Authored by SangRyol Ryu  

We live in a world where advertisements are everywhere, and it’s no surprise that users are becoming tired of them. By contrast, developers are driven by profit and seek to incorporate more advertisements into their apps. However, there exist certain apps that manage to generate profit without subjecting users to the annoyance of ads. Is this really good?  

Recently, McAfee’s Mobile Research Team discovered a concerning practice among some apps distributed through Google Play. These apps load ads while the device’s screen is off, which might initially seem convenient for users. However, it’s a clear violation of Google Play Developer policy on how ads should be displayed. This affects not only the advertisers who pay for invisible Ads, but also the users as it drains battery, consumes data and poses potential risks such as information leaks and disruption of user profiling caused by Clicker behavior. 

The team has identified 43 apps that collectively downloaded 2.5 million times. Among the targeted apps are TV/DMB Player, Music Downloader, News, and Calendar applications. McAfee is a member of the App Defense Alliance focused on protecting users by preventing threats from reaching their devices and improving app quality across the ecosystem. We reported the discovered apps to Google, which took prompt action. Most apps are no longer available on Google Play while others are updated by the developer. McAfee Mobile Security detects this threat as Android/Clicker. For more information, and to get fully protected, visit McAfee Mobile Security. 

Many affected apps

How does it work? 

This ad fraud library uses specific tactics to avoid detection and inspection. It deliberately delays the initiation of its fraudulent activities, creating a latent period from the time of installation. What’s more, all the intricate configurations of this library can be remotely modified and pushed using Firebase Storage or Messaging service. These factors significantly add to the complexity of identifying and analyzing this fraudulent behavior. Notably, the latent period typically spans several weeks, which makes it challenging to detect. 

Getting latent period by using Firebase Messaging Service 

It is important to be cautious about the implications of granting permissions, such as excluding ‘power saving’ and allowing ‘draw over other apps’. These permissions can enable certain activities to occur discreetly in the background, raising concerns about the intentions and behavior of the applications or libraries in question. Allowing these permissions can result in more malicious behavior, such as displaying phishing pages, also to displaying ads in the background. 

Asked permissions to run in the background and keep it hidden 

When the device screen is turned off after the latent period, the fetching and loading of ads starts, resulting in users being unaware of the presence of running advertisements on their devices. This ad library registers device information by accessing the unique domain (ex: mppado.oooocooo.com) linked with the application. Then go to Firebase Storage to get the specific advertisement URL and show the ads. It is important to note that this process consumes power and mobile data resources. 

Observed traffic when the screen off 

If users quickly turn on their screens at this point, they might catch a glimpse of the ad before it is automatically closed. 

Example of an advertising site displayed when the screen is off 

In conclusion, it is essential for users to exercise caution and carefully evaluate the necessity of granting permissions like power saving exclusion, or draw over other apps before allowing them. While these permissions might be required for certain legitimate functionalities for running in the background, it is important to consider the potential risks linked with them, such as enabling hidden behaviors or reducing the relevance of ads and contents displayed to users because the hidden Clicker behavior. By using McAfee Mobile Security products, users can further safeguard their devices and mitigate the risks linked with these kinds of malware, providing a safer and more secure experience. For more information, visit McAfee Mobile Security

 

Indicators of Compromise (IoC’)

Domains:

