My Space Box – Content from some of my favorite websites!

July 25, 2021 by Pierluigi Paganini

Threat actor offers Clubhouse secret database containing 3.8B phone numbers

A threat actor is offering for sale on hacking forums the secret database Clubhouse containing 3.8B phone numbers. Clubhouse is a social audio app for iOS and Android where users can communicate in voice chat rooms that accommodate groups of thousands of people. The audio-only app hosts live discussions, with opportunities to participate through speaking and listening. Conversations are prohibited by Clubhouse’s guidelines […]

The post Threat actor offers Clubhouse secret database containing 3.8B phone numbers appeared first on Security Affairs.

July 25, 2021 by Pierluigi Paganini

Crooks target Kubernetes installs via Argo Workflows to deploy miners

Threat actors target Kubernetes installs via Argo Workflows to cryptocurrency miners, security researchers from Intezer warn. Researchers from Intezer uncovered new attacks on Kubernetes (K8s) installs via misconfigured Argo Workflows aimed at deploying cryptocurrency miners. Argo Workflows is an open-source, container-native workflow engine designed to run on K8s clusters. The experts discovered Argo Workflows instances with […]

The post Crooks target Kubernetes installs via Argo Workflows to deploy miners appeared first on Security Affairs.

July 25, 2021 by Pierluigi Paganini

XCSSET MacOS malware targets Telegram, Google Chrome data and more

XCSSET macOS malware continues to evolve, now it is able to steal login information from multiple apps, including Telegram and Google Chrome. Security researchers from Trend Micro continues to monitor the evolution of the XCSSET macOS malware, new variants are able to steal login information from multiple apps, including Telegram and Google Chrome, and send […]

The post XCSSET MacOS malware targets Telegram, Google Chrome data and more appeared first on Security Affairs.

July 25, 2021 by Help Net Security

Week in review: HiveNightmare on Windows 10, Kaseya obtains REvil decryptor

Here’s an overview of some of last week’s most interesting news and articles: Kaseya obtains universal REvil decryptor There’s finally some good news for the MSPs and their customers that have been hit by the REvil ransomware gang via compr…

July 24, 2021 by Industry News

S&I releases AI building security management system built on Microsoft Azure

S&I Corporation has released “atxpert (‘at’+’expert’) AI Viewer”, a new AI building security management system based on Microsoft Azure, TnM Tech’s Ghost-I AI edge computing and Scenera’s NICE PaaS, a managed Kubernetes service built on…

July 24, 2021 by Ionut Ilascu

Microsoft shares mitigations for new PetitPotam NTLM relay attack

Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. […]

July 24, 2021 by Ionut Ilascu

Microsoft shares mitigations for new PetitPotam NTML relay attack

Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. […]

July 24, 2021 by Industry News

Trustwave partners with CISA and joins CISCP to help strengthen U.S. cybersecurity resiliency

Trustwave Government Solutions announced it has joined the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP). The overall mission of CISCP is to build cybersecurity resiliency and to har…

July 24, 2021 by Industry News

Ed Dubrovsky joins Qnext as Executive Cyber Advisor to the CEO and Board

Ed Dubrovsky, an information security expert and management executive who has built and led cyber consulting practices for nearly three decades, joins Qnext this month as Executive Cyber Advisor to the CEO and Board, it was announced by Qnext Corp. pre…

July 24, 2021 by Industry News

DigitSec appoints Phil Lepanto as VP of customer success

DigitSec announced it has added Phil Lepanto as vice president of customer success. The company also closed an oversubscribed seed round of financing led by New York-based K20 Fund and individual angel investors to enable highly effective security solu…

July 24, 2021 by Industry News

Department of Energy expands its CyberForce program to include more cyber defense events

The U.S. Department of Energy (DOE) CyberForce program is expanding this year to include more cyber competitions, webinars and career resources. Led by DOE’s Argonne National Laboratory, CyberForce aims to inspire and develop the next generation of ene…

July 24, 2021 by Industry News

Datadog gets AWS Government Competency status

Datadog announced that it has achieved Amazon Web Services (AWS) Government Competency status. This designation reflects Datadog’s deep experience working with government customers to deliver mission-critical workloads and applications on AWS. AW…

