Facebook gives Kazakhstan government direct access to content reporting system
Facebook parent company Meta has granted the Kazakhstan government direct access to its content reporting system, as part of a joint agreement to work on removing content that is deemed
#WebSummit2021: Facebook Whistleblower Denounces Meta Rebrand and Calls for Zuckerberg to Step Down
#WebSummit2021: Facebook Whistleblower Denounces Meta Rebrand and Calls for Zuckerberg to Step Down Facebook prioritizes profits over user safety, according to whistleblower and former Facebook employee, Frances Haugen. She took
Facebook targets Nicaraguan government for alleged 'troll farm' campaign
Facebook announced on Monday that it shut down a “troll farm” allegedly run by the government of Nicaragua and the Sandinista National Liberation Front (FSLN) party. Nicaraguan President Daniel Ortega
CrowdStrike acquires SaaS-based cybersecurity service SecureCircle
CrowdStrike announced on Monday that it acquired SaaS-based cybersecurity service SecureCircle in an all-cash deal expected to close during the company’s fiscal fourth quarter. Terms of the deal were not
Facebook accuses Nicaraguan government of running hundreds of fake accounts to target opposition
Written by AJ Vicens Nov 1, 2021 | CYBERSCOOP Nicaragua’s government has, for years, weaponized Facebook to try to discredit student protesters and boost official narratives, new findings show. Facebook’s
Cring ransomware continues assault on industrial organizations with aging applications, VPNs
The Cring ransomware group continues to make a name for itself through attacks on aging ColdFusion servers and VPNs after emerging earlier this year. Experts like Digital Shadows Sean Nikkel
Cyber-Incident at South Carolina School District
Cyber-Incident at South Carolina School District A school district in South Carolina is investigating a "cyber-incident" that it says impacted hundreds of staff computers. On October 4, some of the
Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion
An alleged sports content pirate is accused of not only hijacking leagues’ streams but also threatening to tell reporters how he accessed their systems. Demanding payment in exchange for not
California Health Network Reports Data Breach
California Health Network Reports Data Breach Cyber-criminals may have accessed the protected health information (PHI) of hundreds of thousands of patients of a network of community health centers based in
Venmo to Reimburse Hacking Victims
Venmo to Reimburse Hacking Victims Mobile payment service Venmo has come to the aid of a couple from Florida whose entire bank account was emptied by hackers. Cyber-thieves stole $19,500 from retired
Ransomware decryptor roundup: BlackByte, Atom Silo, LockFile, Babuk decryptors released
ZDNet Recommends Ransomware decryptors for the BlackByte, Atom Silo, LockFile and Babuk strains were released over the last two weeks, highlighting some amount of progress in the fight against a
Continued uncertainty forces attention on securing relationships in 2022
In Forrester’s Predictions blog last year, our security team talked about 2021 as “the transition to a new normal.” It hasn’t quite worked out that way — as the Delta variant
Heimdal™ Reverses New GLS Credit Card Fraud Campaign and Potentially Has Picture of Head Attacker
A new GLS Spam campaign is underway. It works via an e-mail that informs the victim about some details that need to be filled out for a certain shipment. The email
‘Trojan Source’ Hides Invisible Bugs in Source Code
The old RLO trick of exploiting how Unicode handles script ordering and a related homoglyph attack can imperceptibly switch the real name of malware. Researchers have found a new way
Trojan Source attack lets hackers exploit source code
Trojan Source attack impacts all popular programming language compilers, such as C, C++, C#, Java, JavaScript, Python, Rust, and Go. A research paper published by Cambridge University researchers Ross Anderson
Man Accused of Streaming Illegal Re-broadcasts of MLB, NBA, and Others
The U.S. Attorney’s Office for the Southern District of New York has accused a 30-years-old Minnesota man of illegally broadcasting sports games from MLB, NBA, NFL, and NHL over the
Snake Malware Used in Multiple Campaigns
The Snake password-stealing trojan that has been functioning since November 2020 is becoming increasingly prevalent among cybercriminals, becoming one of the most often exploited malware families in cyberattacks. A Look
All About Ring’s New Virtual Security Guard
Curious about Ring Security’s newest innovation in home security? Here is the rundown on Ring’s new Virtual Security Guard, a home security alarm with real people behind the screens monitoring
This sneaky trick could allow attackers to hide 'invisible' vulnerabilities in code
If you’re using the Rust programming language — or JavaScript, Java, Go or Python — in a project, you may want to check for potential differences between reviewed code versus
10 Free and Best OSINT Tools 2021
OSINT or Open source intelligence refers to information about businesses or people that can be collected from online sources. However, it requires tools to do so, and here are the
Ransomware strikes Toronto transit system, disrupting some services
Written by Tim Starks Nov 1, 2021 | CYBERSCOOP A ransomware attack on Toronto’s transit agency knocked some systems offline over the weekend, an incident that occurred days after another
iOS 15, Windows 10 and Google Chrome Hacked During the Tianfu Cup Contest
During the weekend of 16th -17th October, a hacking competition took place in China, more specifically in Chengdu’s Sichuan province. The most prestigious and biggest competition in this sense in
How Threat Hunting Can Protect the Healthcare Industry
There’s been no slowdown when it comes to healthcare-related security breaches. For the 12 months through July 2021, 706 healthcare data breaches (of 500 or more records) were reported to
Inside 1,602 pentests: Common vulnerabilities, findings and fixes
Infosec Institute – Each year, Cobalt releases its State of Pentesting report, which extracts trends and statistics about the state of security from penetration testing engagements on its platform. This
Minecraft Alt Lists Used by Chaos Ransomware
Chaos ransomware is an in-development ransomware builder that is being advertised as the latest iteration of Ryuk on underground hacker forums. Fake Minecraft alt lists published on gaming forums are used
Hive Ransomware Now Encrypts Linux and FreeBSD Operating Systems
The double-extortion ransomware group dubbed Hive also encrypts Linux and FreeBSD with new malware versions designed specifically for these operating systems. According to ESET, a Slovak internet security company that
Microsoft: This macOS flaw could have let attackers install undetectable malware
Apple has patched a security flaw in macOS that Microsoft researchers found could be used to install a malicious kernel driver, otherwise known as a ‘rootkit’. The flaw resided
BlackMatter Group Speeds Up Data Theft with New Tool
BlackMatter Group Speeds Up Data Theft with New Tool Security researchers have discovered a new data exfiltration tool designed to accelerate information theft for ransomware groups using the BlackMatter variant.