best.7080music.com 

m.gooogoole.com 

barocom.mgooogl.com 

newcom.mgooogl.com 

easydmb.mgooogl.com 

freekr.mgooogl.com 

fivedmb.mgooogl.com 

krlive.mgooogl.com 

sixdmb.mgooogl.com 

onairshop.mgooogle.com 

livedmb.mgooogle.com 

krbaro.mgooogle.com 

onairlive.mgooogle.com 

krdmb.mgooogle.com 

onairbest.ocooooo.com 

dmbtv.ocooooo.com 

ringtones.ocooooo.com 

onairmedia.ocooooo.com 

onairnine.ocooooo.com 

liveplay.oocooooo.com 

liveplus.oocooooo.com 

liveonair.oocooooo.com 

eightonair.oocooooo.com 

krmedia.oocooooo.com 

kronair.oocooooo.com 

newkrbada.ooooccoo.com 

trot.ooooccoo.com 

thememusic.ooooccoo.com 

trot.ooooccoo.com 

goodkrsea.ooooccoo.com 

krlive.ooooccoo.com 

news.ooooccoo.com 

bestpado.ooooccoo.com 

krtv.oooocooo.com 

onairbaro.oooocooo.com 

barolive.oooocooo.com 

mppado.oooocooo.com 

dmblive.oooocooo.com 

baromedia.oooocooo.com 

musicbada.oouooo.com 

barolive.oouooo.com 

sea.oouooo.com 

blackmusic.oouooo.com 

Android Packages 

Package Name 
Application Name 
SHA256 
Google Play Downloads 

band.kr.com 
DMB TV 
f3e5aebdbd5cd94606211b04684730656e0eeb1d08f4457062e25e7f05d1c2d1 
10,000+ 

com.dmb.media 
DMB TV 
6aaaa6f579f6a1904dcf38315607d6a5a2ca15cc78920743cf85cc4b0b892050 
100,000+ 

dmb.onair.media 
DMB TV 
a98c5170da2fdee71b699ee145bfe4bdcb586b623bbb364a93bb8bdf8dbc4537 
10,000+ 

easy.kr 
DMB TV 
5ec8244b2b1f516fd96b0574dc044dd40076ff7aa7dadb02dfefbd92fc3774bf 
100,000+ 

kr.dmb.onair 
DMB TV 
e81c0fef52065864ee5021e1d4c7c78d6a407579e1d48fc4cf5551ff0540fdb8 
5,000+ 

livedmb.kr 
DMB TV 
33e5606983526757fef2f6c1da26474f4f9bf34e966d3c204772de45f42a6107 
50,000+ 

stream.kr.com 
DMB TV 
a13e26bce41f601a9fafdec8003c5fd14908856afbab63706b133318bc61b769 
100+ 

com.breakingnews.player 
뉴스 속보 
d27b8e07b7d79086af2fa805ef8d77ee51d86a02d81f2b8236febb92cb9b242d 
10,000+ 

jowonsoft.android.calendar 
달력 
46757b1f785f2b3cec2906a97597b7db4bfba168086b60dd6d58d5a8aef9e874 
10,000+ 

com.music.free.bada 
뮤직다운 
a3fe9f9b531ab6fe79ed886909f9520a0d0ae98cf11a98f061dc179800aa5931 
100,000+ 

com.musicdown 
뮤직다운 
5f8eb3f86fc608f9de495ff0e65b866a78c25a9260da04ebca461784f039ba16 
5,000+ 

new.kr.com 
뮤직다운 
397373c39352ef63786fe70923a58d26cdf9b23fa662f3133ebcbc0c5b837b66 
100,000+ 

baro.com 
바로TV 
3b4302d00e21cbf691ddb20b55b045712bad7fa71eb570dd8d3d41b8d16ce919 
10,000+ 

baro.live.tv 
바로TV 
760aa1a6c0d1e8e4e2d3258e197ce704994b24e8edfd48ef7558454893796ebe 
50,000+ 

baro.onair.media 
바로TV 
b83a346e18ca20ac5165bc1ce1c8807e89d05abc6a1df0adc3f1f0ad4bb5cd0c 
10,000+ 

kr.baro.dmb 
바로TV 
84a4426b1f8ea2ddb66f12ef383a0762a011d98ff96c27a0122558babdaf0765 
100,000+ 

kr.live 
바로TV 
cccfdf95f74add21da546a03c8ec06c7832ba11091c6d491b0aadaf0e2e57bcc 
1,000+ 

newlive.com 
바로TV 
c76af429fabcfd73066302eeb9dd1235fd181583e6ee9ee9015952e20b4f65bf 
50,000+ 

onair.baro.media 
바로TV 
6c61059da2ae3a8d130c50295370baad13866d7e5dc847f620ad171cc01a39e9 
10,000+ 

freemusic.ringtone.player 
벨소리 무료다운 
75c74e204d5695c75209b74b10b3469babec1f7ef84c7a7facb5b5e91be0ae3e 
100,000+ 

com.app.allplayer 
실시간 TV 
8d881890cfa071f49301cfe9add6442d633c01935811b6caced813de5c6c6534 
50,000+ 

com.onair.shop 
실시간 TV 
1501dd8267240b0db0ba00e7bde647733230383d6b67678fc6f0c7f3962bd0d3 
50,000+ 