July 24, 2021 by Mayank Parmar

Microsoft’s fix for Windows 10 gaming issues is coming soon

With this release of Windows 10’s March 2021 updates and subsequent updates, some users have been experiencing performance issues when playing games. These gaming issues include decreased frame rate, stuttering in certain games, and flickering textures…

July 24, 2021 by BankInfoSecurity.com RSS Syndication

IoT Security Dangers Loom as Office Workers Return

Researchers: Home and Office Connected Devices Vulnerable to AttackWith corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have a huge task before them to ensure their work environment is safe. T…

July 24, 2021 by Howard Solomon

Cyber Security Today, Week in Review for Friday July 23, 2021

This episode looks at the proposed overhaul of Canada’s federal privacy law and why critics say it isn’t good enough

The post Cyber Security Today, Week in Review for Friday July 23, 2021 first appeared on IT World Canada.

July 24, 2021 by JR Raphael

10 Gboard shortcuts that’ll change how you type on Android

If there’s one thing we Android-totin’ pterodactyls take for granted, it’s just how good we’ve got it when it comes to typing out text on our pocket-sized phone machines.It’s all too easy to lose sight of over time, but Goog almighty, lemme tell ya:…

July 24, 2021 by Pierluigi Paganini

Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics

Japanese researchers spotted an Olympics-themed wiper targeting Japanese users ahead of the 2021 Tokyo Olympics. Tokyo Olympics could be a great opportunity for cybercriminals and malware authors, the US FBI warned private US companies of cyberattacks that might attempt to disrupt the 2021 Tokyo Olympics. Researchers from the Japanese security firm Mitsui Bussan Secure Directions (MBSD) […]

The post Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics appeared first on Security Affairs.

July 24, 2021 by Sergiu Gatlan

Windows 10 July security updates break printing on some systems

Microsoft says customers may experience printing and scanning issues on devices using smart card (PIV) authentication after installing July 2021 Windows 10 security updates on a domain controller (DC). […]

July 24, 2021 by Stephanie Kirchgaessner in Washington

Officials who are US allies among targets of NSO malware, says WhatsApp chief

Will Cathcart claims government officials around the world among 1,400 WhatsApp users targeted in 2019Senior government officials around the world – including individuals in high national security positions who are “allies of the US” – were targeted by…

July 23, 2021 by Troy Hunt

Weekly Update 253

This week, by popular demand, it’s Charlotte! Oh – and Scott. People had been asking for Charlotte for a while, so we finally decided to do a weekly update together on how she’s been transitioning from Mac to PC. Plus, she has to put up with

July 23, 2021 by Pierluigi Paganini

Obtaining password hashes of Windows systems with PetitPotam attack

A researcher found a flaw in Windows OS, tracked as PetitPotam, that can be exploited to force remote Windows machines to share their password hashes. Security researcher Gilles Lionel (aka Topotam) has discovered a vulnerability in the Windows operating system that allows an attacker to force remote Windows machines to authenticate and share their password hashes with […]

The post Obtaining password hashes of Windows systems with PetitPotam attack appeared first on Security Affairs.

July 23, 2021 by Industry News

Entrust adds automated key lifecycle management for AWS customers

Entrust announced cryptographic key lifecycle management functionality for customer-generated keys used in Amazon Web Services (AWS). This enables organizations to automate and extend control of their cryptographic keys across public clouds, enabling s…

July 23, 2021 by Industry News

Inseego Wavemaker PRO 2000e delivers throughput and reliability for industrial IoT and enterprise networks

Inseego introduced its Wavemaker PRO 2000e industrial gateway. Combining high-performance 5G with the 4G LTE capabilities, this solution delivers throughput and reliability for industrial IoT and enterprise networks. “We designed the S2000e to provide …

July 23, 2021 by Industry News

Nodle partners with ESTV to expand its reach into gaming and esports

Nodle announces a strategic partnership with ESTV, the global leader in eSports content streaming. With ESTV boasting over 29.6M unique viewers and 124.8M viewership minutes worldwide, the partnership looks to dramatically increase the reach of the Nod…

July 23, 2021 by Industry News

Flashpoint collaborates with Cybermerc to enhance its threat intelligence solution

