Items tagged with cybersecurity
by
Nathan Ord - Tue, Dec 19, 2023
Earlier this month, ransomware group Rhysida announced that it had breached Sony’s Insomniac Games, taken files, and was purportedly demanding a ransom of $2 million. It has been a week since then, and thus the deadline has passed to pay...
Read more...
by
Nathan Ord - Tue, Dec 12, 2023
It would seem that Toyota cannot catch a break. Just weeks after discovering the company ran out of server disk space, shutting down production lines, and that Toyota vehicles could be compromised through the headlights, the company is...
Read more...
by
Nathan Ord - Mon, Nov 27, 2023
General Electric is primarily known for its spinning things, like washing machines, supersonic engines, or the GAU-8/A Avenger 30mm seven-barrel cannon mounted on the A-10 Warthog and CIWS weapon system. All goofs aside, GE is quite a...
Read more...
by
Nathan Ord - Tue, Nov 21, 2023
The Russian espionage machine is both vast and prolific, as shown by a recent Russian code outbreak making its way into U.S. government systems. With the war in Ukraine in full swing, this behemoth of a program is not only throwing tools...
Read more...
by
Nathan Ord - Thu, Nov 16, 2023
Ransomware gang BlackCat, otherwise known as ALPHV, is after the public spotlight following the Reddit data breach debacle earlier this year. Now, the group has breached another organization with MeridianLink and is causing a stir by...
Read more...
by
Nathan Ord - Wed, Nov 15, 2023
Software vulnerabilities come and go, but vulnerabilities found in hardware are significantly harder to deal with and lead to more problems, such as with Hertzbleed and that family of security issues that sprung up from simple clock...
Read more...
by
Nathan Ord - Mon, Nov 13, 2023
The Lockbit ransomware group has breached a number of high-profile organizations and companies, such as TSMC in Taiwan, which is effectively the global leader in silicon production. Most recently, though, the international aeronautic and...
Read more...
by
Nathan Ord - Thu, Nov 09, 2023
Generative AI ChatGPT has seen exponential growth in the past few months, recently crossing the 100 million weekly active users. However, with all this popularity, a target was perhaps painted on the back of OpenAI and ChatGPT by threat...
Read more...
by
Nathan Ord - Tue, Nov 07, 2023
Threat actors have gotten increasingly more creative with their methods, embedding them in devices while evading defensive blue teams along the way. The situation is akin to over-prescription of antibiotics, which could eventually lead to...
Read more...
by
Zak Killian - Sat, Nov 04, 2023
In case you weren't aware, VMware operates a security arm called Carbon Black. On Halloween, Carbon Black's Threat Analysis Unit (TAU) announced that it had found 34 different vulnerable Windows drivers that had firmware access. To be...
Read more...
by
Nathan Ord - Fri, Nov 03, 2023
Building supply and home improvement company Ace Hardware has seemingly suffered a severe cybersecurity attack and is dealing with the fallout. After an email notice surfaced on Reddit, online sales have gone down, and outbound shipments...
Read more...
by
Nathan Ord - Wed, Nov 01, 2023
Ransomware has become one of the most prevalent means by which threat actors generate revenue, creating a billion-dollar underground industry. Given this financial reality, ransomware gangs are working constantly to outsmart the...
Read more...
by
Nathan Ord - Thu, Oct 19, 2023
With a purported userbase of over 500 million, WinRAR is one of the world’s most popular file compression tools thanks in part to its never-ending free trial. However, with such prevalence, WinRAR is also a juicy target for hackers to gain...
Read more...
by
Nathan Ord - Tue, Oct 17, 2023
'
Discord is a great voice, text, and video platform that allows friends, family, and communities of all types to connect in a common space. However, it’s been known that Discord has been used for some terrible things, such as the massive...
Read more...
by
Nathan Ord - Fri, Oct 13, 2023
Cloud gaming has many advantages, such as lowering the barrier to entry to triple-A titles that require beefier and beefier hardware these days. However, one downside to this ecosystem is that there is a vast centralized dataset that could...
Read more...
by
Nathan Ord - Thu, Oct 12, 2023
Threat actors and malicious hackers have been targeting gamers with malware for quite some time, as they can be easy targets who download and run strange things from the internet all the time. Such was the case with a trojanized Super...
Read more...
by
Nathan Ord - Wed, Oct 04, 2023
If Marvin the Martian makes it onto your computer and does privilege escalation to take it over, we might now know just how they did it. A new Linux local privilege escalation vulnerability, dubbed Looney Tunables. that can bump basic...
Read more...
by
Nathan Ord - Mon, Oct 02, 2023
Phishing emails traditionally come from threat actors looking to make a quick buck or steal some data for nefarious purposes. Things get confusing, however, when phishing-style emails come directly from an organization like Amazon. That is...
Read more...
by
Nathan Ord - Thu, Sep 28, 2023
Chinese threat actors are upping their game in the cybersecurity realm, as indicated by new Linux backdoors and other advanced tactics, techniques, and procedures (TTPs). With this, an international multi-agency team led by the National...
Read more...
by
Nathan Ord - Wed, Sep 27, 2023
Side channel attacks are always fascinating to see how they are executed, such as the recent discovery that encryption keys could be stolen by recording power LEDs on various devices. Researchers have found that malicious websites might be...
Read more...
by
Nathan Ord - Mon, Sep 25, 2023
Nonprofit NGO National Student Clearinghouse handles student data reporting and exchange, serving 3,600 universities and 22,000 high schools around the United States. However, being “the leading provider of educational reporting, data...
Read more...
by
Nathan Ord - Fri, Sep 22, 2023
As it turns out, hotels, and by extension, the hospitality industry, are not the most secure organizations around despite handling personal information and credit card details. This is evident in the recent MGM Hotel breach or even further...
Read more...