eight.krdmb.onair 
실시간 TV 
bbd6ddbfee7482fe3fe8b5d96f3be85e09352711a36cd8cf88cfdeaf6ff90c79 
10,000+ 

free.kr 
실시간 TV 
5f864aa88de07a10045849a7906f616d079eef94cd463e40036760f712361f79 
10,000+ 

kr.dmb.nine 
실시간 TV 
ea49ad38dd7500a6ac12613afe705eb1a4bcab5bcd77ef24f2b9a480a34e4f46 
100,000+ 

kr.live.com 
실시간 TV 
f09cff8a05a92ddf388e56ecd66644bf88d826c5b2a4419f371721429c1359a7 
10,000+ 

kr.live.onair 
실시간 TV 
e8d2068d086d376f1b78d9e510a873ba1abd59703c2267224aa58d3fca2cacbd 
100,000+ 

kr.live.tv 
실시간 TV 
1b64283e5d7e91cae91643a7dcdde74a188ea8bde1cf745159aac76a3417346e 
50,000+ 

kr.media.onair 
실시간 TV 
bd0ac9b7717f710e74088df480bde629e54289a61fc23bee60fd0ea560d39952 
100,000+ 

kr.onair.media 
실시간 TV 
d7dd4766043d4f7f640c7c3fabd08b1a7ccbb93eba88cf766a0de008a569ae4d 
1,000+ 

live.kr.onair 
실시간 TV 
b84b22bc0146f48982105945bbab233fc21306f0f95503a1f2f578c1149d7e46 
10,000+ 

live.play.com 
실시간 TV 
516032d21edc2ef4fef389d999df76603538d1bbd9d357a995e3ce4f274a9922 
50,000+ 

new.com 
실시간 TV 
5d07a113ce389e430bab70a5409f5d7ca261bcdb47e4d8047ae7f3507f044b08 
50,000+ 

newlive.kr 
실시간 TV 
afc8c1c6f74abfadd8b0490b454eebd7f68c7706a748e4f67acb127ce9772cdb 
100,000+ 

onair.best 
실시간 TV 
6234eadfe70231972a4c05ff91be016f7c8af1a8b080de0085de046954c9e8e7 
50,000+ 

com.m.music.free 
음악다운 
ded860430c581628ea5ca81a2f0f0a485cf2eeb9feafe5c6859b9ecc54a964b2 
100,500,000+ 

good.kr.com 
음악다운 
bede67693a6c9a51889f949a83ff601b1105c17c0ca5904906373750b3802e91 
100,000+ 

new.music.com 
음악다운 
fee6cc8b606cf31e55d85a7f0bf7751e700156ce5f7376348e3357d3b4ec0957 
1,000+ 

play.com.apps 
음악다운 
b2c1caab0e09b4e99d5d5fd403c506d93497ddb2de3e32931237550dbdbe7f06 
100,000+ 

com.alltrot.player 
트로트 노래모음 
469792f4b9e4320faf0746f09ebbcd8b7cd698a04eef12112d1db03b426ff70c 
50,000+ 

com.trotmusic.player 
트로트 노래모음 
879014bc1e71d7d14265e57c46c2b26537a81020cc105a030f281b1cc43aeb77 
5,000+ 

best.kr.com 
파도 MP3 
f2bbe087c3b4902a199710a022adf8b57fd927acac0895ab85cfd3e61c376ea5 
100,000+ 

com.pado.music.mp3 
파도 MP3 
9c84c91f28eadd0a93ef055809ca3bceb10a283955c9403ef1a39373139d59f2 
100,000+ 

 

 

The post Invisible Adware: Unveiling Ad Fraud Targeting Korean Android Users appeared first on McAfee Blog.

Read More

What does a hacker want with your social media account? Plenty. 

Hackers hijack social media accounts for several reasons. They’ll dupe the victim’s friends and followers with scams. They’ll flood feeds with misinformation. And they’ll steal all kinds of personal information—not to mention photos and chats in DMs. In all, a stolen social media account could lead to fraud, blackmail, and other crimes. 

Yet you have a strong line of defense that can prevent it from happening to you: multi-factor authentication (MFA). 

What is multi-factor authentication (MFA)? 

MFA goes by other names, such as two-factor authentication and two-step verification. Yet they all boost your account security in much the same way. They add an extra step or steps to the login process. Extra evidence to prove that you are, in fact, you. It’s in addition to the usual username/password combination, thus the “multi-factor” in multi-factor authentication.  