Flashpoint announces a partnership with the Australian threat intelligence services provider Cybermerc. The partnership features a joint solution making Flashpoint’s advanced threat intelligence available in Cybermerc service offerings and acts as a va…

July 23, 2021 by Industry News

Sophos acquires Braintrace to provide better security outcomes to their MDR customers

Sophos announced that it has acquired Braintrace, further enhancing Sophos’ Adaptive Cybersecurity Ecosystem with Braintrace’s proprietary Network Detection and Response (NDR) technology. Braintrace’s NDR provides deep visibility into network traffic p…

July 23, 2021 by Industry News

Appgate participates in the implementation of a Zero Trust Architecture Project with NCCoE

Appgate announced its participation in the Implementing a Zero Trust Architecture Project with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) in collaboration with other key industry…

July 23, 2021 by Industry News

Immuta expands its leadership team with two key hires

Immuta announced two key hires focused on growth and strategic expansion on the heels of the company’s recent $90 million round of Series D funding, which brought total capital raised to $169 million. These executives will help further Immuta’s positio…

July 23, 2021 by Travis Taylor

Adam Levin Featured Cybersecurity Expert for News-Gazette

Adam Levin was a featured expert in a News-Gazette feature: “Big 10: What you need to know about cybersecurity.”
“Bottom line: Most of us know there is a problem, but everyone has yet to on-board a defensive, best-practice, solution-o…

July 23, 2021 by Becky Bracken

Discord CDN and API Abuses Drive Wave of Malware Detections

Targets of Discord malware expand far beyond gamers.

July 23, 2021 by Kyle Fiehler

Redundancy for resilience: The importance of layered protection in the cloud

At Carbonite + Webroot, we’re always preaching about the importance of layering security solutions. Because here’s the truth: data’s always at risk. Whether from cybercriminals, everyday mishaps or mother nature, businesses can put up all the defenses they want but disaster only has to successfully strike once. The global pandemic means more work is being […]

The post Redundancy for resilience: The importance of layered protection in the cloud appeared first on Webroot Blog.

July 23, 2021 by Bruce Schneier

Friday Squid Blogging: The Evolution of Squid

Good video about the evolutionary history of squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.

July 23, 2021 by Lawrence Abrams

New PetitPotam attack allows take over of Windows domains

A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain. […]

July 23, 2021 by Sergiu Gatlan

Fake Windows 11 installers now used to infect you with malware

Scammers are already taking advantage of the hype surrounding Microsoft’s next Windows release to push fake Windows 11 installers riddled with malware, adware, and other malicious tools. […]

July 23, 2021 by [email protected] (hgoslin)

What Will Cybersecurity Look Like Over the Next Five Years?

As a result of the Covid-19 pandemic, organizations in all industries ramped up their digital transformation efforts to make online operations easier for their employees and customers. But with more and more organizations online, the digital attack sur…

July 23, 2021 by Ionut Ilascu

MacOS malware steals Telegram accounts, Google Chrome data

Security researchers have published details about the method used by a strain of macOS malware to steal login information from multiple apps, enabling its operators to steal accounts. […]

July 23, 2021 by BankInfoSecurity.com RSS Syndication

Resiliency Is Key to Surviving a CDN Outage

Akamai Incident Highlights Risks of Relying on a Single ProviderA short-lived outage at the content delivery network supplier Akamai on Thursday which briefly knocked offline many corporate websites, is another indicator that companies need resiliency …

July 23, 2021 by Alex Restrepo

5 Steps to Improving Ransomware Resiliency

Alex Restrepo, cybersecurity researcher at Veritas, lays out the key concepts that organizations should be paying attention to now and implementing today.

July 23, 2021 by Tanner Johnson Principal Analyst, Data Security, Omdia

Biden Administration Responds to Geopolitical Cyber Threats

In response to growing concerns regarding the recent uptick in large-scale, nation-state-backed ransomware attacks on critical infrastructure, the Biden administration is taking new action to tackle the evolving challenges posed by ransomware attacks.

July 23, 2021 by Pierluigi Paganini

Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet.

Estonian hacker Pavel Tsurkan has pleaded guilty in a United States court to the counts of computer fraud and of creating and operating a proxy botnet. The Estonian national Pavel Tsurkan has pleaded guilty in a United States court to two counts of computer fraud and abuse. According to court documents, Pavel Tsurkan (33) operated […]

The post Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet. appeared first on Security Affairs.

