Government, IoT, Malware and Security Awareness

Malvertising Campaign Targets IoT Devices: GeoEdge

eSecurity Planet

AUGUST 9, 2021

A malicious advertising campaign originating out of Eastern Europe and operating since at least mid-June is targeting Internet of Things (IoT) devices connected to home networks, according to executives with GeoEdge, which offers ad security and quality solutions to online and mobile advertisers. Malvertising is Evolving.

IoT

IoT Advertising Identity Theft Mobile

North Korea IT Worker Scam Brings Malware and Funds Nukes

Security Boulevard

MAY 17, 2024

The post North Korea IT Worker Scam Brings Malware and Funds Nukes appeared first on Security Boulevard. DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans.

Scams

Scams Malware Social Engineering Data privacy

Strong medical device security awareness stifled by inventory, knowledge gaps

SC Magazine

JULY 1, 2021

However, the sector yet to meet necessary inventory and security measures to stymie this critical threat. In fact, the latest Armis report shows 63% of health care delivery organizations have been impacted by a security incident caused by unmanaged devices or IoT in the last two years.

Security Awareness

Security Awareness IoT Risk Healthcare

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Gov’t Advisory Warns of Pipedream Malware Aimed at ICS

Security Boulevard

APRIL 15, 2022

The post Gov’t Advisory Warns of Pipedream Malware Aimed at ICS appeared first on Security Boulevard.

Malware

Malware Government Technology Software

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Security Boulevard

FEBRUARY 22, 2024

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures. The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.

Hacking

Hacking Government Digital transformation Social Engineering

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles. The United States should lead by example and execute a sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign, coordinated by the White House.

Ransomware

Ransomware Passwords Scams Government

Cybersecurity in 2020

Cytelligence

JANUARY 14, 2020

More targeted ransomware – 2019 saw ransomware exploits getting highly targeted against specific businesses, as well as local government. Evolution of mobile malware attacks – The first half of 2019 saw a 50% increase in attacks by mobile banking malware compared to 2018. Cyber Security Awareness Training .

Cybersecurity

Cybersecurity Cyber Insurance Insurance Ransomware

‘LitterDrifter’ Russian USB Worm Leaks from Ukraine War Zone

Security Boulevard

NOVEMBER 22, 2023

Flash drive sharing malware escapes Україна. The post ‘LitterDrifter’ Russian USB Worm Leaks from Ukraine War Zone appeared first on Security Boulevard. FSB APT USB VBS LNK DLL: WTH? Gamaredon fingered as perps.

Malware

Malware Social Engineering Data privacy Engineering

Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure

Security Boulevard

SEPTEMBER 28, 2022

The Ukrainian government has warned that Russia is planning a massive attack against the critical infrastructure of Ukraine and of its allies. The post Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure appeared first on Security Boulevard.

Government

Government Social Engineering Security Awareness Engineering

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

Given the ease with which these vulnerabilities might be exploited, rapid action is required to prevent broad assaults on both government and commercial networks. Regular system upgrades and security audits are essential for maintaining strong defenses. Atlassian updated its advisory on Nov.

Software

Software Education Ransomware Firmware

South Korean iPhone Ban: MDM DMZ PDQ

Security Boulevard

APRIL 29, 2024

The post South Korean iPhone Ban: MDM DMZ PDQ appeared first on Security Boulevard. MDM Hindered: Android phones are still OK; this is Samsung’s home, after all.

Social Engineering

Social Engineering Data privacy Engineering IoT

Irony of Ironies: CISA Hacked — ‘by China’

Security Boulevard

MARCH 11, 2024

Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti. The post Irony of Ironies: CISA Hacked — ‘by China’ appeared first on Security Boulevard. Free rides and traffic jams: U.S.

Hacking

Hacking Cybersecurity Social Engineering Data privacy

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Security Boulevard

FEBRUARY 7, 2024

The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard. PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face?

