SC Magazine

MAY 3, 2021

SC Media is proud and honored to present the 2021 SC Awards – recognizing the people, products and companies that enable organizations large and small, public and private, to protect their most critical assets. This all translates to opportunity for the cybersecurity companies. Jill Aitoro, SC Media editor in chief.

Media 53

Media Retail Government Technology 53

Security Affairs

SEPTEMBER 5, 2022

Based on the ongoing investigation surrounding the result of attacks against multiple employees from Fortune 500 companies, Resecurity was able to obtain substantial knowledge about EvilProxy including its structure, modules, functions, and the network infrastructure used to conduct malicious activity.

Phishing 99

Phishing Accountability Hacking Advertising 99

Security Affairs

NOVEMBER 25, 2020

Group-IB , a global threat hunting and intelligence company, supported an INTERPOL-led operation Falcon targeting business email compromise (BEC) cybercrime gang from Nigeria, dubbed TMT by Group-IB. Since at least 2017, the prolific gang compromised at least 500,000 government and private sector companies in more than 150 countries.

Cybercrime 125

Cybercrime Phishing Social Engineering Spyware 125

BH Consulting

OCTOBER 6, 2022

Is it just us, or is phishing everywhere right now? Banks and insurance companies are telling customers to be wary of scam messages. Social engineering techniques, such as phishing, target not the systems but the people using them. Don’t get us wrong: we’re not praising cybercriminals for their cleverness.

Security Awareness 52

Security Awareness Phishing Scams Social Engineering 52

McAfee

DECEMBER 20, 2021

In this post we want to show how an endpoint solution with performant memory scanning capabilities can effectively detect active exploitation scenarios and complement network security capabilities your company has implemented. These technical capabilities are possible in ENS, let us show you how to do that! Background.

Network Security 56

Network Security Architecture Engineering Risk 56

Approachable Cyber Threats

MARCH 22, 2021

Every errant click runs the risk of completely grinding your company to a halt. Phishing is a specific type of cyber attack through which hackers and scammers use email to trick you. Unfortunately, anyone and everyone at a targeted company who has an email address. Through phishing. What’s phishing again?”

Phishing 98

Phishing Authentication Education Passwords 98

SC Magazine

MAY 25, 2021

The need to defend company networks can pile on stress for the security community. COVID-19 threatened lives, livelihoods and companies security as employees migrated en masse to a work-from-home model. COVID-19 threatened lives, livelihoods and companies security as employees migrated en masse to a work-from-home model.

InfoSec 113

InfoSec CISO Media Cybersecurity 113

Security Affairs

MARCH 28, 2019

Gustuff is a new generation of malware complete with fully automated features designed to steal both fiat and crypto currency from user accounts en masse. The Trojan uses the Accessibility Service, intended to assist people with disabilities. Group-IB Threat Intelligence customers were notified about Gustuff upon discovery.

Banking 99

Banking Cryptocurrency Mobile Advertising 99

SecureList

OCTOBER 20, 2021

Unlike with browser infections, when distributing a malicious file hidden in a PDF or Word, the attacker is not able to receive feedback from the victim or additional information about the device the target uses. At the same time, it has become more difficult to attack companies. Cloud servers for all.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Digital Shadows

JULY 5, 2021

Kaseya VSA is commonly used by managed service providers (MSPs) in the US and UK to help them manage their clients’ systems. At the time of writing, the number of companies affected by this ransomware supply-chain attack is still unclear. Technical details of the vulnerability are still unknown.

Ransomware 52

Ransomware Encryption Cryptocurrency System Administration 52

Security Boulevard

NOVEMBER 3, 2022

Thankfully, there’s something you can do about it. . We created McAfee+ so people can not only be safe but feel safe online, particularly in a time when there’s so much concern about identity theft and invasion of our online privacy. Well, there’s a good chance that anyone can find it online. All it takes is your name and address. .

Retail 52

Retail Media VPN Identity Theft 52

NopSec

FEBRUARY 15, 2017

Read on to learn about three different types of phishing, techniques attackers use to craft successful campaigns, and the damage that phishing can cause to organizations. The more data the attacker has on their target, the more believable the phish, and the more likely the company’s data will be compromised.