July 23, 2021 by Lawrence Abrams

The Week in Ransomware – July 23rd 2021 – Kaseya decrypted

This week has quite a bit of news ranging from the USA formally accusing China of the recent ProxyLogon vulnerability and Kaseya mysteriously obtaining the universal decryption key. […]

July 23, 2021 by Sergiu Gatlan

Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots

Apple has rolled out iOS 14.7 earlier this week with security updates to address dozens of iOS and macOS vulnerabilities, including a severe iOS bug dubbed WiFiDemon that could lead to denial of service or arbitrary code execution. […]

July 23, 2021 by Mayank Parmar

Microsoft backtracks on Windows 11 using dark mode by default

During the Inspire event, Microsoft announced that it would ship commercial Windows 11 SKUs in dark mode by default to support remote work. A week later, the company is backtracking on this decision. […]

July 23, 2021 by Security on TechRepublic

How DuckDuckGo makes money selling search, not privacy

Commentary: DuckDuckGo is small by Google’s standards, but the company is proving it’s very possible to make a lot of money with just a bit more privacy.

July 23, 2021 by BankInfoSecurity.com RSS Syndication

Congress Focuses on Industrial Control System Security

Senate Bill Would Require CISA to Identify and Respond to ICS ThreatsA bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has a…

July 23, 2021 by Editor

Week in security with Tony Anscombe

URL shortener services distributing Android malware – Week in security with Tony Anscombe
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

July 23, 2021 by Paul Ducklin

US court gets UK Twitter hack suspect arrested in Spain

O, what a tangled web we weave/When first we practise to deceive!

July 23, 2021 by Tara Seals

FIN7’s Liquor Lure Compromises Law Firm with Backdoor

Using a lure relating to a lawsuit against the owner of Jack Daniels whiskey, the cybergang launched a campaign that may be bent on ransomware deployment.

July 23, 2021 by Graham Cluley

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands

Dutch police have arrested suspected members of a notorious cybercrime gang known as “Fraud Family,” following a spate of sophisticated phishing attacks that have targeted users in the Netherlands and Belgium.

Read more in my article on the Hot for …

July 23, 2021 by Jonny Evans

Apple admins get a new remote support option

Apple administrators in the enterprise and education markets now have a new remote access option thanks to a new integration between Addigy and Splashtop.Splashtop comes to Addigy
The move means Splashtop, which already has over 30 million users — …

July 23, 2021 by Ionut Arghire

Threat Actors Target Kubernetes Clusters via Argo Workflows

Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer.
read more

July 23, 2021 by BankInfoSecurity.com RSS Syndication

US Customs Apps Put Travelers’ PII at Risk

OIG Audit Shows Consumer Applications Inadequately ProtectedU.S. Customs and Border Protection has not always protected its Mobile Passport Control applications, making travelers’ personally identifiable information vulnerable to exploitation, accordin…

July 23, 2021 by Pragya Sehgal

RBC to launch innovation hub in Calgary, bring 300 new tech jobs

Royal Bank of Canada (RBC) will be welcoming 300 new technology employees at a new Calgary innovation hub scheduled to launch in September 2021.

The post RBC to launch innovation hub in Calgary, bring 300 new tech jobs first appeared on IT World Canada.

July 23, 2021 by Howard Solomon

Kaseya obtains ransomware decryptor to help VSA victims

Kaseya VSA customers struggling to recover from the REvil ransomware attack earlier this month have some good news: the company has received a decryptor to unscramble encrypted data. The company said Thursday it is helping impacted customers after obtaining the decryption tool from an unnamed third party. So far it has had no reports of […]

The post Kaseya obtains ransomware decryptor to help VSA victims first appeared on IT World Canada.

