Troy Hunt

MARCH 19, 2022

So the plan was to schedule this week's session in advance then right on 17:30 at my end, go live. It mostly worked, I just forgot to press the "go live" button having worked on the (obviously incorrect) assumption that would happen automatically. Lesson learned, session restarted, we'll be all good next week 😊 References Asking about IoT'ing the kids' showers led to lots of wrong answers (maybe I'm just scarred now knowing how much work is involved as so

IoT 269

IoT 269

Bleeping Computer

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors. [.].

Ransomware 144

Ransomware 144

CSO Magazine

MARCH 19, 2022

The developer of a popular JavaScript component hosted on the npm repository decided to protest Russia's invasion of Ukraine by adding code to his own component that would add or delete files on people's computers in a way they didn't expect. The component, called node-ipc, is a dependency for a variety of other projects, which had to issue emergency updates to stop the undesired behavior they unwittingly inherited.

Risk 119

Risk Software 119

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) reported that AvosLocker ransomware is being used in attacks targeting US critical infrastructure. The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. The advisory was published in coordination with the US Treasury Department and the Financial Crimes Enforcement Network (FinCEN). “AvosLocker is a Ransomware as a Service (RaaS) affi

Ransomware 98

Ransomware DDOS Passwords Backups 98

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

WIRED Threat Level

MARCH 19, 2022

The author of a popular application pushed out an update containing malicious code in an effort to sabotage computers in the country.

Software 104

Software 104

Security Affairs

MARCH 19, 2022

Cybersecurity firm Emsisoft released a free decryptor that allows the victims of the Diavol ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft has released a free decryption tool to help Diavol ransomware victims recover their files without paying a ransom. In January, the FBI officially linked the Diavol ransomware operation to the infamous TrickBot gang , the group that is behind the TrickBot banking trojan.

Ransomware 89

Ransomware Encryption Banking Malware 89

Security Affairs

MARCH 19, 2022

TransUnion South Africa discloses a data breach, threat actors who stolen sensitive data, demanded a ransom payment not to release stolen data. TransUnion South Africa announced that threat actors compromised a company server based in South Africa using stolen credentials. Threat actors have stolen company data and demanded a ransom payment not to release stolen data.

Data breaches 88

Data breaches Passwords Cybercrime Hacking 88

Security Boulevard

MARCH 19, 2022

Our thanks to Purdue University’s The Center for Education and Research in Information Assurance and Security (CERIAS) for publishing their illuminating security symposiums, seminars, talks, and presentations on the Schools’ YouTube channel. Permalink. The post Purdue University’s CERIAS 2021 Security Symposium – Dr. Antonio Bianchi’s ‘LIGHTBLUE: Automatic Profile-Aware Debloating Of Bluetooth Stacks’ appeared first on Security Boulevard.

Education 59

Education InfoSec Information Security Cybersecurity 59

Security Affairs

MARCH 19, 2022

Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware gang. Google’s Threat Analysis Group (TAG) researchers linked a new initial access broker, named Exotic Lily, to the Conti ransomware operation. Initial access brokers play an essential role in the cybercrime ecosystem, they provide access to previously compromised organizations to threat actors.

Cybercrime 85

Cybercrime Social Engineering Ransomware Engineering 85

Security Boulevard

MARCH 19, 2022

Our thanks to DEFCON for publishing their outstanding DEF CON 29 Ham Radio Village videos on the Conferences’ YouTube channel. Permalink. The post DEF CON 29 Ham Radio Village – Jon Marler’s ‘Amateur Radio Digital Modes Primer’ appeared first on Security Boulevard.

Education 61

Education 61

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

WIRED Threat Level

MARCH 19, 2022

Plus: Anonymous dedicates a hack to Hillary Clinton, Google researchers expose Exotic Lily, and more.

Hacking 73

Hacking 73

Bleeping Computer

MARCH 19, 2022

A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. [.].

Phishing 119

Phishing 119