State Department cyber strategy emphasizes proactively hunting for threats
Written by Suzanne Smalley Jun 27, 2022 | CYBERSCOOP The State Department Bureau of Intelligence and Research (INR) released a cybersecurity strategy Monday meant to address what the bureau’s chief
Chinese Researchers Find Critical Security Flaws in CoDeSys Automation Software
Vulnerabilities could allow attackers to gain unauthorized access to company resources or carry out denial-of-service attacksRead More: https://www.infosecurity-magazine.com/news/researchers-critical-flaws-codesys/
Hacking gets dangerously real: 8 cybersecurity predictions to watch out for
Getty Images/Nitat Termmee Many businesses will fail to see the benefits of their zero trust efforts over the next few years, while legislation around paying off ransomware gangs will be
Final Call for Views on Government App Security Proposals
The cybersecurity industry has until Wednesday, June 29, to submit views on a proposed code of practice for app store operators and developersRead More: https://www.infosecurity-magazine.com/news/call-views-government-app-security/
Fake Copyright Emails Used to Deploy LockBit Ransomware
The LockBit ransomware is a kind of malicious software that is aimed to prevent users’ access to computer systems in return for a ransom payment. LockBit works by scanning a
Global Police Crack Down on Online Sexual Exploitation
French, Spanish, Portuguese and Brazilian cops take actionRead More: https://www.infosecurity-magazine.com/news/police-crack-online-sexual/
CafePress Fined $500,000 After Massive Data Breach
FTC also demands major security improvements Read More: https://www.infosecurity-magazine.com/news/cafepress-fined-500k-massive-data/
Snoopers’ Charter Ruled Partially Unlawful
Win for rights groups means bad news for security servicesRead More: https://www.infosecurity-magazine.com/news/snoopers-charter-ruled-partially/
Scammer Who Used Info of Riot Games’ Co-Founder to Mine Crypto is Jailed
The Singaporean identity fraud scammer also tricked Google and Amazon Web Services (AWS) into providing $5.4 million worth of cloud computing services by using the personal details of the co-founder
Conti vs. LockBit: A Comparative Analysis of Ransomware Groups
Trend Micro – Conti vs. LockBit: A Comparative Analysis of Ransomware Groups Ransomware We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis
Study for certified cybersecurity expert exams with this $49 training
StackCommerce The following content is brought to you by ZDNet partners. If you buy a product featured here, we may earn an affiliate commission or other compensation. ZDNet Recommends Cybersecurity
Launch a cybersecurity career with this $39 boot camp on risk management
StackCommerce The following content is brought to you by ZDNet partners. If you buy a product featured here, we may earn an affiliate commission or other compensation. ZDNet Recommends From
Hackers Exploit Harmony’s Horizon Blockchain Bridge to Steal $100 Million
The main bridge of layer-1 blockchain between Binance Chain, Ethereum, and Bitcoin was exploited, but the BTC bridge isn’t impacted. Harmony’s Horizon Bridge is the latest to be hacked. According
Technology-enabled abuse: how ‘safety by design’ can reduce stalking and domestic violence
Padlokr – Bridget Harris, Queensland University of Technology Mobile phones and online technologies are frequently used by perpetrators of domestic and family violence to coerce, control and restrict the freedoms
Spyware: why the booming surveillance tech industry is vulnerable to corruption and abuse
Padlokr – Christian Kemp, Anglia Ruskin University The world’s most sophisticated commercially available spyware may be being abused, according to an investigation by 17 media organisations in ten countries. Intelligence
Cyberattacks to critical infrastructure threaten our safety and well-being
Padlokr – Our critical infrastructures are growing increasingly complex as the number of devices and connections in these systems continues to grow. (Shutterstock) Jason Jaskolka, Carleton University What would happen
Prepare for Your Salesforce Certified OmniStudio-Developer Exam
The Salesforce OmniStudio Developer certification is specifically designed for those candidates who have skills, experience, and knowledge about developing cloud applications by using tools powered by OmniStudio. These include the
Threat Roundup for June 17 to June 24
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 17 and June 24. As with previous roundups, this post isn’t meant to be an
ISPs Helping Attackers Install Hermit Spyware on Smartphones- Google
According to Google, Italian spyware provider RCS Labs received support from several Internet Service Providers (ISPs) to distribute Hermit spyware on iOS and Android smartphones in Kazakhstan and Italy. Google
#InfosecurityEurope2022: Preparing for Future Challenges and Opportunities
The closing keynote panel explored how we can anticipate the future of cybercrimeRead More: https://www.infosecurity-magazine.com/news/infosecurityeurope2022-future/
#InfosecurityEurope2022: The Interactivity Between Nation-State Attackers and Organized Crime Gangs
Geoff White also touched upon the emerging world of cryptocurrency theftRead More: https://www.infosecurity-magazine.com/news/infosecurityeurope2022-crime-gangs/
#InfosecurityEurope2022: Security awareness must be in the moment
Annual or quarterly security training will not protect organizations from phishing and other human threatsRead More: https://www.infosecurity-magazine.com/news/infosecurityeurope2022-awareness/
A Comprehensive Guide to Security Assertion Markup Language (SAML)
SAML, which stands for Security Assertion Markup Language, is an open federation standard that enables users to be authenticated by an identity provider (IdP), who may then provide an authentication
How to Mitigate Ransomware?