July 23, 2021 by Sergiu Gatlan

Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows

Threat actors are abusing misconfigured Argo Workflows instances to deploy cryptocurrency miners on Kubernetes (K8s) clusters. […]

July 23, 2021 by Eduard Kovacs

House Passes Several Critical Infrastructure Cybersecurity Bills

The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for state and local governments.
read more

July 23, 2021 by BankInfoSecurity.com RSS Syndication

ISMG Editors’ Panel: Examining the Pegasus Project

Discussion Also Addresses Telecom Security IssuesIn the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in t…

July 23, 2021 by Blog – CyberDB

How Web Scraping Can Enhance Cyber Security

The internet is heavily flooded with data. It could take a person several hours, or even days, and a considerable number of cups of coffee to sift through the data and ultimately reach actionable insights. For businesses leveraging a lot of data for market research, competitive price analysis, and other business applications, sifting through data […]

The post How Web Scraping Can Enhance Cyber Security appeared first on CyberDB.

July 23, 2021 by Kevin Townsend

TikTok fined €750,000 for Violating Children’s Privacy

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens – AP) announced Thursday that it has imposed a fine of €750,000 on TikTok “for violating the privacy of young children”. More specifically, TikTok failed to provide a privacy statement in…

July 23, 2021 by Ionut Arghire

Dutch Police Arrest Alleged Member of ‘Fraud Family’ Cybercrime Gang

Authorities in the Netherlands have arrested a 24-year-old believed to be a developer of phishing frameworks for a cybercrime ring named “Fraud Family.”
read more

July 23, 2021 by Pierluigi Paganini

Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach

WizCase’s team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities. Original post at https://www.wizcase.com/blog/us-municipality-breach-report/ This breach compromised citizens’ physical addresses, phone numbers, IDs, tax documents, and more. Due to the large number and various types […]

The post Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach appeared first on Security Affairs.

July 23, 2021 by Andra Andrioaie

DNS Global Outage Affected Websites and Online Services

A global DNS outage related to the Akamai company made quite a stir on Thursday. The outage took down many websites and online services among which we can list Salesforce, Google, Amazon, AWS, Newegg, and PlayStation Network. Who Is Akamai? Akamai stan…

July 23, 2021 by Bruce Schneier

Commercial Location Data Used to Out Priest

A Catholic priest was outed through commercially available surveillance data. Vice has a good analysis:

The news starkly demonstrates not only the inherent power of location data, but how the chance to wield that power has trickled down from corporations and intelligence agencies to essentially any sort of disgruntled, unscrupulous, or dangerous individual. A growing market of data brokers that collect and sell data from countless apps has made it so that anyone with a bit of cash and effort can figure out which phone in a so-called anonymized dataset belongs to a target, and abuse that information…

July 23, 2021 by Dora Tudor

Kaseya Managed to Obtain the Universal Decryptor After the REvil Ransomware Attack

Earlier this month REvil ransomware operation launched a massive attack by exploiting a zero-day vulnerability in Kaseya VSA remote management application and encrypting about sixty managed service providers and an estimated of 1,500 businesses. After …

July 23, 2021 by Antonia Din

Important News Websites Host Hardcore Porn After Vidme Domain Purchase

On Thursday, huge news websites around the world such as Huffington Post, New York magazine, The Washington Post, The Verge, and many others discovered that their stories are now showing porn videos instead of the once-embedded intended ones. The ludic…

July 23, 2021 by Cezarina Chirica

CNA’s Network Was Breached Via Fake Browser Update

CNA Financial, one of the largest American insurance companies, provides a broad range of standard and specialized property and casualty insurance products, as well as services for businesses and professionals in the U.S., Canada, Europe, and Asia. The…

July 23, 2021 by Ionut Arghire

Cyber Risk Management Firm Safe Security Raises $33 Million

Cyber risk measurement and mitigation platform provider Safe Security this week announced that it has received a $33 million strategic investment led by BT Group.
The funds, Safe Security says, will be used to double the size of its engineering team, a…

July 23, 2021 by BankInfoSecurity.com RSS Syndication

Alert for Ransomware Attack Victims: Here’s How to Respond

As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares ess…

July 23, 2021 by Ravie Lakshmanan

Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software

A malware known for targeting macOS operating system has been updated once again to add more features to its toolset that allows it to amass and exfiltrate sensitive data stored in a variety of apps, including apps such as Google Chrome and Telegram, a…

July 23, 2021 by Tara Seals

Kaseya Obtains Universal Decryptor for REvil Ransomware

The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it’s unclear if the ransom was paid.

