-
Blockchain Basics: What’s Blockchain Technology and How Might It Change Our Lives?
PRIVACY PRIVACY What’s blockchain technology? The term gets bandied about often enough, but it doesn’t always get the explanation it deserves. Understanding the basics of blockchain can help you understand several of the big changes that are taking place online. It’s the foundational technology that underpins cryptocurrency and NFTs (non-fungible tokens), yet it has several…
-
BlackLotus bootkit patch may bring “false sense of security”, warns NSA
PRIVACY PRIVACY The NSA has publsihed a guide about how to mitigate against attacks involving the BlackLotus bootkit malware, amid fears that system administrators may not be adequately protecting against the threat. Read more in my article on the Tripwire State of Security blog. Read More
-
Millions of GitHub repositories vulnerable to RepoJacking: Report
PRIVACY PRIVACY Millions of GitHub repositories are potentially vulnerable to RepoJacking, which allows an attacker to carry out code execution on organizations’ internal environments or on their customers’ environments, according to research by AquaSec. AquaSec analyzed a sample of 1.25 million GitHub repositories and found that about 2.95% were vulnerable to RepoJacking, including repositories belonging…
-
#InfosecurityEurope: BlackBerry Cybersecurity President Warns Against Heavy-Handed AI Regulation
PRIVACY PRIVACY BlackBerry president John Giamatteo acknowledged that governments should intervene to mitigate AI risks – and his company is willing to help them Read More
-
NCSC Updates Cybersecurity Guidance for the Legal Sector
PRIVACY PRIVACY Law firms remain a popular target for attack Read More
-
Manchester University Breach Victims Hit with Triple Extortion
PRIVACY PRIVACY Threat actors seek to put pressure on university to pay Read More
-
FBI Analyst Gets Three Years For National Security Breach
PRIVACY PRIVACY Kendra Kingsbury smuggled classified documents out on storage media Read More
-
SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool
PRIVACY PRIVACY The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. “smishing”) messages that spoofed UPS and other top brands. The missives addressed recipients by name, included details about recent orders, and warned that…
-
China-sponsored APT group targets government ministries in the Americas
PRIVACY PRIVACY An advanced persistent threat (APT) group named Flea has been carrying out attacks against foreign affairs ministries in North and South America using a new backdoor called Graphican, according to a report by the Symantec Threat Hunter Team. The campaign ran from late 2022 into early 2023. It also targeted a government finance…
-
#InfosecurityEurope Case Study: Attack Surface Operations at Nationwide
PRIVACY PRIVACY Nationwide Building Society is setting up a new team tasked with monitoring and managing its attack surface Read More