Top

Tag: Featured


Cyber-crime, Email security, Phishing, Security

Phishers go after business email credentials by impersonating U.S. DOL

January 19, 2022

Via: Help Net Security

Phishers are trying to harvest credentials for Office 365 or other business email accounts by impersonating the U.S. Department of Labor (DOL), Inky‘s researchers have warned. The ploy? The DOL is ostensibly inviting companies to submit “proposals from qualified contractors […]


Application security, Security, Threats & Malware, Vulnerabilities

Mandatory Chinese Olympics App Has ‘Devastating’ Encryption Flaw: Analyst

January 19, 2022

Via: Security Week

The “simple but devastating flaw” in the encryption of the MY2022 app, which is used to monitor Covid and is mandatory for athletes, journalists and other attendees of the games in China’s capital, could allow health information, voice messages and […]


Threats & Malware, Vulnerabilities

Organizations Face a ‘Losing Battle’ Against Vulnerabilities

January 18, 2022

Via: Threat Post

After a banner year for vulnerabilities and cyberattacks in 2021, organizations believe they are fighting a “losing battle” against security vulnerabilities and threats, “despite the billions of dollars spent collectively on cybersecurity technology,” according to an annual security report from […]


Cyber warfare, Cyber-crime

NATO, Ukraine Sign Deal to ‘Deepen’ Cyber Cooperation

January 18, 2022

Via: Security Week

Ukraine said on Sunday that it had evidence Moscow was behind the attack last week that knocked out government websites — but the Kremlin has denied any involvement. NATO Secretary General Jens Stoltenberg said Friday that experts from NATO and […]


Cyber warfare, Cyber-crime

FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure

January 12, 2022

Via: The Hacker News

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, […]


Threats & Malware, Vulnerabilities

CISA Adds 15 Recent and Older Vulnerabilities to ‘Must-Patch’ List

January 12, 2022

Via: Security Week

Initially announced in early November 2021, the list includes more than 300 vulnerabilities that are a frequent attack vector in malicious attacks, and which represent a significant risk to federal organizations. The Known Exploited Vulnerabilities Catalog was published along with […]


Network security, Security

2022 Cybersecurity Predictions from Lookout: Work From Anywhere Ends On-Premises Security

January 11, 2022

Via: The Hacker News

Lookout, an endpoint-to-cloud cyber security company, have put together their cyber security predictions for 2022. 1 — Cloud connectivity and cloud-to-cloud connectivity will amplify supply-chain breaches One area organizations need to continue to monitor in 2022 is the software supply […]


Threats & Malware, Vulnerabilities

New ‘powerdir’ Vulnerability in macOS Exposes Protected Data

January 11, 2022

Via: Security Week

Tracked as CVE-2021-30970, the new security error, which Microsoft calls powerdir, allows an attacker to bypass the platform’s Transparency, Consent, and Control (TCC) technology and “potentially orchestrate an attack based on the user’s protected personal data.” Introduced in 2012, TCC […]


Cloud security, Security

5 top hybrid cloud security challenges

January 10, 2022

Via: CSO Online

For a growing number of organizations, IT environments encompass a blend of public cloud services, private clouds, and on-premises infrastructure—with the latter becoming an ever-smaller portion of the mix. The past two years have seen a major uptick in the […]


Cyber-crime, Hacker, Malware, Threats & Malware

Researchers Uncover Hacker Group Behind Organized Financial-Theft Operation

January 5, 2022

Via: The Hacker News

Cybersecurity researchers have taken the wraps of an organized financial-theft operation undertaken by a discreet actor to target transaction processing systems and siphon funds from entities primarily located in Latin America for at least four years. The malicious hacking group […]