-
New cyberattack tactics rise up as ransomware payouts increase
PRIVACY PRIVACY While phishing, business email compromise (BEC), and ransomware still rank among the most popular cyberattack techniques, a mix of new-breed attacks is gaining steam, according to a new report from cybersecurity and compliance company Proofpoint. “While conventional phishing remains successful, many threat actors have shifted to newer techniques, such as telephone-oriented attack delivery…
-
Malicious package flood on PyPI might be sign of new attacks to come
PRIVACY PRIVACY Over the weekend an attacker has been uploading thousands of malicious Python packages on the public PyPI (Python Package Index) software repository. If executed on a Windows system, these packages will download and install a Trojan program hosted on Dropbox. Flooding public package repositories with malicious packages is not entirely new. Last year…
-
US Gov. Agencies Have 30 Days to Remove TikTok, Canada Follows Suit
PRIVACY PRIVACY Within 90 days, agencies must also cancel existing contracts that necessitate the app’s use Read More
-
LastPass Data Stolen in August 2022 Breach Used For December Attack
PRIVACY PRIVACY Threat actors obtained credentials and keys later used to access and decrypt some storage volumes Read More
-
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022
PRIVACY PRIVACY Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a…
-
Ransomware Attack Hits US Marshals Service
PRIVACY PRIVACY Drew Wade, chief of the Marshals Service public affairs office, made the announcement on Monday Read More
-
Separating FUD from Practical for Post-Quantum Cryptography
PRIVACY PRIVACY Post-quantum cryptography is still a few years from reaching required system capability levels. But organizations can take steps now to prepare. […] Read More
-
Well-funded security systems fail to prevent cyberattacks in US and Europe: Report
PRIVACY PRIVACY Multi-layered, well-funded cybersecurity systems are unable to protect enterprises in the US and Europe from cyberattacks, according to a report by automated security validation firm Pentera. The report, which was based on a survey of 300 CIOs, CISOs and security executives to get insights on their current IT and security budgets and cybersecurity…
-
The Reviews are In—McAfee+ Earns Top Marks from Review Sites
PRIVACY PRIVACY We created McAfee+ so people can be safe and feel safe online, particularly in a time where there’s so much concern about identity theft and invasions of online privacy—and reviewers have given it top marks as a result. With data breaches, spam texts and calls, companies collecting and selling personal info, and suspicious…
-
Side-Channel Attack against CRYSTALS-Kyber
PRIVACY PRIVACY CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process. Researchers have just published a side-channel attack—using power consumption—against an implementation of the algorithm that was supposed to be resistant against that sort of attack. The algorithm is not “broken” or “cracked”—despite headlines to…