Spanish Judge to Seek Testimony From NSO on Pegasus Spyware
The court said that José Luis Calama has decided to lead a judicial commission that will travel to Israel to “take testimony from the CEO of the company that commercializes the Pegasus program.” Shalev Hulio is the CEO of the Tel Aviv-based NSO Group. The court gave no date for the judge’s trip. When asked…
Most Digital Attacks Today Involve Social Engineering
On May 14, the FBI marked a sobering milestone: the receipt of its six millionth digital crime complaint. It took just 14 months for the FBI’s Internet Crime Complaint Center (IC3) to reach its new threshold. Digital crime complaints are on the rise, and we have some ideas as to why. Check out what these…
The state of the dark web: Insights from the underground
Lately, dark web actors have one more worry: getting caught by law enforcement. Tracking dark web illegal activities has been a cat-and-mouse game for authorities, but in the end, they often catch their adversaries and seize the dodgy money. On the night of the 2020 presidential election, for example, US government officials managed to empty…
A hacker’s predictions on enterprise malware risk
2020 has ended with a stunning display of nation-state cyber capabilities. The Kremlin’s SVR shocked the cybersecurity industry and U.S. government with its intrusions into FireEye and the U.S. Office of the Treasury by way of SolarWinds, revealing only traces of its long-term, sophisticated campaigns. These breaches are reminders that no organization is immune to…
SaaS security in 2021
The migration toward subscription-based services via the SaaS business model isn’t new this year — it’s part of a larger shift away from on-premises datacenters, applications, etc., that has been underway for years. The pandemic accelerated the shift, boosting SaaS subscriptions as companies looked for virtual collaboration and meeting tools. What is new on a…
VMware Patches Vulnerabilities Exploited at Chinese Hacking Contest
At the 2020 Tianfu Cup International PWN Contest, which took place earlier this month in China, participants earned a total of more than $1.2 million for exploits targeting Chrome, Safari, Firefox, Adobe Reader, Docker, VMware ESXi, CentOS, the iPhone, the Samsung Galaxy S20 phone, Windows, and routers from TP-Link and Asus. The 360 ESG Vulnerability…
Securing mobile devices, apps, and users should be every CIO’s top priority
More than 80% of global employees do not want to return to the office full-time, despite 30% employees claiming that being isolated from their team was the biggest hindrance to productivity during lockdown, a MobileIron study reveals. The COVID-19 pandemic has clearly changed the way people work and accelerated the already growing remote work trend….
The Security of Your Android Device May Depend on Where You Live
Over the last few years, security researchers have been able to crack various Android phones during Pwn2Own hacking competitions. Now one firm has collected its research and finds a potentially significant global problem: Android security may be dependent on the country of use. One problem is the open and global nature of the Android operating…
How Abnormal Security combats business email compromise
When looking at all the different ways that hackers can threaten networks and enterprises, flashy incidents like ransomware scams often come to mind. But a relatively new kind of attack called business email compromise (BEC) has taken the lead in both frequency and overall damage, quickly becoming public enemy number one. According to the FBI’s…
What is smishing? How phishing via text message works
Smishing definition Smishing is a cyberattack that uses misleading text messages to deceive victims. The goal is to trick you into believing that a message has arrived from a trusted person or organization, and then convincing you to take action that gives the attacker exploitable information (like bank account login credentials, for example) or access…