Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. Bleeping Computer, citing Emsisoft CTO Fabian Wosar, reported that the Macaw […]

The post Evil Corp rebrands their ransomware, this time is the Macaw Locker appeared first on Security Affairs.

Read More Evil Corp rebrands their ransomware, this time is the Macaw Locker

A vulnerability in the WinRAR is a trialware file archiver utility for Windows could be exploited by a remote attacker to hack a system. Positive Technologies researcher Igor Sak-Sakovskiy discovered a remote code execution vulnerability, tracked as CVE-2021-35052, in the popular WinRAR trialware file archiver utility for Windows. The vulnerability affects the trial version of […]

The post A flaw in WinRAR could lead to remote code execution appeared first on Security Affairs.

Read More A flaw in WinRAR could lead to remote code execution

In 2020 we heard a lot of talk about digital transformation. But too often it was just talk – a 2018 McKinsey survey found that while 85 per cent of respondents wanted their business to be digital, less than 20 per cent said they actually were. A second McKinsey study from 2019 found that companies […]

The post Learn how to turn digital transformation promise into results first appeared on IT World Canada.

Read More Learn how to turn digital transformation promise into results

The United States Department of Justice sentenced two individuals that were providing bulletproof hosting to various malware operations. The United States Department of Justice sentenced to prison two individuals involved in providing bulletproof hosting to various malware operations, including Citadel, SpyEye, Zeus, and the Blackhole exploit kit. The two individuals, Aleksandr Skorodumov (33) of Lithuania, […]

The post Administrators of bulletproof hosting sentenced to prison in the US appeared first on Security Affairs.

Read More Administrators of bulletproof hosting sentenced to prison in the US

A phishing kit built using pieces of code copied from other kits, some available for sale through publicly accessible scam sellers or are reused and repackaged by other kit resellers, provides rich insight into the state of the economy that drives phishing and email threats today.

The post Franken-phish: TodayZoo built from other phishing kits appeared first on Microsoft Security Blog.

Read More Franken-phish: TodayZoo built from other phishing kits

The Bureau of Industry and Security (BIS) supports the US national security, foreign policy, and economic objectives by maintaining an effective export control and treaty compliance system and encouraging continuing US leadership in key technology. The…

Read More The United States Government Will Ban the Reselling of Potentially Hacking Tools to Authoritarian Regimes

Roger Grimes on why multifactor authentication isn’t a panacea:

The first time I heard of this issue was from a Midwest CEO. His organization had been hit by ransomware to the tune of $10M. Operationally, they were still recovering nearly a year later. And, embarrassingly, it was his most trusted VP who let the attackers in. It turns out that the VP had approved over 10 different push-based messages for logins that he was not involved in. When the VP was asked why he approved logins for logins he was not actually doing, his response was, “They (IT) told me that I needed to click on Approve when the message appeared!”…

Read More Problems with Multifactor Authentication

The need for experienced and qualified cyber security professionals is a highlight of Cybersecurity Career Awareness Week, led by NICE (National Initiative for Cybersecurity Education). This campaign is part of Cybersecurity Awareness Month 2021, which is focused on empowering individuals and organisations to “own their role in protecting their part of cyberspace”. UK skills gap The UK government’s Cyber security skills in the UK labour market 2021 report estimates that approximately 680,000 UK businesses (50% of those surveyed) have a basic skills gap. This includes individuals in charge of cyber security who “lack the confidence to carry out the kinds

The post Building cyber security careers appeared first on IT Governance UK Blog.

Read More Building cyber security careers

With files from Samira Balsara Facebook is planning a name change, Google plans to add a new feature to its Play Store, and Instagram users will finally be able to make posts via desktop. It’s all the tech news that’s trending right now, welcome to Hashtag Trending! It’s Thursday, October 21, and I’m your host, […]

The post Hashtag Trending Oct. 21- Facebook’s Name Change; New Play Store Security Feature; Instagram Posts from Desktop first appeared on IT World Canada.

Read More Hashtag Trending Oct. 21- Facebook’s Name Change; New Play Store Security Feature; Instagram Posts from Desktop

The Commerce Department’s Bureau of Industry and Security (BIS) would ban U.S. firms from selling hacking tools to authoritarian regimes. The Commerce Department’s Bureau of Industry and Security (BIS) would introduce a new export control rule aimed at banning the export or resale of hacking tools to authoritarian regimes.  The rule announced by the BIS […]

The post US Bureau of Industry and Security bans export of hacking tools to authoritarian regimes appeared first on Security Affairs.

Read More US Bureau of Industry and Security bans export of hacking tools to authoritarian regimes

Threat actors are continually looking for better ways to target organizations, here are the top five attack vectors to look out for in 2022. Malicious actors are continually looking for better ways to carry out successful cyber attacks. Whether motivated by a potential payday or the ability to access confidential information, cybercriminals have plenty of […]

The post Top 5 Attack Vectors to Look Out For in 2022 appeared first on Security Affairs.

Read More Top 5 Attack Vectors to Look Out For in 2022