-
The NSA Has a Long-Lost Lecture by Adm. Grace Hopper
The NSA has a video recording of a 1982 lecture by Adm. Grace Hopper titled “Future Possibilities: Data, Hardware, Software, and People.” The agency is (so far) refusing to release it. Basically, the recording is in an obscure video format. People at the NSA can’t easily watch it, so they can’t redact it. So they…
-
Snowflake Breach at Advance Auto Parts Hits 2.3 Million People
Advance Auto Parts has confirmed a breach of its Snowflake account will impact millions Read More
-
RansomHub ransomware – what you need to know
Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence. Read more in my article on the Tripwire State of Security blog. Read More
-
NATO Set to Build New Cyber Defense Center
NATO members have agreed to develop a new integrated facility to help improve collective cyber-resilience Read More
-
ClickFix Deception: A Social Engineering Tactic to Deploy Malware
Yashvi Shah and Vignesh Dhatchanamoorthy McAfee Labs has discovered a highly unusual method of malware delivery, referred to by researchers as the “Clickfix” infection chain. The attack chain begins with users being lured to visit seemingly legitimate but compromised websites. Upon visiting, victims are redirected to domains hosting fake popup windows that instruct them to…
-
Apple Is Alerting iPhone Users of Spyware Attacks
Not a lot of details: Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April. Read More
-
Exposed! The AI-enhanced social media bot farm that pumped out Kremlin propaganda on Twitter
The US Justice Department, working in coordination with Canadian and Dutch authorities, has seized two domain names which it claims were being used by Russian-backed hackers to spread disinformation on social media. Read more in my article on the Hot for Security blog. Read More
-
Smashing Security podcast #380: Teachers TikTok targeted, and fraud in the doctors’ waiting room
Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Read More
-
CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities
An alert from the CISA and the FBI has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities Read More
-
2024 Cyber Resilience Research Unveils Healthcare Sector Challenges
New data illuminates how healthcare leaders can prioritize resilience. Organizations find themselves at the intersection of progress and peril in the rapidly evolving digital healthcare landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to healthcare institutions. One of the foremost obstacles is the disconnect between senior executives and cybersecurity…