Phishing 40

Phishing Social Engineering Engineering Healthcare 40

SecureList

OCTOBER 26, 2023

What’s remarkable is that these software vulnerabilities were not new, and despite warnings and patches from the vendor, many of the vendor’s systems continued to use the flawed software, allowing the threat actor to exploit them. com/ko/company/info[.]asp com/en/common/include/page_tab[.]asp com/ko/company/info[.]asp

Malware 111

Malware Software Cryptocurrency Technology 111

Security Affairs

OCTOBER 20, 2018

But is it secure enough to protect your companies data? It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language. Accept-Language: en-US,en;q=0.5.

Firmware 67

Firmware IoT VPN Authentication 67

Digital Shadows

NOVEMBER 1, 2022

All of these events have had a major effect on cyber threats, which continues to see malicious attackers giving network defenders plenty to think about. As we move towards the end of 2022, now is the time to take a look back at the major trends from the last eleven months and identify what might happen from a cyber threat perspective in 2023.

Cyber threats 52

Cyber threats Ransomware Media Data breaches 52

Troy Hunt

NOVEMBER 5, 2018

But firstly, let me provide a high-level overview of the sort of product I'm talking about and I'll begin with recognising the problem it's trying to solve: People suck at passwords. Part of the solution to this is to give people the controls to do password-based authentication better, for example by using a password manager and enabling 2FA.

Passwords 226

Passwords Authentication Data breaches Accountability 226

Troy Hunt

NOVEMBER 6, 2022

A couple of weeks ago I wrote about some big changes afoot for Have I Been Pwned (HIBP), namely the introduction of annual billing and new rate limits. With new limits, it's easier to talk about "requests per minute" or RPM so that's the nomenclature we're sticking with now. Today, it's finally here!

Identity Theft 289

Identity Theft InfoSec Marketing Authentication 289

Cisco Security

AUGUST 29, 2022

Looking at the three Ps (people, process, platform), flexibility, communication, and an awesome Cisco platform allowed us to build and roll with the changes and challenges in the network. There were a lot of complaints about the Black Hat USA 2022 Wi-Fi network in the Expo Hall on 10 August. The Buck Stops Here. Full stop.

Engineering 70

Engineering Wireless Malware DNS 70

eSecurity Planet

MAY 25, 2022

Through public and commercial development of advanced encryption methods, organizations from sensitive government agencies to enterprise companies can ensure protected communications between personnel, devices, and global offices. Learn more about cryptanalytic threats with Rainbow Table Attacks and Cryptanalytic Defenses.

Encryption 129

Encryption Computers and Electronics Password Management Passwords 129

SecureList

AUGUST 10, 2022

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies. We deemed it may be helpful to publicly expose some of our knowledge about VileRAT, to help potential targets better detect and stop such malicious activities. Windows NT 10.0;

Cryptocurrency 88

Cryptocurrency Encryption Social Engineering Passwords 88

Troy Hunt

OCTOBER 19, 2017

It's an explosive situation with potentially severe ramifications and I've been bombarded by questions about it over the last 48 hours. For the last 4 years, I've also run a free service called Have I Been Pwned (HIBP) which aggregates data breaches and presently contains about 4.8 This post explains everything I know.

Data breaches 209

Data breaches Government Backups Internet 209

The Last Watchdog

SEPTEMBER 1, 2020

Related: How ‘Zero Trust’ is compatible with agile computing We’re all familiar with the high-profile entrepreneurs who gave us the tools and services that underpin our digital economy. Judging from the success of script kiddies, the tech giants apparently have not learned very much about security in 20 years.

Hacking 125

Hacking Media Accountability CISO 125

Troy Hunt

MARCH 3, 2021

A couple of days ago, I posted a thread about their alleged breach. I don't care which god (or demon) you've picked, nor what gender you were born with (or if you decided to change it at some time), nor do I care whose politics you like and whose you don't, I only care about the data. Gab's approach. Gab's approach.

Passwords 363

Passwords Data breaches InfoSec Risk 363