TianySpy Malware Uses Smishing Disguised as Message From Telco
It has been some time since SMS or text messaging has become a means to spread mobile malware. In September 2021, Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The chain is triggered by a smishing message that appears to be sent from a telecommunications company. It is…
Tales from the Dark Web, Part 2: Ransomware Stacked With Distribution Services Creates the Perfect Storm
Ransomware incidents have increased dramatically over the past few years. Complaints about ransomware attacks to the FBI’s Internet Crime Complaint Center surged 62% in the first half of 2021 compared to a similar time frame in 2020, according to the Cybersecurity and Infrastructure Security Agency. To blunt this growing threat, security professionals need to understand…
Ukraine Attack: Hackers Had Access for Months Before Causing Damage
Tens of Ukrainian government websites were hacked earlier this month, many of them defaced with messages suggesting the attack was in response to the country’s pro-Western stance. Ukraine has blamed Russia for the attack, but the Kremlin has denied the accusations. The attack involved a new and destructive piece of malware that has been named…
Assange Wins First Stage in Effort to Appeal US Extradition
The High Court in London gave Assange permission to appeal the case to the U.K. Supreme Court. But the Supreme Court must agree to accept the case before it can move forward. “Make no mistake, we won today in court,” Assange’s fiancee, Stella Moris, said outside the courthouse, noting that he remains in custody at…
Nigerian Authorities Arrest 11 Members of Prolific BEC Fraud Group
The 11 suspects were arrested as part of a 10-day operation (December 13-22, 2021) in which the Nigerian Police collaborated with Interpol and private security firms Palo Alto Networks and Group-IB. The individuals are believed to be collectively involved in BEC attacks targeting more than 50,000 victims. On the laptop of one of the suspects,…
Insurance and Fintech Firm Acrisure Launches Cyber Services Division
The new division provides clients with an integrated offering that combines cyber insurance with vulnerability scanning, email and endpoint security, and backup and recovery services. Headed by Bill Meara, who joins the company from private equity giant Abry Partners, Acrisure Cyber Services expands on the company’s existing products, including insurance, reinsurance, asset management, and real…
Living Off the “Edge” of the Land
Edge computing is eminently practical in that it solves several important problems, many of which are related to the latency created when data must travel long distances. The edge offers significant functional and economic benefits, such as the emergence of a new breed of real-time applications. And the need for more edges has increased due…
Google Pays Out Over $100,000 for Vulnerabilities Patched With Chrome 97 Update
A total of 22 vulnerabilities addressed with the latest Chrome refresh were reported by external researchers, including one critical-severity, 16 high-severity, and five medium-severity issues. There were 12 use-after-free bugs reported externally, impacting Safe Browsing, Site isolation, Web packaging, Omnibox, Printing, Vulkan, Scheduling, Text Input Method Editor, Bookmarks, Optimization Guide, and Data Transfer. The most…
Trends that will shape the security industry in 2022
Entering 2022, the world continues to endure the pandemic. But the security industry has, no doubt, continued to shift, adapt, and develop in spite of things. Several trends have even accelerated. Beyond traditional “physical security,” a host of frontiers like AI, cloud computing, IoT, and cybersecurity are being rapidly pioneered by entities big and small…
Product showcase: Adaptive Shield SaaS Security Posture Management
Whether it’s Office 365, Salesforce, Slack, GitHub or Zoom, all SaaS apps include a host of security features designed to protect the business and its data. The job of ensuring that these apps’ security settings are properly configured falls on the security team. The challenge lies within how burdensome this responsibility is: 1. Each app…
