News

  • Crypto Firm Meter Loses $4.4m in Cyber-Heist

    Crypto Firm Meter Loses $4.4m in Cyber-Heist Yet another cryptocurrency firm has been hacked to the tune of millions of dollars. Meter provides decentralized finance (DeFi) infrastructure services, linking siloed blockchains for users with so-called “cross-chain bridges.” Over the weekend, it revealed that an unauthorized intruder had managed to exploit a bridge vulnerability to mint…

    Read More

  • How iOS Malware May Snoop on Our Devices

    Smartphones have become such an integral part of our lives that it’s hard to imagine a time when we didn’t have them. We carry so much of our lives on our devices, from our social media accounts and photos of our pets to our banking information and home addresses. Whether it be just for fun…

    Read More

  • Emotet’s Uncommon Approach of Masking IP Addresses

    Authored By: Kiran Raj In a recent campaign of Emotet, McAfee Researchers observed a change in techniques. The Emotet maldoc was using hexadecimal and octal formats to represent IP address which is usually represented by decimal formats. An example of this is shown below: Hexadecimal format: 0xb907d607 Octal format: 0056.0151.0121.0114 Decimal format: 185.7.214.7 This change…

    Read More

  • Friday Squid Blogging: Are Squid from Another Planet?

    An actually serious scientific journal has published a paper speculating that octopus and squid could be of extraterrestrial origin. News article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More

    Read More

  • FBI’s warning about Iranian firm highlights common cyberattack tactics

    The US Federal Bureau of Investigation (FBI) has released a warning outlining the TTP (tactics, techniques, and protocols) of Iran-based Emennet Pasargad, reportedly a cybersecurity and intelligence firm servicing Iranian government agencies, to help recipients inform and defend themselves against the group’s malicious activities.  In the FBI’s Private Industry Notification, the agency confirms that two…

    Read More

  • Major Vulnerability Found in Argo CD

    Major Vulnerability Found in Argo CD Security researchers at Apiiro have discovered a significant software supply chain zero-day vulnerability in the popular open-source continuous delivery platform, Argo CD. Used by thousands of organizations globally, Argo CD is a tool that reads environment configurations (written as a helm chart, kustomize files, jsonnet or plain YAML files) from git repositories…

    Read More

  • Nord Security and Surfshark to Merge

    Nord Security and Surfshark to Merge Lithuanian-based cybersecurity companies and rival virtual private network (VPN) providers Nord Security and Surfshark have finalized a merger agreement. The companies said that the merger would “open new technical knowledge-sharing opportunities and enable more focused market diversification.” Both companies will continue to operate autonomously and maintain separate infrastructure and product roadmaps. Since both companies…

    Read More

  • Tennessee College Hit with Ransomware

    Tennessee College Hit with Ransomware A cyber-attack on a community college in Tennessee may have exposed the personal data of students, staff and faculty.  Attackers struck Pellissippi State Community College (PSCC) with ransomware on December 5 2021. The digital assault shut down online network connections to all five of its campuses during finals week, disrupting online exams. …

    Read More

  • #Enigma2022: Security’s Role in Helping HealthTech Find Its Way

    #Enigma2022: Security’s Role in Helping HealthTech Find Its Way Securing healthcare technologies is critical to human health and safety, not just in the medical setting but also with consumer HealthTech. In an afternoon session on February 3 at the Engima 2022 conference, Joy Forsythe, director of security at Alto Pharmacy, explained that HealthTech is a growing…

    Read More

  • The EARN IT Act Is Back

    Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC) have re-introduced the EARN IT Act, an incredibly unpopular bill from 2020 that was dropped in the face…

    Read More