-
Friday Squid Blogging: Squid Food Poisoning
PRIVACY PRIVACY University of Connecticut basketball player Jordan Hawkins claims to have suffered food poisoning from calamari the night before his NCAA finals game. The restaurant disagrees: On Sunday, a Mastro’s employee politely cast doubt on the idea that the restaurant might have caused the illness, citing its intense safety protocols. The staffer, who spoke…
-
CISA warns of critical flaws in ICS and SCADA software from multiple vendors
PRIVACY PRIVACY The US Cybersecurity and Infrastructure Security Agency (CISA) published seven advisories this week covering vulnerabilities in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) software from multiple vendors. Some of the flaws are rated critical and two of them already have public exploits. The impacted products include: Scadaflex II controllers…
-
What Parents Need To Know About TikTok’s New Screen Time Limits
PRIVACY PRIVACY Social media platforms often get a hard time by us parents. But a recent announcement by TikTok of industry first screen time limits might just be enough to win you over. On March 1, the social media platform announced that it will automatically impose a 60-minute daily screen time limit to every account…
-
NTC Vulkan leak shows evolving Russian cyberwar capabilities
PRIVACY PRIVACY National habits and perspectives on waging war are not just apparent in terrestrial conflict. In cyberspace, national ways of cyberwar clearly exist. From the unusually aggressive style of Israeli responses to regional cyber threat activities to the consistent correlation between Communist Party interests and China-attributed cyber espionage, a host of examples show that…
-
Seized Genesis malware market’s infostealers infected 1.5 million computers
PRIVACY PRIVACY Infamous hacker marketplace Genesis, which was taken down this week by an international law enforcement operation involving 17 countries, was selling access to millions of victim computers gained via the DanaBot infostealer and likely other malware. Trellix, the cybersecurity firm that assisted in the takedown of the Genesis site, said that malware used…
-
Default static key in ThingsBoard IoT platform can give attackers admin access
PRIVACY PRIVACY Developers of ThingsBoard, an open-source platform for managing IoT devices that’s used in various industry sectors, have fixed a vulnerability that could allow attackers to escalate their privileges on a server and send requests with administrative privileges. The vulnerability, tracked as CVE-2023-26462, was discovered and privately reported by researchers from IBM Security X-Force.…
-
CIS Benchmarks April 2023 Update
PRIVACY PRIVACY Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for April 2023. Read More
-
Ukrainian hackers spend $25,000 of pro-Russian blogger’s money on sex toys
PRIVACY PRIVACY A pro-Russian blogger who raised $25,000 for drones to assist Russian troops fighting in Ukraine, has received a huge delivery of sex toys instead. Read more in my article on the Hot for Security blog. Read More
-
A fireside chat with four CISOs about how they secure their cybersecurity firms from attack
PRIVACY PRIVACY On Tuesday 11 April, I’ll be joined by the CISOs of security firms Wiz, Rubrik, Noname, and Abnormal, for a friendly chat about how they protect their organisations from the huge number of threats targeting them. I hope to see some of you there! Read More
-
Threat Actors Increasingly Use Telegram For Phishing Purposes
PRIVACY PRIVACY The findings come from cybersecurity experts at Kaspersky Read More