Items tagged with cybersecurity
Ransomware attacks have been on the rise lately, and both organizations and consumers need to protect themselves as best they can before the problem worsens over time. As it turns out, one of the most popular and widespread operating systems, Windows 10, has ransomware protection, and it is super simple to turn on so...
Read more...
We have seen major OEMs tinker with drivers and system settings for workarounds and various fixes in games and other apps before. And now that AMD is firmly back in the mainstream desktop processor race, the company is occasionally under the microscope with power users and developers that stumble onto similar patch...
Read more...
Cyber-attacks have seemingly ramped-up in the last few weeks, like the Colonial Pipeline ransomware incident that netted a cool $5 million for the criminal attackers. Now, cyber-thugs have crippled the Irish Health Service Executive's (HSE) computer systems in what could be "the most significant cybercrime attack on...
Read more...
Yesterday was Microsoft’s routine Patch Tuesday release, which tackled quite a few vulnerabilities, 55 to be exact. Though this may seem like a lot, it is actually the smallest update from the company since 2020, but it does take care of some big problems. This includes a rather worrisome wormable HTTP protocol-stack...
Read more...
Yesterday, we reported on a ransomware attack that targeted Colonial Pipeline, and by association, the eastern seaboard after the company had to shut off its pipeline network. Now, the FBI has tied the ransomware attack on the fuel company to a newly formed group called “DarkSide,” who has been incredibly quiet about...
Read more...
When it was found that Microsoft Exchange on-premises was vulnerable to hackers, quite a bit of havoc ensued across a wide range of industries. Since then, the FBI obtained a court order to go in and remove backdoors to hacked servers, but there are likely many hacked Exchange servers still out there. In recent days...
Read more...
Last week, cybersecurity researchers discovered an open Elasticsearch database that exposed an extensive fake Amazon reviews scam ring. The database contained millions of direct messages between Amazon vendors and upwards of 200,000 customers willing to provide fake reviews in exchange for free products. It is...
Read more...
One of the top U.S. fuel pipeline operators had to shutter its network this weekend due to a nasty ransomware attack. This effectively shut down approximately half of the East Coast’s fuel for both air and ground transportation. Though home heating oil prices are not expected to increase as a result, this does raise...
Read more...
AI is spreading, and not in the creepy sci-fi dystopian kind of way, but by way of programs to help manage large tasks in critical business sectors, such as healthcare, finance, and defense. Now, Microsoft is releasing a tool called Counterfit, an “automation tool for security testing AI systems as an open-source...
Read more...
At the start of May, researchers at the University of Virginia announced that current Spectre chip vulnerability mitigations could be bypassed entirely, bringing the ghostly security flaw back to life. Intel has now officially responded by claiming that software coded following its specific security guidance protects...
Read more...
Back in 2018, a processor security vulnerability called Spectre appeared, affecting all modern CPU architectures from Intel, AMD, and even ARM in the last 20 years. Since then, major players and semiconductor OEMs have worked hard to patch out the vulnerabilities in a cybersecurity whack-a-mole game, in some cases...
Read more...
If you catch the flu, you may be stuck at home or even bedridden for a few days until you get better. If you catch the FluBot malware, you could be at risk of losing sensitive information, such as banking details and personal information. While this malware campaign has not made it across the pond from Europe yet, it...
Read more...
Given that data leaks are occurring even more frequently these days, it is a matter of when, not if, your information makes it to the open web. Cybercriminals are constantly on the prowl looking for a new way to make a quick buck, and clearly the system is working for them. New data reports that over 5 billion records...
Read more...
From time to time, malware will pop up that affects Apple devices which are typically touted as the superior option to other PCs for their security. This happened earlier this year with the mysterious Silver Sparrow malware that caught thousands of M1 Macs. Now, Mac users are being urged to patch again to prevent...
Read more...
When we hear of ransomware attacks, it usually involves high-value targets, such as the recent $50 million attack against Apple supplier Quanta. This time, a ransomware gang took a different approach and targeted consumers and small businesses using QNAP devices and subsequently encrypted their files. In just five...
Read more...
It does not seem Facebook will be able to catch a break this week after an accidental email revealed the company’s dismissive view of data leakage. The Silicon Valley social media company is facing a possible new leak after a researcher found he could link up to 5 million Facebook accounts to private email addresses...
Read more...
This year, there have been several cybersecurity incidents, such as the Microsoft Exchange issue, across numerous industries and government organizations. It appears that the defense industry is now being targeted by at least two China-linked hacking groups who are leveraging Pulse Secure VPN devices from IT company...
Read more...
The Microsoft Exchange zero-day vulnerabilities seemed to cause quite a bit of havoc across several industries and organizations. Since it was first discovered, however, patches have been rolling out from Microsoft and frantic orders to patch servers have been trickling down. Clearly, that was not enough, as web...
Read more...
A new set of nine vulnerabilities that affect popular TCP/IP stacks, specifically relating to Domain Name Systems (DNS) implementations, were revealed yesterday. According to researchers at Forescout and JSOF, these vulnerabilities, collectively identified as NAME: WRECK, could impact at least 100 million IoT devices...
Read more...
Information scraping campaigns are becoming more prevalent, it seems, with LinkedIn recently losing data for 500m million users. Facebook also faced a similar issue with its phone contact search feature, which allowed malicious parties to collect over 500 million users' information. Another company, called Q Link...
Read more...
With everyone using Zoom for both work and school, a vulnerability in the software can be especially concerning. This week, researchers competing in a zero-day hunting competition found a bug in Zoom that allowed them to remotely execute code without any necessary action from the target. This find netted the...
Read more...
Late last month, we reported on a trend of rising cybersecurity incidents worldwide that could lead to the end of some businesses. Now, the latest cyberattack victim is Microsoft-owned GitHub, with reports of cybercriminals leveraging GitHub cloud infrastructure to mine cryptocurrency.
Since at least the Fall of...
Read more...
