BPFdoor Has the Capacity to Bypass Firewalls
A new Linux malware dubbed BPFdoor has been recently identified. Its targets have been Linux and Solaris systems and what’s more, is that it has passed unnoticed for over 5
WordPress Websites Files and Databases Injected with Malicious JavaScript
WordPress is a content management system (CMS) that is free to use and open-source. It is built in PHP, and it can be combined with either a MySQL or MariaDB
#CYBERUK22: Cyber Trends from the Russia-Ukraine War
A panel of cyber leaders discuss Ukraine’s cyber-resilience and other trends during the conflictRead More: https://www.infosecurity-magazine.com/news/cyber-trends-russia-ukraine-war/
Just in time? Bosses are finally waking up to the cybersecurity threat
Boardrooms have a reputation for not paying much attention to cybersecurity, but it could be that executives are finally keen to take more interest in securing the systems and networks
Government's “Whole of Society” Cyber Strategy Takes Shape
First National Cyber Advisory Board co-chair appointedRead More: https://www.infosecurity-magazine.com/news/governments-whole-of-society-cyber/
Open Source Community Hands White House 10-Point Security Plan
Around $150m in funding will shape future of open source securityRead More: https://www.infosecurity-magazine.com/news/open-source-community-10point/
Ukrainian Gets Four Years for Brute Forcing Thousands of Credentials
Server logins were sold on dark web criminal marketplaceRead More: https://www.infosecurity-magazine.com/news/ukrainian-four-years-brute-force/
A Guide to Using VPNs on Your Smartphone
A VPN these days is a must as we know it. The recent growth of VPN use has been pronounced across the globe, particularly in developed economies in the UK
Ukrainian cybercriminal sentenced to four years in U.S. prison for credential theft scheme
Written by AJ Vicens May 12, 2022 | CYBERSCOOP A Ukrainian man convicted in February of trafficking in stolen username and password credentials was sentenced to four years in federal
Misconfigured ElasticSearch Servers Exposed 579 GB of Users’ Website Activity
In total, two misconfigured ElasticSearch servers belonging to an unknown organization exposed 359,019,902 (359 million) records that were collected with the help of data analytics software developed by SnowPlow Analytics.
SYK Crypter Distributing Malware Families Via Discord
With 50% more users last year than in 2020, the number of people using the community chat platform Discord is growing at a blistering pace. This has led cybercriminals to
Analysis of well-known Iranian hacking group points to more purely financial attacks
Written by AJ Vicens May 12, 2022 | CYBERSCOOP An analysis of a well-known Iranian hacking operation that’s previously blurred the line between espionage and extortion suggests that the group
Threat Source newsletter (May 12, 2022) — Mandatory MFA adoption is great, but is it too late?
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. Mandatory multi-factor authentication is all the rage nowadays. GitHub just announced that all contributors would have to enroll
Oklahoma City Indian Clinic Data Breach Affects 40,000 Individuals
Investigation revealed unauthorized party accessed and possibly retained sensitive customer informationRead More: https://www.infosecurity-magazine.com/news/oklahoma-city-indian-clinic-data/
Costa Rica Declares National Emergency Following Conti Cyber-Attack
The declaration came with IT systems across several ministries rendered unusableRead More: https://www.infosecurity-magazine.com/news/costa-rica-national-emergency/
The stakes 'could not be any higher': CISA chief talks about the tech challenges ahead
Security by design needs to be ingrained in software development and innovative thinking is required to help secure society against cyber attacks as technology become a bigger part of our
What Is RMM Software?
RMM software (short for Remote Monitoring and Management Software) is a software type used by IT professionals and organizations to remotely manage and monitor networks and endpoints. How Does RMM Software Work?
5 Questions with Juan Fernandez, CompTIA’s Council Leadership Award Winner
It’s not often that a CEO claims that the proudest moment in his career is… failure. Failure? Yup. But then again Juan Fernandez is not your ordinary business leader. The
Texas man gets 5 years for stealing 38,000 PayPal account credentials
Written by Suzanne Smalley May 12, 2022 | CYBERSCOOP A Texas man whom federal prosecutors say bought 38,000 compromised PayPal account credentials from an illegal online marketplace and used them
Top VPN Scams Revealed – Here’s What to Look Out for in 2022
The VPN scams discussed in this article may sound harmless to many but in reality, they are happening every day and causing a lot of damage. A VPN is a
Malware Builder Leverages Discord Webhooks
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. On April 23rd, 2022, a Discord user with the handle “Portu” began advertising a
Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Francesco Benvenuto and Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker
You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius
Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company’s attack surface and the “blast radius” of a potential attack. Lately, I’ve started wondering if the
South Asian Governments Targeted by Bitter APT Group
Bitter, an APT group reportedly engaged in cyber espionage activities, has been observed targeting the Bangladesh government by leveraging new malware that shows remote file execution functionalities. The campaign has
Nerbian RAT Malware, New Threat on The Market
Nerbian RAT, a novel malware variant that comes with a long list of capabilities, including the ability to avoid detection and analysis by security researchers, has been recently spotted. The
Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks
The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found. A newly discovered and complex remote access trojan (RAT)
Hackers Are Going After Managed Security Providers
Australia, Canada, New Zealand, the United Kingdom, and the United States are the members of the intelligence partnership known as the “Five Eyes,” sometimes abbreviated as “FVEY.” These nations are signatories
Government Initiative Promises Rapid Blocking of Scam Sites
Real-time data sharing with ISPs could stop fraud at scaleRead More: https://www.infosecurity-magazine.com/news/government-initiative-rapid/
Trustpilot Forced to Delete Millions of Fake Reviews in 2021
Persistent fraud threatens trust in e-commerceRead More: https://www.infosecurity-magazine.com/news/trustpilot-delete-millions-fake/
Quarter of Security Pros Say Mental Health Has Worsened
Over a fifth are “very stressed” at workRead More: https://www.infosecurity-magazine.com/news/quarter-security-pros-mental/
Beware of state actors stepping up attacks on managed service providers: Cyber agencies
Written by Chris Duckett, APAC Editor Chris Duckett APAC Editor Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer.
