The retail giant warned holiday shoppers that Honey, a popular browser extension, was a “security risk.” Honey denies the claim. Advertise on IT Security News. Read the complete article: Amazon Takes a Swipe at Paypal’s $4 Billion Acquisition
Student Spotlight: Mindset and Community with Suhyun Smith, OSCP
Learn how dedication, mindset, and community empowered Suhyun Smith in her OSCP certification journey, and get her tips for success. Advertise on IT Security News. Read the complete article: Student Spotlight: Mindset and Community with Suhyun Smith, OSCP
TrickBot gangs developed the PowerTrick backdoor for high-value targets
Researchers at SentinelLabs reported that TrickBot operators used a new PowerShell backdoor in recent attacks aimed at high-value targets. SentinelLabs experts discovered a new PowerShell backdoor used by TrickBot operators in recent attacks aimed at Powershell high-value targets, such as…
Top Secrets Management Tools Compared
As apps become more complex in the way they use microservices, managing API keys and other secrets becomes more challenging as well. Microservices running in containers need to transfer secrets to allow them to communicate with each other. Each of…
Resolving or revolving? Make 2020 the year for Zero Trust
It’s a new decade. Time for a change. Are you ready to stop “revolving” and start “resolving”? Advertise on IT Security News. Read the complete article: Resolving or revolving? Make 2020 the year for Zero Trust
North Korean Hackers Continue to Target Cryptocurrency Exchanges
Over the past year and a half, the North Korea-linked Lazarus group has continued attacks on cryptocurrency exchanges but modified its malware and some techniques, Kaspersky reports. read more Advertise on IT Security News. Read the complete article: North…
Senators Prod FCC to Act on SIM Swapping
Crooks have stolen tens of millions of dollars and other valuable commodities from thousands of consumers via “SIM swapping,” a particularly invasive form of fraud that involves tricking a target’s mobile carrier into transferring someone’s wireless service to a device…
Clop ransomware looks to target Windows 10 apps
A new variant of the Clop ransomware which targets Windows 10 apps such as text editors and office applications as well as other processes has been discovered in the wild. When the Clop ransomware first appeared in February of 2019,…
Lazarus Group Carries Out Continuation of Operation AppleJeus
North Korea (Lazarus Group): In 2018, Lazarus Group was linked to an operation that was dubbed “AppleJeus.” This operation was unique in the fact that it was the first time that Lazarus Group was noted targeting macOS. Recent analysis has…
2019’s Top 10 Webcasts
Continuing education allows cybersecurity professionals to stay in tune to the constant changes in the industry. (ISC)² provides webcasts throughout the year on various security-related topics to help keep you informed, as well as provide opportunities to earn CPEs. Based…
New Trickbot Powershell stager “PowerTrick” for High-Value-Targets
Researchers from Sentinal Labs have discovered a new PowerShell stager (PowerTrick) which is used by TrickBot as an Interactive Network Exploitation shell. Along with the ability to download the DNS-based Anchor malware, this stager typically also uses PowerView, Invoke-SessionGopher, Get-GPPPassword,…
1-15 December 2019 Cyber Attacks Timeline
Happy new infosec year! Let’s start this 2020 with the first timeline of December covering the main cyber attacks occurred during the first half of the same month. In this timeline I have collected a total of 81 events (including…