacting microprocessor firmware used in “hundreds” of products.
Novel Phishing Trick Uses Weird Links to Bypass Spam Filters
A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains. Researchers have identified a never-before-seen method for sneaking malicious links into
How Much Can CCIE Enterprise Certified Professional Make?
Cisco CCIE Enterprise Infrastructure certificate, which is the successor of the old CCIE Routing and Switching certification, is the most popular CCIE certification. Cisco Certified Internetwork Expert (CCIE) is an
CISA adds actively exploited critical F5 BIG-IP bug to its must-patch list
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a critical bug in F5’s Big-IP software that is being actively exploited. The network and application delivery
Bitter APT adds Bangladesh to their targets
Cisco Talos has observed an ongoing malicious campaign since August 2021 from the Bitter APT group that appears to target users in Bangladesh, a change from the attackers’ usual victims.
Hackers are using tech services companies as a 'launchpad' for attacks on customers
A warning from international cybersecurity agencies has urged IT service providers and their customers to take action to protect themselves from the threat of supply chain attacks. The cybersecurity
How Traffic Analysis Boosts Ecommerce Profits
Attracting traffic is critical to the health of every ecommerce business. However, large traffic numbers don’t necessarily result in sales unto themselves. To boost revenues, you must design pages optimized
Elon Musk: Russian efforts to jam Starlink are 'ramping up'
Elon Musk has said that Russian attempts to jam or otherwise hack the Starlink satellite communications network have been thwarted so far, but these efforts continue – and are ramping
Actively Exploited Zero-Day Bug Patched by Microsoft
Microsoft’s May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments. Microsoft has revealed 73 new patches
Ransomware Deals Deathblow to 157-year-old College
Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. Illinois-based Lincoln College was established during
Looking for XDR in your MDR Partner | How XDR can improve MDR
Over the last two years, it’s clear that organizations, especially enterprises, need to elevate their detection and response capabilities. Environments are much different and the risk has never been greater
Windows Print Spooler Exploit: the Path for Threat Actors to Perform 65,000 Cyberattacks
If you’ve lately used Windows Print Spooler, here’s some bad news: you may have been hacked. Between July 2021 and April 2022, threat actors carried out nearly 65,000 cyberattacks through
A Complete Guide to Desktop as a Service (DaaS)
Desktop as a service, or DaaS, is a term used in the cloud computing field to refer to virtual applications and desktops that are supplied over the cloud to any
NCSC's Free Email Security Check Spots Domain Issues
Service Could help minimize spoofing and privacy risksRead More: https://www.infosecurity-magazine.com/news/free-email-security-check-spots/
Microsoft: Ransomware Relies on the Gig Economy
Report reveals big variety in affiliate groupsRead More: https://www.infosecurity-magazine.com/news/microsoft-ransomware-relies-on-the/
Microsoft Fixes Three Zero-Days in May Patch Tuesday
Some 73 vulnerabilities have been resolved this monthRead More: https://www.infosecurity-magazine.com/news/microsoft-three-zerodays-may-patch/
Elon Musk plans to reverse Donald Trump's permanent ban on Twitter
Written by Aimee Chanthadavong, Senior Journalist Aimee Chanthadavong Senior Journalist Since completing a degree in journalism, Aimee has had her fair share of covering various topics, including business, retail, manufacturing,
Five Eyes pin Russia for pre-Ukraine invasion attack on Viasat
Written by Chris Duckett, APAC Editor Chris Duckett APAC Editor Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer.
Docker Desktop for Linux finally arrives
Docker Desktop is an easy-to-use Docker container integrated development environment (IDE). It includes Docker Engine, Docker CLI client, Docker Compose, Docker Content Trust, Kubernetes, and Credential Helper. With it, you
Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Jaeson Schultz. Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security