Hacking

Hacking Social Engineering DDOS Internet

Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi

Security Boulevard

FEBRUARY 8, 2024

Bootkit Bug in shim.efi appeared first on Security Boulevard. Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault. The post Linux Vendors Squawk: PATCH NOW — CVSS 9.8

Social Engineering

Social Engineering Data privacy Engineering IoT

Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

Security Boulevard

APRIL 3, 2023

appeared first on Security Boulevard. Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files. The post Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

Hacking

Hacking Social Engineering IoT Security Awareness

NoaBot Pwns Hundreds of SSH Servers as Crypto Miners

Security Boulevard

JANUARY 11, 2024

The post NoaBot Pwns Hundreds of SSH Servers as Crypto Miners appeared first on Security Boulevard. ‘hi’ — Mirai-based botnet exploits weak authentication to mine fake money.

Authentication

Authentication IoT Cryptocurrency Security Awareness

Microsoft Repeatedly Burned in ‘Layer 7’ DDoS

Security Boulevard

JUNE 20, 2023

The post Microsoft Repeatedly Burned in ‘Layer 7’ DDoS appeared first on Security Boulevard. Unlucky number: Time and again this month, “Russian” hackers bring down Microsoft clouds.

DDOS

DDOS Security Awareness IoT Risk

FBI Warns: Ubiquiti EdgeRouter is STILL Not Secure

Security Boulevard

FEBRUARY 28, 2024

The post FBI Warns: Ubiquiti EdgeRouter is STILL Not Secure appeared first on Security Boulevard. GRU APT28 is back again: Fancy Bear still hacking ubiquitous gear, despite patch availability.

Hacking

Hacking Social Engineering Data privacy Authentication

Best of 2023: Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

Security Boulevard

JANUARY 2, 2024

appeared first on Security Boulevard. Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files. The post Best of 2023: Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

Hacking

Hacking Social Engineering IoT Security Awareness

Contec SolarView: Critical Bug Unpatched After 14 MONTHS

Security Boulevard

JULY 7, 2023

The post Contec SolarView: Critical Bug Unpatched After 14 MONTHS appeared first on Security Boulevard. PV OT: VPN PDQ! CVSS known since May 2022—but still exploitable on 400+ net-connected OT/ICS/SCADA systems.

VPN

VPN CISO IoT Security Awareness

U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens

Security Boulevard

NOVEMBER 28, 2022

and UK Ban More Chinese Kit as Xi’s Grip Weakens appeared first on Security Boulevard. Two key members of the Five Eyes intelligence alliance have made further moves to stop Chinese equipment imports. The post U.S.

Digital transformation

Digital transformation CISO Security Awareness IoT

OpenSSL ‘CRITICAL’ Bug — Sky Falling — Patch Hits 11/1

Security Boulevard

OCTOBER 28, 2022

The post OpenSSL ‘CRITICAL’ Bug — Sky Falling — Patch Hits 11/1 appeared first on Security Boulevard. OpenSSL has a new ‘critical’ bug. But it’s a secret until next month.

Social Engineering

Social Engineering Security Awareness Engineering IoT

ALERT: Google Wants to DRM your OS for ‘Web Environment Integrity’

Security Boulevard

JULY 26, 2023

The post ALERT: Google Wants to DRM your OS for ‘Web Environment Integrity’ appeared first on Security Boulevard. We will kill WEI: A thinly veiled attempt to track you and make more ad money.

Security Awareness

Security Awareness IoT Risk Mobile

Tesla Fails Yet Again: Hackers can Steal Cars via NFC

Security Boulevard

JUNE 10, 2022

The post Tesla Fails Yet Again: Hackers can Steal Cars via NFC appeared first on Security Boulevard. Tesla Models 3 and Y can be unlocked and stolen via a bug in their NFC software. Two separate research groups found this new bug at around the same time.

Software

Software Social Engineering Security Awareness Engineering

NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)

Security Boulevard

NOVEMBER 11, 2022

The post NSA’s Plea: Stop Using C and C++ (Because You’re Idiots) appeared first on Security Boulevard. The C and C++ languages are unsafe. Instead, the NSA would like devs to use memory-safe languages—such as Rust.

CISO

CISO Security Awareness IoT Risk

‘Crypto Bug of the Year’ Fixed — Update Java NOW

Security Boulevard

APRIL 25, 2022

The post ‘Crypto Bug of the Year’ Fixed — Update Java NOW appeared first on Security Boulevard. A ridiculously dumb flaw in Java’s signature checking code is patched. This isn’t some crufty legacy Sun code, but actual garbage Oracle sloppiness that’s causing IT people to chase their tails yet again.