July 23, 2021 by Howard Solomon

Cyber Security Today, July 23, 2021 – Sophos opens a Canadian data centre, people still fall for tech support scams and Amazon cuts off a controversial spyware company

This episode reports on the availability of a new Canadian data centre for users of Sophos products, a survey shows people still fall for tech support scams, Amazon cuts off a controversial spyware company and new figures on ransomware attacks

The post Cyber Security Today, July 23, 2021 – Sophos opens a Canadian data centre, people still fall for tech support scams and Amazon cuts off a controversial spyware company first appeared on IT World Canada.

July 23, 2021 by Pierluigi Paganini

What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It?

How businesses can benefit from the adoption of an identity and access management solution. Businesses that use outdated manual processes to grant and control access to their IT resources are getting left behind. This article describes what an identity and access management solution is and how it can benefit your business. Identity Is the New […]

The post What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It? appeared first on Security Affairs.

July 23, 2021 by Sergiu Gatlan

Twitter reveals surprisingly low two-factor auth (2FA) adoption rate

Twitter has revealed in its latest transparency report that only 2.3% of all active accounts have enabled at least one method of two-factor authentication (2FA) between July and December 2020. […]

July 23, 2021 by Ioana Rijnetu

The Free Security Tools & Software You Can Use for Your Online Protection

We are online and connected almost all the time. We might be shopping, relaxing or interacting with friends, paying bills, or learning a new skill. Regardless of our activity online, as long as we manage to stay protected when it comes to cyber threats…

July 23, 2021 by Eduard Kovacs

Industrial Cybersecurity Firm SynSaber Launches With $2.5M in Seed Funding

SynSaber, a new industrial cybersecurity company, announced its launch this week with $2.5 million in seed funding from SYN Ventures, Rally Ventures and Cyber Mentor Fund.
read more

July 23, 2021 by The Hacker News

Wake up! Identify API Vulnerabilities Proactively, From Production Back to Code

After more than 20 years in the making, now it’s official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing.
APIs have crucial roles to play in virtual…

July 23, 2021 by Ravie Lakshmanan

Dutch Police Arrest Two Hackers Tied to “Fraud Family” Cybercrime Ring

Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what’s …

July 23, 2021 by Ionut Arghire

Estonian Botnet Operator Pleads Guilty in U.S. Court

An Estonian national has pleaded guilty in a United States court to two counts of computer fraud and abuse over his role in creating and operating a proxy botnet.
read more

July 23, 2021 by Katharine Viner

The Pegasus project: why investigations like this are at the heart of the Guardian’s mission

Guardian editor-in-chief Katharine Viner reflects on our recent investigation into NSO Group, which sells hacking spyware used by governments around the world, and explains why journalism like this is so vital When the Guardian’s head of investigations…

July 23, 2021 by Stephanie Kirchgaessner

How NSO became the company whose software can spy on the world

The Pegasus project has raised new concerns about the Israeli firm, which is a world leader in the niche surveillance marketIn 2019, when NSO Group was facing intense scrutiny, new investors in the Israeli surveillance company were on a PR offensive to…

July 23, 2021 by Paul Gillin

Avoid calendar clashes with a new breed of scheduling apps

What’s the longest it has ever taken you to schedule a meeting? I can recall being on email chains that lasted weeks, with 60 or more replies-to-all flying around to a dozen people. As soon as everyone agrees on a time, of course, someone’s schedule…

July 23, 2021 by Graham Cluley

Kaseya offers universal decryptor to customers following ransomware attack

IT service firm Kaseya says that it has “obtained” a universal decryptor for customers hit by the REvil ransomware gang earlier this month. REvil had earlier offered to sell the decryptor for $70 million…

July 23, 2021 by Paul Cucu

All About Rootkits. Definition, Types, Detection, Prevention

In this article, we will discuss the functionality of a rootkit, go through classifications, detection methodologies, and, of course, rootkit prevention. What is a Rootkit? Rootkits are malicious computer programs designed to infiltrate a machine for t…

July 23, 2021 by Pierluigi Paganini

Kaseya obtained a universal decryptor for REvil ransomware attack

The software provider Kaseya announced to have obtained a universal decryptor for the REvil ransomware. Earlier this month, a massive supply chain attack conducted by the REvil ransomware gang hit the cloud-based managed service provider platform Kaseya, impacting both other MSPs using its VSA software and their customers. The VSA tool is used by MSPs to perform […]

The post Kaseya obtained a universal decryptor for REvil ransomware attack appeared first on Security Affairs.