Examples of MFA include: 

Sending a one-time code via a text or phone call, often seen when logging into bank and credit card accounts. 
Sending a one-time code to an authentication app, such as when logging into a gaming service. 
Asking for the answer to a security question, like the name of your elementary school or the model of your first car. 
Biometric information, like a fingerprint or facial scan. 

With MFA, a hacker needs more than just your username and password to weasel their way into your account. They need that extra piece of evidence required by the login process, which is something only you should have. 

This stands as a good reminder that you should never give out the information you use in your security questions—and to never share your one-time security codes with anyone. In fact, scammers cobble up all kinds of phishing scams to steal that information. 

How to set up MFA on your social media accounts. 

Major social media platforms offer MFA, although they might call it by other names. As you’ll see, several platforms call it “two-factor authentication.”  

Given the way that interfaces and menus can vary and get updated over time, your best bet for setting up MFA on your social media accounts is to go right to the source. Social media platforms provide the latest step-by-step instructions in their help pages. A simple search for “multi-factor authentication” and the name of your social media platform should readily turn up results. 

For quick reference, you can find the appropriate help pages for some of the most popular platforms here: 

Facebook two-factor authentication help page 
Instagram two-factor authentication help page 
Twitter two-factor authentication help page 
TikTok two-factor authentication help page 
Snapchat two-factor authentication help page 

Another important reminder is to check the URL of the site you’re on to ensure it’s legitimate. Scammers set up all kinds of phony login and account pages to steal your info. Phishing scams like those are a topic all on their own. A great way you can learn to spot them is by giving our Phishing Scam Protection Guide a quick read. It’s part of our McAfee Safety Series, which covers a broad range of topics, from romance scams and digital privacy to online credit protection and ransomware.  

MFA – a good call for your social media accounts, and other accounts too. 

In many ways, your social media account is an extension of yourself. It reflects your friendships, interests, likes, and conversations. Only you should have access to that. Putting MFA in place can help keep it that way. 

More broadly, enabling MFA across every account that offers it is a smart security move as well. It places a major barrier in the way of would-be hackers who, somehow, in some way, have ended up with your username and password. 

On the topic, ensure your social media accounts have strong, unique passwords in place. The one-two punch of strong, unique passwords and MFA will make hacking your account tougher still. Wondering what a strong, unique password looks like? Here’s a hint: a password with eight characters is less secure than you might think. With a quick read, you can create strong, unique passwords that are tough to crack. 

Lastly, consider using comprehensive online protection software if you aren’t already. In addition to securing your devices from hacks and attacks, it can help protect your privacy and identity across your travels online—both on social media and off.   

The post Protect Your Social Media Passwords from Hacks and Attacks appeared first on McAfee Blog.

Read More

ChatGPT was released just nine months ago, and we are still learning how it will affect our daily lives, our careers, and even our systems of self-governance.

But when it comes to how AI may threaten our democracy, much of the public conversation lacks imagination. People talk about the danger of campaigns that attack opponents with fake images (or fake audio or video) because we already have decades of experience dealing with doctored images. We’re on the lookout for foreign governments that spread misinformation because we were traumatized by the 2016 US presidential election. And we worry that AI-generated opinions will swamp the political preferences of real people because we’ve seen political “astroturfing”—the use of fake online accounts to give the illusion of support for a policy—grow for decades.

Threats of this sort seem urgent and disturbing because they’re salient. We know what to look for, and we can easily imagine their effects.

The truth is, the future will be much more interesting. And even some of the most stupendous potential impacts of AI on politics won’t be all bad. We can draw some fairly straight lines between the current capabilities of AI tools and real-world outcomes that, by the standards of current public understanding, seem truly startling.

With this in mind, we propose six milestones that will herald a new era of democratic politics driven by AI. All feel achievable—perhaps not with today’s technology and levels of AI adoption, but very possibly in the near future.

Good benchmarks should be meaningful, representing significant outcomes that come with real-world consequences. They should be plausible; they must be realistically achievable in the foreseeable future. And they should be observable—we should be able to recognize when they’ve been achieved.