Nowadays, the majority of chief information security officers (CISOs) are most concerned about ransomware, which has emerged as one of the biggest security threats. Ransomware attacks not only affect large
US watchdog is worried cyber insurance won't cover 'catastrophic cyberattacks'
The cyber insurance market has matured fast in recent years but it may fall short when it comes to certain major attacks, the US government spending watchdog has warned. The
How vulnerable is your personal information? 4 essential reads
Padlokr – Chances are some of your data has already been stolen, but that doesn’t mean you should shrug data breaches off. WhataWin/iStock via Getty Images Eric Smalley, The Conversation
What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake
Padlokr – A vulnerability in Log4j, a humble but widespread piece of software, has put millions of computers at risk. SOPA Images/LightRocket via Getty Images Santiago Torres-Arias, Purdue University Log4Shell,
Considering buying a smart device? To protect your security, ask yourself these five questions
Padlokr – Iain Nash, Queen Mary University of London Houses are getting smarter: smart thermostats manage our heating, while smart fridges can monitor our food consumption and help us order
What is a Hotfix? Definition, Challenges, and Best Practices
Welcome back to the wondrous world of patch management. Today we’re going to clear the air a bit by deliberating about hotfixes (not hot flashes). So, what is a hotfix?
Google details commercial spyware that targets both Android and iOS devices
Google has warned of an enterprise-grade spyware strain targeting Android and iOS mobile device users. According to Google Threat Analysis Group (TAG) researchers Benoit Sevens and Clement Lecigne, as well
Scalper bots are snapping up appointments for government services in Israel
Image: Getty Images Scalper bots are causing chaos for the Israeli government by trying to turn access to public services into a cash cow. Bots, otherwise known as web robots,
Chinese Hackers Distributing Nim language Malware in SMS Bomber Tool
This newly discovered malware campaign is attributed to a Chinese hacking group called Tropic Trooper. Cybersecurity researchers at Check Point have shared details of a new malware campaign suspected to be launched
CISA: Hackers are still using Log4Shell to breach networks, so patch your systems
The flaw in the application-logging component Log4j known as “Log4Shell” should have been patched by organisations months ago, but some systems that haven’t been patched with available updates are still
Users in Italy and Kazakhstan Targeted by Spyware Provider
For many years, Google has been monitoring the activity of commercial spyware sellers and in conjunction with Google’s Project Zero, discovered the fact that RCS Labs, an Italian vendor, utilizes unusual
Open Source Threat Intelligence Platform – Best Alternatives for Your Company [2022]
The technology that Threat Intelligence Platforms (TIP) employ allows companies to gather, aggregate, and manage threat intelligence data from a variety of sources and formats. The information on already known
Google Warns Spyware Being Deployed Against Android, iOS Users
The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs. Google is warning victims in Kazakhstan and Italy
When I reset my Windows PC, I ended up with Home edition. How do I get my Pro upgrade back? [Ask ZDNet]
Relax: If you reinstall Windows Pro, the activation servers will restore the activation without a squawk. Getty Images Welcome to the latest installment of Ask ZDNet, where we answer the
iPhone users: Google Chrome browser on iOS is getting these five new features
Image: Maria Diaz / ZDNet Google has updated Chrome for iOS so that it can automatically fill in the password for any app and is bringing four other features to
Conti Group Compromised 40 Firms in Just One Month
Defunct ransomware operation was one of the most aggressiveRead More: https://www.infosecurity-magazine.com/news/conti-group-compromised-40-firms/
Unsecured APIs Could Be Costing Firms $75bn Per Year
New research uncovers major enterprise security gapsRead More: https://www.infosecurity-magazine.com/news/unsecured-apis-could-costing-firms/
Euro Police Target Gangs Grooming Ukrainian Refugees Online
Fifteen new investigations opened after reports of human traffickingRead More: https://www.infosecurity-magazine.com/news/euro-police-grooming-ukrainian/
Private Network 5G Security Risks & Vulnerabilities
Trend Micro – The move towards 5G is accelerating as enterprises seek greater security, flexibility, and reliability in 5G than earlier cellular, wireless, or wired connectivity. And while the underlying
#InfosecurityEurope2022: How Should SMEs Defend Against Cyber-Risks?
A panel of experts discussed practical strategies to implement security on a budgetRead More: https://www.infosecurity-magazine.com/news/infosecurityeurope2022-smes/
5 Ways to Be an Ally with Your LGBTQIA+ Colleagues at Work
Pride Month is a time to reflect and uplift our LGBTQIA+ peers and honor queer folx who have blazed a trail for freedom. We’re all pretty cool people and it’s
#InfosecurityEurope2022: Lawyers Update Security for New Ways of Working
Securing end points is just one challenge facing firms in the legal sectorRead More: https://www.infosecurity-magazine.com/news/infosecurityeurope2022-lawyers/
#InfosecurityEurope2022: Actions Not Words – Hacking the Human Through Social Engineering
Securing endpoints is just one challenge facing firms in the legal sectorRead More: https://www.infosecurity-magazine.com/news/infosecurityeurope2022-hacking/
#InfosecurityEurope2022: Disinformation Warfare – How Do We Tackle Fake News?
Ian Hill hosted a roundtable discussion on disinformation warfareRead More: https://www.infosecurity-magazine.com/news/infosecurityeurope2022-1/
Google reveals sophisticated Italian spyware campaign targeting victims in Italy, Kazakhstan
Written by AJ Vicens Jun 23, 2022 | CYBERSCOOP The little-known Italian spyware firm RCS Labs worked with unnamed internet service providers to install malicious apps on targets’ phones in