-
Crypto Finance Firm Offers $2m Bug Bounty to Hackers
Crypto Finance Firm Offers $2m Bug Bounty to Hackers A decentralized lending platform that lost $80m to hackers has offered them an astonishing multimillion-dollar bug bounty in return for the stolen funds. Qubit Finance revealed at the end of last week that an attacker had exploited a vulnerability in its QBridge deposit function. In doing…
-
QNAP Ransomware: Thousands Infected with DeadBolt
QNAP Ransomware: Thousands Infected with DeadBolt Thousands of QNAP users have been infected by a new ransomware variant flagged by the network-attached storage (NAS) vendor last week, according to a security vendor. Taiwan-headquartered QNAP said last week that customers should urgently upgrade their systems to the latest version of its QTS operating systems and take…
-
DDoS attacks: Definition, examples, and techniques
What is a DDoS attack? A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it’s…
-
12 CISO resolutions for 2022
It’s still early days, but if this year is anything like years past, it’s safe to say CISOs will have a lot to contend with, from a continuing labor shortage to the increasing sophistication of cyberattacks to an ongoing threat from nation-state actors. However, they also have plenty of ideas on how they’ll tackle those…
-
Latest Proof of Concept Details How iOS Malware May Snoop on Our Devices
Smartphones have become such an integral part of our lives that it’s hard to imagine a time when we didn’t have them. We carry so much of our lives on our devices, from our social media accounts and photos of our pets to our banking information and home addresses. Whether it be just for fun…
-
Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams
Several articles here have delved into the history of John Bernard, the pseudonym used by a fake billionaire technology investor who tricked dozens of start-ups into giving him tens of millions of dollars. Bernard’s latest victim — a Norwegian startup hoping to build a fleet of environmentally friendly shipping vessels — is now embroiled in…
-
Friday Squid Blogging: Cephalopods Thirty Million Years Older Than Previously Thought
New fossils from Newfoundland push the origins of cephalopods to 522 million years ago. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
FBI Issues Warning Over Iranian Cyber Company
FBI Issues Warning Over Iranian Cyber Company The Federal Bureau of Investigation (FBI) has issued a Private Industry Notice on protecting against malicious activity by Iranian cyber company Emennet Pasargad (formerly known as Eeleyanet Gostar). Two Iranian nationals employed by the company were indicted on October 20 2021 by a grand jury in the US District Court…
-
Most Ransomware Infections are Self-installed
Most Ransomware Infections are Self-installed New research from managed detection and response (MDR) provider Expel found that most ransomware attacks in 2021 were self-installed. The finding was included in the company’s inaugural annual report on cybersecurity trends and predictions, Great eXpeltations, published on Thursday. Researchers found eight out of ten ransomware infections occurred after victims unwittingly opened…
-
Water Utilities Get 100-Day Cybersecurity Plan
Water Utilities Get 100-Day Cybersecurity Plan The United States Environmental Protection Agency (EPA) has drawn up a 100-day game plan to help protect the nation’s water systems from cyber-attacks. The Industrial Control Systems Cybersecurity Initiative – Water and Wastewater Sector Action Plan focuses on high-impact acts that can be performed within 100 days to improve cybersecurity across…