-
European Police Flag 500+ Pieces of Terrorist Content
European Police Flag 500+ Pieces of Terrorist Content European police have found and referred 563 pieces of terrorist content to service providers in the region, as a UK man was jailed for sharing a bomb-making manual online. The Referral Action Day took place last week at Europol’s headquarters. The EU’s Internet Referral Unit (EU IRU) coordinated the…
-
Swissport Ransomware Attack Delayed Flights
Swissport Ransomware Attack Delayed Flights Airport services giant Swissport is restoring its IT systems after a ransomware attack struck late last week, delaying flights. The Zurich-headquartered firm operates everything from check-in gates and airport security to baggage handling, aircraft fuelling and de-icing and lounge hospitality. It claims to have provided ground services to 97 million passengers last…
-
CISOs are burned out and falling behind
The CISO’s text was brief but telling: “I never want an operational role again,” it read, arriving on Jeff Pollard’s phone in December as security teams scrambled to deal with the latest headline-making threat, Log4j. “He’s an effective CISO with a long tenure, but his mentality was ‘Here we go again.’ He was speaking to…
-
Social engineering: Definition, examples, and techniques
What is social engineering? Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems, or data. For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee…
-
Crypto Firm Meter Loses $4.4m in Cyber-Heist
Crypto Firm Meter Loses $4.4m in Cyber-Heist Yet another cryptocurrency firm has been hacked to the tune of millions of dollars. Meter provides decentralized finance (DeFi) infrastructure services, linking siloed blockchains for users with so-called “cross-chain bridges.” Over the weekend, it revealed that an unauthorized intruder had managed to exploit a bridge vulnerability to mint…
-
How iOS Malware May Snoop on Our Devices
Smartphones have become such an integral part of our lives that it’s hard to imagine a time when we didn’t have them. We carry so much of our lives on our devices, from our social media accounts and photos of our pets to our banking information and home addresses. Whether it be just for fun…
-
Emotet’s Uncommon Approach of Masking IP Addresses
Authored By: Kiran Raj In a recent campaign of Emotet, McAfee Researchers observed a change in techniques. The Emotet maldoc was using hexadecimal and octal formats to represent IP address which is usually represented by decimal formats. An example of this is shown below: Hexadecimal format: 0xb907d607 Octal format: 0056.0151.0121.0114 Decimal format: 185.7.214.7 This change…
-
Friday Squid Blogging: Are Squid from Another Planet?
An actually serious scientific journal has published a paper speculating that octopus and squid could be of extraterrestrial origin. News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
FBI’s warning about Iranian firm highlights common cyberattack tactics
The US Federal Bureau of Investigation (FBI) has released a warning outlining the TTP (tactics, techniques, and protocols) of Iran-based Emennet Pasargad, reportedly a cybersecurity and intelligence firm servicing Iranian government agencies, to help recipients inform and defend themselves against the group’s malicious activities. In the FBI’s Private Industry Notification, the agency confirms that two…
-
Major Vulnerability Found in Argo CD
Major Vulnerability Found in Argo CD Security researchers at Apiiro have discovered a significant software supply chain zero-day vulnerability in the popular open-source continuous delivery platform, Argo CD. Used by thousands of organizations globally, Argo CD is a tool that reads environment configurations (written as a helm chart, kustomize files, jsonnet or plain YAML files) from git repositories…