NCSC Warns Admins Not to Disable Updates to Keep Flash Alive in 2021
A dire warning came from UK’s National Cyber Security Centre (NCSC), advising IT administrators not to disable the update mechanism to keep Adobe Flash past its end-of-life date, set for the end of 2020. It’s been a long time coming. Adobe Flash is finally going away, with all of the ... Read More
Linux and macOS Versions of Commercial ‘Malware’ FinSpy Found Online by Amnesty International
Amnesty International revealed the existence of Linux and macOS variants of FinSpy, a commercially available spy suite used extensively by threat actors, as well as law enforcement agencies and government from around the world. Criminals are not responsible for all spyware, and FinSpy is just one example of a commercial ... Read More
BEC Attacks Drastically Increased in August, Report Finds
A new analysis from Abnormal Security revealed that BEC (Business Email Compromise) attacks affected 99 percent of companies in August, a sharp increase from the 70 percent registered at the beginning of the month ... Read More
ISPs Can and Should Protect Users Against DDoS Attacks
Household IoT devices face an ever-increasing risk without proper security Hackers compromise IoT devices and integrate them into botnets responsible for major DDoS attacks ISPs can do much more to protect their customers and infrastructure IoT makes people's lives more comfortable, but for all the good it does, it's also ... Read More
Most SMBs Prepare for an Attack in the Next Six Months, Survey Shows
SMBs are not prepared for security incidents but are looking for more protection Cybersecurity investment from SMB will likely rise A majority of SMBs believe that cybersecurity will be outsourced in the next five years Small and medium businesses (SMB) know that cybersecurity is a priority, but their leaders also ... Read More
IoT Devices Ship with Security Flaws Because Profit Drive the Market
The main driver of the IoT market is not innovation and the final product suffers The IoT gold rush brings more and more unsecure devices because standards and regulations don’t really exit Security for IoT devices can still be achieved, even in these conditions, and the solution is in the ... Read More
Hacker Steals $7.5 Million from Maryland Non-Profit by Compromising Employee’s Personal Computer
A hacker stole $7.5 million from the endowment funds of The Jewish Federation of Greater Washington, a non-profit from Maryland in the US. Such security incidents perfectly illustrate the dangers of working from home, as the hacker compromised the personal computer of an employee working remotely. CEO Gil Preuss made ... Read More
Data Breach at Roper St. Francis Hospital Affects 6,000 Patients
Roper St. Francis Hospital (RSFH) has reported that 6,000 patients are directly affected by a data breach that allowed attackers to steal their medical records and other personal information. Healthcare private data is one of the most valuable commodities on the black market. It might seem odd that medical information ... Read More
BEC Attack Payments Are on the Rise, Report Finds
Criminals look for higher BEC payments Gift card frauds are the most common BEC incidents One Russian BEC operation tries to hit companies with $1.27 million attack The average payments made through Business Email Compromise (BEC) attacks are increasing significantly, according to a new report APWG Phishing Activity Trends Report ... Read More
Apple Notarized Malware by Mistake, Hackers Ran it Through Third-Party Website
Notarized apps should be safe on macOS Threat actors try to deploy “approved” malware through website Apple revoked certificates, but malware is still up Apple’s notarization system let a piece of malware into the macOS ecosystem, allowing attackers to load aggressive adware onto devices of people who were visiting a ... Read More
