-
New Blog Moderation Policy
There has been a lot of toxicity in the comments section of this blog. Recently, we’re having to delete more and more comments. Not just spam and off-topic comments, but also sniping and personal attacks. It’s gotten so bad that I need to do something. My options are limited because I’m just one person, and…
-
Quishing Campaign Targets Chinese Citizens via Fake Official Documents
Cyber threat intelligence provider Cyble observed a new malicious QR code phishing campaign targeting Chinese citizens Read More
-
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations
Executive Summary LevelBlue Labs recently discovered a new highly evasive loader that is being delivered to specific targets through phishing attachments. A loader is a type of malware used to load second-stage payload malware onto a victim’s system. Due to the lack of previous samples observed in the wild, LevelBlue Labs has named this malware “SquidLoader,” given…
-
The Hacking of Culture and the Creation of Socio-Technical Debt
Culture is increasingly mediated through algorithms. These algorithms have splintered the organization of culture, a result of states and tech companies vying for influence over mass audiences. One byproduct of this splintering is a shift from imperfect but broad cultural narratives to a proliferation of niche groups, who are defined by ideology or aesthetics instead…
-
Cybersecurity Burnout Costing Firms $700m+ Annually
Hack The Box research claims employee burnout could be costing hundreds of millions in lost productivity Read More
-
G7 to Develop Cybersecurity Framework for Energy Sector
The G7 nations agree to develop a cybersecurity framework for key technologies used to operate electricity, oil and natural gas systems Read More
-
CIISec Urges Employers to Target Young Talent in Gaming Centers
The Chartered Institute of Information Security has issued a new guide to help firms recruit more talent Read More
-
Data breach at Total Fitness exposed almost half a million people’s photos – no password required
UK-based gym chain Total Fitness has been accused of sloppy security, following the discovery of an unsecured database containing the images of 470,000 members and staff – all accessible to anyone on the internet, no password required. Read more in my article on the Hot for Security blog. Read More
-
92% of Organizations Hit by Credential Compromise from Social Engineering Attacks
A Barracuda report found that 92% of organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023 Read More
-
Fake Meeting Software Spreads macOS Infostealer
Recorded Future has found that Vortax, a purported virtual meeting software, is actually malicious software spreading three information stealers Read More