Worries about AI swaying an election will very likely fail the observability test. While the risks of election manipulation through the robotic promotion of a candidate’s or party’s interests is a legitimate threat, elections are massively complex. Just as the debate continues to rage over why and how Donald Trump won the presidency in 2016, we’re unlikely to be able to attribute a surprising electoral outcome to any particular AI intervention.

Thinking further into the future: Could an AI candidate ever be elected to office? In the world of speculative fiction, from The Twilight Zone to Black Mirror, there is growing interest in the possibility of an AI or technologically assisted, otherwise-not-traditionally-eligible candidate winning an election. In an era where deepfaked videos can misrepresent the views and actions of human candidates and human politicians can choose to be represented by AI avatars or even robots, it is certainly possible for an AI candidate to mimic the media presence of a politician. Virtual politicians have received votes in national elections, for example in Russia in 2017. But this doesn’t pass the plausibility test. The voting public and legal establishment are likely to accept more and more automation and assistance supported by AI, but the age of non-human elected officials is far off.

Let’s start with some milestones that are already on the cusp of reality. These are achievements that seem well within the technical scope of existing AI technologies and for which the groundwork has already been laid.

Milestone #1: The acceptance by a legislature or agency of a testimony or comment generated by, and submitted under the name of, an AI.

Arguably, we’ve already seen legislation drafted by AI, albeit under the direction of human users and introduced by human legislators. After some early examples of bills written by AIs were introduced in Massachusetts and the US House of Representatives, many major legislative bodies have had their “first bill written by AI,” “used ChatGPT to generate committee remarks,” or “first floor speech written by AI” events.

Many of these bills and speeches are more stunt than serious, and they have received more criticism than consideration. They are short, have trivial levels of policy substance, or were heavily edited or guided by human legislators (through highly specific prompts to large language model-based AI tools like ChatGPT).

The interesting milestone along these lines will be the acceptance of testimony on legislation, or a comment submitted to an agency, drafted entirely by AI. To be sure, a large fraction of all writing going forward will be assisted by—and will truly benefit from—AI assistive technologies. So to avoid making this milestone trivial, we have to add the second clause: “submitted under the name of the AI.”

What would make this benchmark significant is the submission under the AI’s own name; that is, the acceptance by a governing body of the AI as proffering a legitimate perspective in public debate. Regardless of the public fervor over AI, this one won’t take long. The New York Times has published a letter under the name of ChatGPT (responding to an opinion piece we wrote), and legislators are already turning to AI to write high-profile opening remarks at committee hearings.

Milestone #2: The adoption of the first novel legislative amendment to a bill written by AI.

Moving beyond testimony, there is an immediate pathway for AI-generated policies to become law: microlegislation. This involves making tweaks to existing laws or bills that are tuned to serve some particular interest. It is a natural starting point for AI because it’s tightly scoped, involving small changes guided by a clear directive associated with a well-defined purpose.

By design, microlegislation is often implemented surreptitiously. It may even be filed anonymously within a deluge of other amendments to obscure its intended beneficiary. For that reason, microlegislation can often be bad for society, and it is ripe for exploitation by generative AI that would otherwise be subject to heavy scrutiny from a polity on guard for risks posed by AI.

Milestone #3: AI-generated political messaging outscores campaign consultant recommendations in poll testing.

Some of the most important near-term implications of AI for politics will happen largely behind closed doors. Like everyone else, political campaigners and pollsters will turn to AI to help with their jobs. We’re already seeing campaigners turn to AI-generated images to manufacture social content and pollsters simulate results using AI-generated respondents.

The next step in this evolution is political messaging developed by AI. A mainstay of the campaigner’s toolbox today is the message testing survey, where a few alternate formulations of a position are written down and tested with audiences to see which will generate more attention and a more positive response. Just as an experienced political pollster can anticipate effective messaging strategies pretty well based on observations from past campaigns and their impression of the state of the public debate, so can an AI trained on reams of public discourse, campaign rhetoric, and political reporting.

With these near-term milestones firmly in sight, let’s look further to some truly revolutionary possibilities. While these concepts may have seemed absurd just a year ago, they are increasingly conceivable with either current or near-future technologies.

Milestone #4: AI creates a political party with its own platform, attracting human candidates who win elections.

While an AI is unlikely to be allowed to run for and hold office, it is plausible that one may be able to found a political party. An AI could generate a political platform calculated to attract the interest of some cross-section of the public and, acting independently or through a human intermediary (hired help, like a political consultant or legal firm), could register formally as a political party. It could collect signatures to win a place on ballots and attract human candidates to run for office under its banner.