July 23, 2021 by Ed Tittel

How to fix a frozen Start menu or taskbar in Windows 10

From time to time, certain key elements in the Windows 10 user interface go dormant. You click on or touch the Start menu icon, or other icons in the taskbar, and nothing happens. Keep trying, and nothing keeps happening. This can be anywhere from frus…

July 23, 2021 by Zeljka Zorz

Kaseya obtains universal REvil decryptor

There’s finally some good news for the MSPs and their customers that have been hit by the REvil ransomware gang via compromised Kaseya VSA software: a universal decryptor has made it available to affected organizations. “We can confirm that…

July 23, 2021 by BankInfoSecurity.com RSS Syndication

Analysis: Implications of the Pegasus Spyware Investigation

This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group’s Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state – and discussion of whethe…

July 23, 2021 by BankInfoSecurity.com RSS Syndication

Saudi Aramco Traces Data Leak to Attack on Supplier

Extortionists Demand $50 Million – Payable in Monero Cryptocurrency – From Oil GiantSaudi Aramco, one of the world’s largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached. Extortionists ar…

July 23, 2021 by Rob Enderle

Cisco and the future of collaboration: What’s to come?

Disclosure: Cisco is a client of the author.Cisco (working with Forbes) this week put together a panel of experts to talk about the future of collaboration. The panelists included Mike DeFrino, CEO of Kimpton Hotels & Restaurants; Edward Wagoner…

July 23, 2021 by Phil Muncaster

Protecting the hybrid workplace through Zero Trust security

The Zero Trust architecture offers an increasingly popular way to minimize cyber-risk in a world of hybrid cloud, flexible working and persistent threat actors.
The post Protecting the hybrid workplace through Zero Trust security appeared first on WeLi…

July 23, 2021 by BankInfoSecurity.com RSS Syndication

Kaseya Obtains Decryption Tool After REvil Ransomware Hit

Software Vendor Said Approximately 60 MSPs and 1,500 Clients Affected by AttackRemote management software vendor Kaseya has obtained a decryption tool for all organizations affected by the massive ransomware attack launched via its software. The tool s…

July 23, 2021 by Eduard Kovacs

Kaseya Obtains Universal Decryptor for Ransomware Attack Victims

IT management software maker Kaseya on Thursday said it obtained a universal decryptor that should allow victims of the recent ransomware attack to recover their files.
read more

July 23, 2021 by Proofpoint News Feed

Proofpoint Stockholders Approve Acquisition by Thoma Bravo

Read More

July 23, 2021 by BankInfoSecurity.com RSS Syndication

Analysis: The Implications of Spyware Investigation

This edition of the ISMG Security Report features an analysis of an investigation of the use of NSO Group’s Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state – and a discussion of whether the …

July 23, 2021 by Alina Georgiana Petcu

Ransomware Payouts in Review. Highest Payments, Trends & Stats

Ransomware has come to be a customary instrument in the arsenal of cybercriminals who routinely attack individuals and organizations. Under such circumstances, their victims experience financial damage either by owning up to large ransomware payouts or…

July 22, 2021 by Pierluigi Paganini

Threat Report Portugal: Q2 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from April to June, Q2, of 2021 The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and is also supported […]

The post Threat Report Portugal: Q2 2021 appeared first on Security Affairs.

July 22, 2021 by Ax Sharma

Major news sites serve porn after vid.me domain takeover

Major news sites including The Washington Post, New York Magazine, and HuffPost, saw their stories now displaying porn videos instead of the once-embedded intended ones. The fiasco happened as prominent websites relied on the now-defunct domain vid.me …

July 22, 2021 by Pierluigi Paganini

Akamai software update triggered a bug that took offline major sites

Multiple major websites, including Steam, AWS, Amazon, Google, and Salesforce, went offline due to Akamai DNS global outage. A software configuration update triggered a bug in the Akamai DNS which took offline major websites, including Steam, the PlayStation Network, AWS, Google, and Salesforce. “A software configuration update triggered a bug in the DNS (domain name […]

The post Akamai software update triggered a bug that took offline major sites appeared first on Security Affairs.