-
How Phishers Are Slinking Their Links Into LinkedIn
If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage of a marketing feature on the business networking site which lets them create a LinkedIn.com link that bounces your browser to other websites, such…
-
Google adds Python to its differential privacy repertoire
Google has announced it’s adding Python to the languages supported by one of its open-source projects designed to bolster privacy on the internet. The project includes a library and tools for using differential privacy, a technology designed to preserve an individual’s privacy in large data sets. “Previously, our differential privacy library was available in three…
-
Education Provider Infosec Announces New Cybersecurity Scholarships
Education Provider Infosec Announces New Cybersecurity Scholarships Cybersecurity education provider Infosec Institute is offering scholarships to 15 individuals from underrepresented groups in the cybersecurity industry. The $225k in scholarship opportunities will be meted out to veterans, people who identify as BIPOC, students, women who are actively pursuing a career in cybersecurity and members of the LGBTQI+ communities.…
-
Iranian APT group uses previously undocumented Trojan for destructive access to organizations
Researchers have come across a previously undocumented Trojan used by an APT group of Iranian origin that has been targeting organizations in Israel but also other countries since last year with the intention of damaging their infrastructure. The group, tracked as Moses Staff by researchers from security firm Cybereason, has been operating since at least…
-
DHS Creates Cyber Safety Review Board
DHS Creates Cyber Safety Review Board The United States Department of Homeland Security has established a Cyber Safety Review Board (CSRB) to investigate “significant cyber incidents.” Mandated via President Joe Biden’s May 12 2021 executive order (EO 14028) on improving the nation’s cybersecurity, the board “shall review and assess, with respect to significant cyber incidents […]…
-
BlackCat ransomware – what you need to know
BlackCat (also known as ALPHV) is a relatively new ransomware-as-a-service operation, which has been aggressively recruiting affiliates from other ransomware groups and targeting organisations worldwide. Read more in my article on the Tripwire State of Security blog. Read More
-
#Enigma2022: Contextual Security Should Supplement Machine Learning for Malware Detection
#Enigma2022: Contextual Security Should Supplement Machine Learning for Malware Detection Malware continues to be one of the most effective attack vectors in use today, and it is often combatted with machine learning-powered security tools for intrusion detection and prevention systems. According to Nidhi Rastogi, Assistant Professor at the Rochester Institute of Technology, machine learning security…
-
KP Snacks Hit by Cyber-attack
KP Snacks Hit by Cyber-attack Brits could be facing a snack shortage following a cyber-attack on 169-year-old food producer KP Snacks. The German-owned maker of KP Nuts, Hula Hoops, Choc Dips, Nik Naks and Butterkist popcorn was targeted by threat actors on Friday. After gaining access to the company’s network, hackers deployed ransomware and took the…
-
CVE-2022-20699, CVE-2022-20700, CVE-2022-20708: Critical Flaws in Cisco Small Business RV Series Routers
Cisco patches 15 flaws in Cisco Small Business RV Series Routers, including three with critical 10.0 CVSSv3 scores. Update February 4: Cisco has updated their advisory to announce partial patches for the RV160 and RV260 Series Routers. The Solution section has been updated with this information. Background On February 2, Cisco published an advisory for…
-
Zero trust with zero passwords – free guide explains what you need to know
Graham Cluley Security News is sponsored this week by the folks at HYPR. Thanks to the great team there for their support! A new guide provides practical guidance for eliminating passwords to accelerate your Zero Trust strategy, and explains how Zero Trust can increase business agility. The free guide, by the analysts at The Cyber…