Cybersecurity

Fake Proof-of-Concepts used to lure security professionals

Cybersecurity, Exploits/Vulnerability /

Posted: October 27, 2022 by Pieter Arntz Researchers from the Leiden University published a paper detailing how cybercriminals are using fake Proof-of-Concepts (PoCs) to install malware on researchers’ systems. The researchers found these fake PoCs on a platform where security professionals would usually expect to find them—the public code repository GitHub. Use of PoCs There is a big difference between […]

Fake Proof-of-Concepts used to lure security professionals Read More »

Ransomware Equals a Data Breach

Cybersecurity, Exploits/Vulnerability, Ransomware /

From a data regulator’s perspective, it is the responsibility of your business to keep data safe from cyberthreats, inform clients about a breach within a stipulated period and provide necessary documentation as proof of your efforts. Although different regulations have laid down distinct mandates for breach notifications, the principle remains intact. While there is an

Ransomware Equals a Data Breach Read More »

What is ransomware-as-a-service and how is it evolving?

Cybersecurity, Exploits/Vulnerability /

Posted: October 27, 2022 by Bill Cozens Ransomware attacks are becoming more frequent and costlier—breaches caused by ransomware grew 41 percent in the last year, the average cost of a destructive attack rising to $5.12 milllion. What’s more, a good chunk of the cyber criminals doing these attacks operate on a ransomware-as-a-service (RaaS) model. RaaS is not much different, in theory,

What is ransomware-as-a-service and how is it evolving? Read More »

Point-of-sale malware used to steal 167,000 credit cards

Cybersecurity, Exploits/Vulnerability /

Posted: October 26, 2022 by Pieter Arntz In the 19 months between February 2021 and September 2022, two point-of-sale (POS) malware operators have stolen more than 167,000 payment records, mainly from the US, according to researchers at Group-IB. The researchers were able to retrieve information about infected machines and compromised credit cards by analyzing a command and control (C2)

Point-of-sale malware used to steal 167,000 credit cards Read More »

CISA warns of ransomware attacks on healthcare providers

Cybersecurity, Exploits/Vulnerability /

by Shaun Nichols A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. The Cybersecurity and Infrastructure Security Agency is warning administrators about a new ransomware outbreak amongst healthcare providers. A CISA advisory issued Friday outlined how a new ransomware crew known as

CISA warns of ransomware attacks on healthcare providers Read More »

Healthcare site leaks personal health information via Google and Meta tracking pixels

Cybersecurity, Exploits/Vulnerability /

Posted: October 24, 2022 by Pieter Arntz Advocate Aurora Health has disclosed that by visiting its websites users may have shared personal information, and possibly protected health information (PHI), with Google and Meta (Facebook). Advocate Aurora Health is the 11th largest not-for-profit, integrated health system in the US and provides care for about 3 million patients. The company used tracking

Healthcare site leaks personal health information via Google and Meta tracking pixels Read More »

An odd kind of cybercrime: Gift vouchers, medical records, and…food

Cybersecurity, Exploits/Vulnerability /

Posted: October 24, 2022 by Christopher Boyd Someone with a gift for technology but a nasty habit of using it for very bad things has been spared from going to jail with a suspended sentence. Peter Foy, 18 at the time of his antics, racked up a remarkable, and slightly peculiar, list of compromises before being brought before

An odd kind of cybercrime: Gift vouchers, medical records, and…food Read More »

Former cop abused unrevoked system access to extort women

Cybersecurity, Exploits/Vulnerability /

Posted: October 21, 2022 by Jovi Umawing When Bryan Wilson, a former Louisville Metropolitan Police Department (LMPD) officer in Kentucky, pleaded guilty to cyberstalking charges in June, details of his crime weren’t revealed. Now they have. A new court document discloses facts about how he stole sexually explicit photos and videos from private Snapchat accounts, and what he did with

Former cop abused unrevoked system access to extort women Read More »

Attackers Abusing Various Remote Control Tools

Cybersecurity, Exploits/Vulnerability /

Overview Ordinarily, attackers install malware through various methods such as spear phishing emails with a malicious attachment, malvertising, vulnerabilities, and disguising the malware as normal software and uploading them to websites. The malware that is installed include infostealers which steal information from the infected system, ransomware which encrypts files to demand ransom, and DDoS Bots

Attackers Abusing Various Remote Control Tools Read More »

Security awareness campaign highlights things your bank will never say

Cybersecurity, News /

Posted: October 11, 2022 by Christopher Boyd If you like anti-phishing efforts, hashtags, and confusing but colourful video games, you’ll be interested to know that a security initiative involving all three is now live. The American Bankers Association and other banks in the US are involved in an awareness campaign tied in with National Cybersecurity Awareness Month. The

Security awareness campaign highlights things your bank will never say Read More »