Conti Group Leak Celebs' Data After Ransom Attack on Jeweller
Conti Group Leak Celebs' Data After Ransom Attack on Jeweller Data on countless celebrities, politicians and heads of state appear to be in the hands of ransomware actors after a
Euro Police Swoop on 12 Suspected Ransomware Gang Members
Euro Police Swoop on 12 Suspected Ransomware Gang Members Twelve threat actors were singled out by Europol last week in a major ransomware operation targeting multiple organized crime groups. The
Signal unveils how far US law enforcement will go to get information about people
Image: Getty Images Signal has released the details of a search warrant it received from police in Santa Clara, California, unveiling the efforts US law enforcement authorities will undertake to
None of NSW's lead cluster agencies have implemented all Essential Eight controls
Image: Audit Office of New South Wales The cybersecurity policy for New South Wales government agencies is not sufficiently robust which is a cause for “significant concern”, according to the
China's personal data protection law kicks in today
China’s Personal Information Protection Law (PIPL) is now in force, laying out ground rules around how data is collected, used, and stored. It also outlines data processing requirements for companies
How to transform compliance training into a catalyst for behavior change
Inflection Point Systems was tasked with strengthening cybersecurity education for their 200-plus employees across the U.S. and Mexico. The result? A major shift in employee behaviors and recognition as an
Fortinet warns of Black Friday scams involving PS5s, Xboxes and fake Amazon gift card generators that steal crypto
Fortinet’s FortiGuard Labs has discovered a new scam using the lure of an Amazon gift card generator to steal cryptocurrency from people. Researchers with FortiGuard Labs said they found a
Mozilla Firefox joins browsers implementing Global Privacy Control
Mozilla has become the latest browser to test the waters in incorporating the Global Privacy Control in Firefox this week, calling itself “the first major web browser” to do so.
TA575 criminal group using 'Squid Game' lures for Dridex malware
Cybersecurity firm Proofpoint has found evidence of a prolific cybercrime group using the popularity of Netflix hit “Squid Game” to spread the Dridex malware. In a blog post, Proofpoint said
Michigan police execute warrant looking for missing election equipment
Written by AJ Vicens Oct 29, 2021 | CYBERSCOOP The Michigan State Police launched a criminal investigation this week after a piece of election equipment went missing. The inquiry comes
Minnesotan Charged with Hacking Pro Sports Leagues
Minnesotan Charged with Hacking Pro Sports Leagues A man from Minnesota has been charged with hacking four major American professional sports leagues and defrauding them of millions of dollars by illegally streaming
Cerberus Sentinel Acquires RED74
Cerberus Sentinel Acquires RED74 RED74, a managed security services provider based in New Jersey, has been acquired by cybersecurity consulting and managed services firm Cerberus Cyber Sentinel Corporation. The financial terms of the
The best free VPNs: Why they don't exist
TANSTAAFL. If you’ve read your Heinlein, you know it’s an acronym for “There ain’t no such thing as a free lunch.” That phrase has actually been around since the days
FBI Raids Chinese Payment-Terminal Company
FBI Raids Chinese Payment-Terminal Company Law enforcement agencies in the United States have searched the Florida premises of a Chinese payment-terminal provider. A warehouse and offices belonging to multinational Pax Technology were
Let's Encrypt explains last month's outages caused by certificate expiration
Dozens of websites and services reported issues late last month thanks to the expiration of a root certificate provided by Let’s Encrypt, one of the largest providers of HTTPS certificates.
How much can you make with an associate in cybersecurity?
An associate degree in cybersecurity gives you the knowledge and skills to work on the front lines of electronic data safety while taking home a lucrative salary. The degree also
Google Chrome is Abused to Deliver Malware as ‘Legit’ Win 10 App
Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency. Crooks behind a newly
A New Zero-day Vulnerability Is Impacting All Windows Versions
A security researcher recently revealed technical details for a zero-day privilege elevation vulnerability in Windows and also a public proof-of-concept (PoC) exploit that provides SYSTEM access under certain settings. As
New Malware Dubbed AbstractEmu Goes Undetected
A new malware was detected. Named by security researchers AbstractEmu, its attack methods consist of the use of anti-emulation checks and also code abstraction techniques. All these can result in
US charges alleged extortionist, HeheStreams operator with demanding $150k from MLB
Written by Jeff Stone Oct 29, 2021 | CYBERSCOOP U.S. prosecutors have charged a 30-year-old man with attempting to extort Major League Baseball and broadcasting illegal game streams after he