-
FBI Hacker Dropped Stolen Airbus Data on 9/11
PRIVACY PRIVACY In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “USDoD” had infiltrated the FBI‘s vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying all InfraGard members and by seizing the cybercrime forum where the data was being sold.…
-
Smashing Security podcast #339: Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?
PRIVACY PRIVACY Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee… just to send $1,865. Oh, and our guest mentions Mr Blobby (to the horror of the show’s hosts…) All this and much much more is discussed in the latest edition of the…
-
New Microsoft Teams Phishing Campaign Targets Corporate Employees
PRIVACY PRIVACY The new campaign is believed to be perpetrated by Storm-0324, which distributes the payloads of other attackers after achieving initial network compromise Read More
-
Cookie Theft: How to Keep Cybercriminals Out of Your Accounts
PRIVACY PRIVACY Chocolate chip, oatmeal raisin, snickerdoodle: Cybercriminals have a sweet tooth just like you. But their favorite type of cookie is of the browser variety. Browser cookies – often just referred to as cookies – track your comings and goings on websites. And when a cyber thief gets their mitts on your browser cookies,…
-
Defense-in-Depth: A Necessary Approach to Cloud Security
PRIVACY PRIVACY Defense-in-depth is a necessary methodology for securing the cloud. Here’s how the Center for Internet Security can help your organization. Read More
-
MGM Criticized for Repeated Security Failures
PRIVACY PRIVACY The malware researchers’ collective Vx-underground claimed that ALPHV/BlackCat was behind the attack against the casino giant Read More
-
Zero-Click Exploit in iPhones
PRIVACY PRIVACY Make sure you update your iPhones: Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061, allowed the attackers…
-
Chilling Lack of Cyber Experts in UK Government, Finds Parliamentary Inquiry
PRIVACY PRIVACY The parliamentary inquiry heard there are “particular shortages” of cybersecurity experts in the civil service, with pay restraints a major factor Read More
-
Eco-hacks: The intersection of sustainability and cyber threats
PRIVACY PRIVACY The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Environmental sustainability is more important than ever before for organizations across all sectors. Sustainability concerns including geopolitics, future-focused developments, advanced ESG…
-
Microsoft Fixes Two Zero-Day Bugs Used in Attacks
PRIVACY PRIVACY Microsoft announces updates for around 60 CVEs Read More