-
Merck Settles With Insurers Over $700m NotPetya Claim
Pharma giant Merck has reached a settlement with cyber-insurers that refused to pay out for “acts of war” Read More
-
Security Firm Certik’s Account Hijacked to Spread Crypto Drainer
Blockchain security firm Certik had its own social media account hacked to push a crypto scam Read More
-
Friday Squid Blogging—18th Anniversary Post: New Species of Pygmy Squid Discovered
They’re Ryukyuan pygmy squid (Idiosepius kijimuna) and Hannan’s pygmy squid (Kodama jujutsu). The second one represents an entire new genus. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. And, yes, this is the eighteenth anniversary of Friday Squid Blogging. The first…
-
CertiK Twitter account hijacked by cryptocurrency scammer posing as Forbes journalist
Web3 security outfit CertiK has fallen foul of scammers, who managed to hijack its Twitter account to share a malicious link to a fake version of the Revoke.cash project. Read More
-
19 xDedic Cybercrime Market Users and Admins Face Prison
The dark web site’s infrastructure was taken down in 2019 following an international law enforcement operation Read More
-
Cyber-Attacks Drain $1.84bn from Web3 in 2023
A Certik report found there was $1.84bn in losses across 751 cybersecurity incidents targeting Web3 in 2023 Read More
-
NIST Fortifies Chatbots and Self-Driving Cars Against Digital Threats
This effort is the first step in NIST’s broader mission to support the development of trustworthy AI Read More
-
Improving Shor’s Algorithm
We don’t have a useful quantum computer yet, but we do have quantum algorithms. Shor’s algorithm has the potential to factor large numbers faster than otherwise possible, which—if the run times are actually feasible—could break both the RSA and Diffie-Hellman public-key algorithms. Now, computer scientist Oded Regev has a significant speed-up to Shor’s algorithm, at…
-
AsyncRAT loader: Obfuscation, DGAs, decoys and Govno
Executive summary AT&T Alien Labs has identified a campaign to deliver AsyncRAT onto unsuspecting victim systems. During at least 11 months, this threat actor has been working on delivering the RAT through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat actor is…
-
23andMe Blames User “Negligence” for Data Breach
A 23andMe letter sent to a legal firm representing victims of the data breach claims that users were at fault for recycling passwords Read More