Microsoft Patch Tuesday: Fixes for 0-Day and 74 Other Flaws Released
The latest edition of Patch Tuesday offers fixes for 7 critical flaws, including 5 RCE (remote code execution) bugs and 2 EoP (elevation of privilege) flaws, and 67 other relatively
Google I/O: New security features include virtual credit cards, account safety status
Written by Jason Cipriani, Contributing Writer Jason Cipriani Contributing Writer Jason Cipriani is based out of beautiful Colorado and has been covering technology news and reviewing the latest gadgets as
British Man Charged With Hacking US Bank Computers, Stealing Millions
The 10-count complaint alleges Idris Dayo Mustapha used phishing and other means to obtain user credentialsRead More: https://www.infosecurity-magazine.com/news/british-charged-hacking-us-bank/
6 Legal and Free Streaming Services to Consider in 2022
The streaming industry is changing rapidly with new services popping up and others disappearing, it’s important to stay ahead of the curve. This article provides an overview of the top
U.S., allies warn of rising recent and future attacks on managed service providers
Written by AJ Vicens May 11, 2022 | CYBERSCOOP Cybersecurity authorities in the U.S., U.K., Australia, Canada and New Zealand released a joint advisory Wednesday warning that they “expect malicious
Legislator slams Biden administration for dialing back DOD cyber operation authorities
Written by Suzanne Smalley May 11, 2022 | CYBERSCOOP Cyberspace Solarium Commission Co-Chair Rep. Mike Gallagher lambasted the White House Wednesday, saying the decision to give the State Department more
How to delete your Twitter account and protect your data
Whether it’s because a move Twitter itself made that you’re not fond of, a decision to move to another platform instead, or you’ve just had enough of social media as
Ransomware is a national security threat, so please tell us about attacks, says government
Victims of ransomware attacks are being urged to come forward and report incidents in order to help prevent other companies being hit with what’s described as the biggest cybersecurity threat
Fake WHO Safety Emails on COVID-19 Dropping Nerbian RAT Across Europe
The novel Nerbian RAT (remote access trojan) is currently targeting’ entities in Spain, Italy, and the United Kingdom. Proofpoint’s security researchers have warned users of a new RAT dubbed Nerbian written in
Five Eyes Nations Issue New Supply Chain Security Advisory
The joint advisory is designed to enable transparent discussions between MSPs and their customers on securing sensitive dataRead More: https://www.infosecurity-magazine.com/news/five-eyes-supply-chain-security/
Most Brazilian companies don't pay to get data back after ransomware attacks
Written by Angelica Mari, Contributing Editor Angelica Mari Contributing Editor Angelica Mari is a Brazil-based technology journalist. She started working at age 15 as a computer instructor and started writing
How to delete yourself from internet search results and hide your identity online
Go incognito. Getty Images/iStockphoto There is now a very thin line, easily broken, which separates our physical and digital identities. Social networks have evolved from the days of MySpace to
SockDetour: the backdoor impacting U.S. defense contractors
SockDetour is a new backdoor identified by the Unit42 research team and found on U.S. defense contractors’ networks as a backup backdoor to maintain persistence and access. SockDetour is a
Cybersecurity has a desperate skills crisis. Rural America could have the answer
Written by Owen Hughes, Senior Editor Owen Hughes Senior Editor Owen is a senior editor at ZDNet. Based in London, UK, Owen covers software development, IT workforce trends and the
Biden Urges US Businesses to Bolster Cybersecurity Protection
Security Intelligence – Biden Urges US Businesses to Bolster Cybersecurity Protection Home / News Biden Urges US Businesses to Bolster Cybersecurity Protection Share President Joe Biden warned U.S. businesses of possible
A New Phishing-as-a-Service Toolkit Was Discovered
Phishing-as-a-service, often known as PhaaS, is a black-market industry in which trained cybercriminals offer access to the tools and information necessary to carry out a phishing assault in a manner
Intel Memory Bug Poses Risk for Hundreds of Products
Dell and HP were among the first to release patches and fixes for the bug. Chipmaker Intel is reporting a memory bug impacting microprocessor firmware used in “hundreds” of products.