-
Interview with the Head of the NSA’s Research Directorate
MIT Technology Review published an interview with Gil Herrera, the new head of the NSA’s Research Directorate. There’s a lot of talk about quantum computing, monitoring 5G networks, and the problems of big data: The math department, often in conjunction with the computer science department, helps tackle one of NSA’s most interesting problems: big data.…
-
Smashing Security podcast #260: New hire mystery, hacktivist ransomware, and digi-dating
Who’s that new guy working at your company, and why don’t you recognise him from the interview? How are hacktivists raising the heat in Belarus? And should you be fully vaxxed for your online date? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security…
-
Using KPIs to generate results in Cybersecurity
Gaining investment from business leaders to create a mature cybersecurity program and fund initiatives is an imperative for success in enterprise risk mitigation. All too often, security and IT organizations struggle to capture the attention of executives needed to advance their priorities and build even basic cybersecurity capabilities. Year after year, important initiatives get deprioritized…
-
Crunch! Ransomware hits KP Nuts, Hula Hoops, and McCoys crisps
The IT systems of KP Snacks have been hit by ransomware. And it might well impact the British public’s waistlines as well as the company’s profits: Read More
-
Growing Number of Phish Kits Bypass MFA
Growing Number of Phish Kits Bypass MFA Phishing kits designed to circumvent multi-factor authentication (MFA) by stealing session cookies are increasingly popular on the cybercrime underground, security researchers at Proofpoint have warned. After years of prompting by security teams and third-party experts, MFA finally appears to have reached a tipping point of user adoption. Figures from Duo Security cited…
-
Apple AirTag and other tagging devices add to CISO worries
We tag content, devices and our belongings. Tagging is ubiquitous today, in early 2022, but it wasn’t always the case. Stepping back into history, the late 1990s and early 2000s saw the unsavory side of competitive intelligence in Silicon Valley, with companies having their trash dumpsters siphoned for useful information, pretext calling to elicit inside…
-
Why buy now, pay later is the next big fraud risk for retailers
Retailers are offering customers more buy now, pay later (BNPL) finance purchasing options to drive sales across a wide range of products. Shoppers can get instant credit at the point of sale (POS) and then delay or spread payments (often at no extra cost) instead of paying outright at the time of purchase. This can…
-
Target releases web skimming detection tool Merry Maker as open source
Web skimming has been a major scourge for online shops over the past several years with attacks ranging from simple script injections into payment forms to sophisticated compromises of legitimate third-party scripts and services. Sometimes referred to as Magecart attacks, they have become the leading cause of card-not-present (CNP) fraud and have impacted small and…
-
Home Improvement Firm Fined £200k for Nuisance Calls
Home Improvement Firm Fined £200k for Nuisance Calls A Welsh home improvement firm has been fined £200,000 by the UK’s privacy watchdog after making more than half a million nuisance phone calls. Home2Sense Ltd of Lampeter made 675,478 nuisance calls between June 2020 and March 2021 to offer individuals insulation services, according to the Information Commissioner’s…
-
Online Thieves Steal $320m from Crypto Firm Wormhole
Online Thieves Steal $320m from Crypto Firm Wormhole Yet another cryptocurrency firm is offering a multimillion-dollar ‘bug bounty’ reward to those who hacked it after suffering a cyber-heist worth an estimated $322m. Wormhole operates what’s known as a cross-blockchain bridge, enabling holders of certain cryptocurrencies to transfer tokens, data and other assets between siloed blockchains. It…