Category: IT SECURITY GURU

Add yet another malicious encryption program to the expanding ranks of ransomware programs that target large enterprise networks in hopes of scoring big financial payoffs. The latest such threat is called Snake, a ransomware program written in the Go programming…

Read more →

The attack, still under investigation, hit early in the morning of Jan. 7. On the opening day of the huge Consumer Electronics Show (CES), officials in Las Vegas were busy assessing the damage from a cyberattack that hit the city.…

Read more →

The Pittsburgh Unified School District is still recovering from a ransomware attack that took place over the holiday recess, but its superintendent says school is open for business. Janet Schulze, Superintendent, Pittsburg (Pa.) Unified School District, told district members in…

Read more →

An attacker is attempting to take advantage of the recent warnings about possible Iranian cyberattacks by using it as a theme for a phishing attack that tries to collect Microsoft login credentials. With the rising escalations between the United States and…

Read more →

The personal and medical information of 49,351 patients was exposed following a security incident involving two employees’ email accounts as disclosed by Minnesota-based Alomere Health. Alomere Health is a community-owned and non-profit general medical and surgical hospital with 127 beds that has been twice named…

Read more →

Police are investigating hackers holding Travelex’s computers for ransom, forcing the company’s staff to resort to using pen and paper to record transactions. The firm initially said it had discovered the attack on New Year’s Day and immediately took its systems down,…

Read more →

Recent US military action in Baghdad could prompt retaliatory attacks against US organizations, it says. Concerns about an Iranian cyber response to the recent American military strike in Baghdad grew this week with the US Department of Homeland Security urging…

Read more →

Facebook is rolling out a new set of rules aimed at curbing the spread of manipulated media as the specter of highly convincing deepfake videos looms large over not only the US presidential elections. An announcement by the platform’s vice president of…

Read more →

By John Conwell, data scientist at DomainTools   The security industry is in constant flux. As attackers move the goal posts in order to further their own nefarious aims, the security industry scrambles to keep up. As we approach the beginning…

Read more →

The Federal Depository Library Program (FDLP) website was attacked by a group of hackers claiming to represent the government of Iran. An obscure US federal website was attacked and vandalized on January 4, resulting in the site being taken down…

Read more →

The communications app faces continued backlash after a New York Times report said it was used as a government spying tool. Mobile application ToTok has been reinstated to the Google Play app ecosystem, after it was removed last month due…

Read more →

The Federal Trade Commission (FTC) finalized a settlement with a Utah-based tech company that got hacked and had the personal info of over a million clients stolen following a series of more than 20 undetected network intrusions. InfoTrax Systems, a…

Read more →

A U.S. government website was vandalized late Saturday by hackers who posted images of a bloodied President Donald Trump being punched in the face and pro-Iran messages. The defaced website was the Federal Depository Library Program (FDLP) website, which makes U.S. federal government…

Read more →

The Austrian State Department’s IT systems were under a ‘serious attack’ suspected to be carried out by a state-backed threat group according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI). “A coordination committee…

Read more →

An ongoing and “serious cyberattack” at Austria’s foreign ministry could be the work of nation-state actors, the country’s government said. The ministry has set up a “coordination committee” to respond to the attack, which started as the country’s Greens party…

Read more →

HappyHotel.jp is a website that operates similarly to Booking.com, but lets registered users search and book rooms in love hotels across Japan. In a message posted on its website, Almex, the company behind the service, said it detected unauthorized access to its servers…

Read more →

A London regimental association is on alert after email scammers posing as the group’s president tried to fool veterans into sending cash. The First Hussars Association, representing about 140 retired members of the London-based regiment, saw its members targeted by…

Read more →

Although it stressed there is no evidence of a specific credible threat to the U.S. after the killing Iranian General Qasem Soleimani, the Department of Homeland Security Saturday issued a National Terrorism Advisory System Bulletin warning of retaliation, including cyberattacks. Source: SC…

Read more →

Artificial intelligence programmers are developing bots that can identify digital bullying and sexual harassment. Known as “#MeTooBots” after the high-profile movement that arose after allegations against the Hollywood producer Harvey Weinstein, the bots can monitor and flag communications between colleagues and are…

Read more →

Tim Mackey, Principal Security Strategist for the Synopsys CyRC (Cybersecurity Research Centre): Politicians, be weary of digital assistants Cyber-attacks on 2020 candidates will become more brazen. While attacks on campaign websites have already occurred in past election cycles, targeted attacks…

Read more →

The U.S. Coast Guard last month issued a safety bulletin following a ransomware attack that impaired both the IT systems and industrial control systems of a facility regulated by the Maritime Transportation Security Act (MTSA), and prompted a 30-hour operational shutdown. The…

Read more →

KnowBe4, the company that provides the world’s largest security awareness training and simulated phishing platform, today announced a massive year-over-year sales increase with another record-breaking quarter. In the fourth quarter of 2019, KnowBe4 reached 54% growth over Q4 2018, increasing…

Read more →

Sextortion scammers have started to utilize new tactics to bypass spam filters and secure email gateways so that their scam emails are delivered to their intended recipients. Sextortion scams are emails that pretend to be from an attacker who has…

Read more →

Active Network’s Blue Bear Software platform reported that unauthorized activity in its network earlier this year resulted in customer PII being exposed. The company reported the issue to the California Attorney General’s office stating it recently became aware that between Oct. 1,…

Read more →

One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. The severity rating of the vulnerability was set to critical as…

Read more →

An exposed Elasticsearch database, owned by Internet of Things (IoT) company Wyze, was discovered leaking connected device information and emails of millions of customers. Wyze makes smart home cameras and connected devices like connected bulbs and plugs, which can be…

Read more →

It has been reported that Canadian banks are being impersonated in a phishing campaign targeting both individuals and businesses via a large-scale infrastructure shared with previous attacks going back to 2017 and pointing to the same attackers. The infrastructure behind these Canadian focused attacks includes hundreds of…

Read more →