News
-
Stories from the SOC – WannaCry malware
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Executive summary WannaCry malware was first discovered in May 2017 and a patch was released roughly two months prior to its public release.…
-
US Revokes China Unicom’s License
US Revokes China Unicom’s License The US government has effectively stripped another Chinese telecoms player of its license to operate in the country on national security grounds. The new Federal Communications Commission (FCC) order ends the ability of China Unicom Americas to provide telecoms services within the US. It follows a March 2021 finding by…
-
Crypto Finance Firm Offers $2m Bug Bounty to Hackers
Crypto Finance Firm Offers $2m Bug Bounty to Hackers A decentralized lending platform that lost $80m to hackers has offered them an astonishing multimillion-dollar bug bounty in return for the stolen funds. Qubit Finance revealed at the end of last week that an attacker had exploited a vulnerability in its QBridge deposit function. In doing…
-
QNAP Ransomware: Thousands Infected with DeadBolt
QNAP Ransomware: Thousands Infected with DeadBolt Thousands of QNAP users have been infected by a new ransomware variant flagged by the network-attached storage (NAS) vendor last week, according to a security vendor. Taiwan-headquartered QNAP said last week that customers should urgently upgrade their systems to the latest version of its QTS operating systems and take…
-
DDoS attacks: Definition, examples, and techniques
What is a DDoS attack? A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it’s…
-
12 CISO resolutions for 2022
It’s still early days, but if this year is anything like years past, it’s safe to say CISOs will have a lot to contend with, from a continuing labor shortage to the increasing sophistication of cyberattacks to an ongoing threat from nation-state actors. However, they also have plenty of ideas on how they’ll tackle those…
-
Latest Proof of Concept Details How iOS Malware May Snoop on Our Devices
Smartphones have become such an integral part of our lives that it’s hard to imagine a time when we didn’t have them. We carry so much of our lives on our devices, from our social media accounts and photos of our pets to our banking information and home addresses. Whether it be just for fun…
-
Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams
Several articles here have delved into the history of John Bernard, the pseudonym used by a fake billionaire technology investor who tricked dozens of start-ups into giving him tens of millions of dollars. Bernard’s latest victim — a Norwegian startup hoping to build a fleet of environmentally friendly shipping vessels — is now embroiled in…
-
Friday Squid Blogging: Cephalopods Thirty Million Years Older Than Previously Thought
New fossils from Newfoundland push the origins of cephalopods to 522 million years ago. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
FBI Issues Warning Over Iranian Cyber Company
FBI Issues Warning Over Iranian Cyber Company The Federal Bureau of Investigation (FBI) has issued a Private Industry Notice on protecting against malicious activity by Iranian cyber company Emennet Pasargad (formerly known as Eeleyanet Gostar). Two Iranian nationals employed by the company were indicted on October 20 2021 by a grand jury in the US District Court…