A big step in this direction has already been taken, via the campaign of the Danish Synthetic Party in 2022. An artist collective in Denmark created an AI chatbot to interact with human members of its community on Discord, exploring political ideology in conversation with them and on the basis of an analysis of historical party platforms in the country. All this happened with earlier generations of general purpose AI, not current systems like ChatGPT. However, the party failed to receive enough signatures to earn a spot on the ballot, and therefore did not win parliamentary representation.

Future AI-led efforts may succeed. One could imagine a generative AI with skills at the level of or beyond today’s leading technologies could formulate a set of policy positions targeted to build support among people of a specific demographic, or even an effective consensus platform capable of attracting broad-based support. Particularly in a European-style multiparty system, we can imagine a new party with a strong news hook—an AI at its core—winning attention and votes.

Milestone #5: AI autonomously generates profit and makes political campaign contributions.

Let’s turn next to the essential capability of modern politics: fundraising. “An entity capable of directing contributions to a campaign fund” might be a realpolitik definition of a political actor, and AI is potentially capable of this.

Like a human, an AI could conceivably generate contributions to a political campaign in a variety of ways. It could take a seed investment from a human controlling the AI and invest it to yield a return. It could start a business that generates revenue. There is growing interest and experimentation in auto-hustling: AI agents that set about autonomously growing businesses or otherwise generating profit. While ChatGPT-generated businesses may not yet have taken the world by storm, this possibility is in the same spirit as the algorithmic agents powering modern high-speed trading and so-called autonomous finance capabilities that are already helping to automate business and financial decisions.

Or, like most political entrepreneurs, AI could generate political messaging to convince humans to spend their own money on a defined campaign or cause. The AI would likely need to have some humans in the loop, and register its activities to the government (in the US context, as officers of a 501(c)(4) or political action committee).

Milestone #6: AI achieves a coordinated policy outcome across multiple jurisdictions.

Lastly, we come to the most meaningful of impacts: achieving outcomes in public policy. Even if AI cannot—now or in the future—be said to have its own desires or preferences, it could be programmed by humans to have a goal, such as lowering taxes or relieving a market regulation.

An AI has many of the same tools humans use to achieve these ends. It may advocate, formulating messaging and promoting ideas through digital channels like social media posts and videos. It may lobby, directing ideas and influence to key policymakers, even writing legislation. It may spend; see milestone #5.

The “multiple jurisdictions” piece is key to this milestone. A single law passed may be reasonably attributed to myriad factors: a charismatic champion, a political movement, a change in circumstances. The influence of any one actor, such as an AI, will be more demonstrable if it is successful simultaneously in many different places. And the digital scalability of AI gives it a special advantage in achieving these kinds of coordinated outcomes.

The greatest challenge to most of these milestones is their observability: will we know it when we see it? The first campaign consultant whose ideas lose out to an AI may not be eager to report that fact. Neither will the campaign. Regarding fundraising, it’s hard enough for us to track down the human actors who are responsible for the “dark money” contributions controlling much of modern political finance; will we know if a future dominant force in fundraising for political action committees is an AI?

We’re likely to observe some of these milestones indirectly. At some point, perhaps politicians’ dollars will start migrating en masse to AI-based campaign consultancies and, eventually, we may realize that political movements sweeping across states or countries have been AI-assisted.

While the progression of technology is often unsettling, we need not fear these milestones. A new political platform that wins public support is itself a neutral proposition; it may lead to good or bad policy outcomes. Likewise, a successful policy program may or may not be beneficial to one group of constituents or another.

We think the six milestones outlined here are among the most viable and meaningful upcoming interactions between AI and democracy, but they are hardly the only scenarios to consider. The point is that our AI-driven political future will involve far more than deepfaked campaign ads and manufactured letter-writing campaigns. We should all be thinking more creatively about what comes next and be vigilant in steering our politics toward the best possible ends, no matter their means.

This essay was written with Nathan Sanders, and previously appeared in MIT Technology Review.

Read More

Microsoft observed attackers continually attempting to compromise connected systems at the 2022 World Cup

Read More

Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware.

Read more in my article on the Tripwire State of Security blog.

Read More

Google Cloud figures also point to misconfiguration

Read More