Security Awareness

Security Awareness IoT Risk Mobile

‘Trojan Source’ Makes Scary Headlines—But it’s Not New

Security Boulevard

NOVEMBER 2, 2021

Trojan Source “threatens the security of all code,” screams a widely shared article. The post ‘Trojan Source’ Makes Scary Headlines—But it’s Not New appeared first on Security Boulevard. There’s nothing new here.

Social Engineering

Social Engineering Security Awareness Engineering IoT

Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blood on Your Hands’

Security Boulevard

MAY 9, 2022

The post Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blood on Your Hands’ appeared first on Security Boulevard. Ukrainian hackers and their friends continue to pummel Russian computers. Hundreds of millions of documents” are being leaked. And today, Putin’s famous Victory Parade has been marred by hackers.

Hacking

Hacking Social Engineering Security Awareness Engineering

CISA, NSA Warn of Russian Attacks on Critical Infrastructure

Security Boulevard

JANUARY 12, 2022

targets, the FBI, CISA and the NSA issued a joint warning to those tasked with protecting critical infrastructure: Beef up your security. The agencies encouraged “the cybersecurity community—especially critical infrastructure network defenders—to adopt a heightened state of awareness and.

Cybersecurity

Cybersecurity CISO Security Awareness IoT

R.I.P. Kevin Mitnick, 1963–2023

Security Boulevard

JULY 21, 2023

The post R.I.P. Kevin Mitnick, 1963–2023 appeared first on Security Boulevard. Kevin is Free: Hackers’ hacker dies, aged 59.

Social Engineering

Social Engineering Marketing Security Awareness Engineering

Alleged Russian RSOCKS Hacker: ‘Send Me to US’

Security Boulevard

SEPTEMBER 27, 2022

The post Alleged Russian RSOCKS Hacker: ‘Send Me to US’ appeared first on Security Boulevard. The supposed owner of RSOCKS—a huge illegal botnet—wants to be extradited to the U.S. He claims to have info authorities here will want to hear.

Social Engineering

Social Engineering IoT Security Awareness Engineering

Russian Hackers Declare War on Lithuania — Killnet DDoS Panic

Security Boulevard

JUNE 28, 2022

The post Russian Hackers Declare War on Lithuania — Killnet DDoS Panic appeared first on Security Boulevard. NATO member Lithuania is under attack from Russian hacking group Killnet. It raises serious concerns over Russia’s use of cyber warfare against NATO states.

DDOS

DDOS Hacking Security Awareness IoT

Great Firewall Ready to Unleash ‘Gigantic’ DDoS—so are Other Middleboxes

Security Boulevard

AUGUST 19, 2021

The post Great Firewall Ready to Unleash ‘Gigantic’ DDoS—so are Other Middleboxes appeared first on Security Boulevard. Researchers have disclosed a nasty new way for bad people to mess up the internet for the rest of us.

Firewall

Firewall DDOS Internet Internet

US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’

Security Boulevard

MARCH 10, 2022

The post US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’ appeared first on Security Boulevard. Mainstream media has been full of stories about how the U.S. cleverly anticipated the Russian invasion of Ukraine and skilfully helped the country shore up its defences against Russian hacking.

InfoSec

InfoSec Media Hacking Social Engineering

Puttin’ Putin on Notice—We Will Hack Russia Back

Security Boulevard

FEBRUARY 22, 2022

The post Puttin’ Putin on Notice—We Will Hack Russia Back appeared first on Security Boulevard. If Russia launches cyberattacks on the U.S. or on NATO allies, it risks being hacked back. This warning comes from Deputy Attorney General Lisa O.

Hacking

Hacking Risk Social Engineering Security Awareness

Do You Want Secure Supply Chains? SHOW ME THE MONEY

Security Boulevard

MAY 16, 2022

The Open Source Security Foundation and Linux Foundation have a plan to fix our broken software supply chains. The post Do You Want Secure Supply Chains? SHOW ME THE MONEY appeared first on Security Boulevard. Benjamins needed.

Software

Software Social Engineering CISO IoT

Linux Fixes 5 Gaping Holes in Wi-Fi

Security Boulevard

OCTOBER 14, 2022

The post Linux Fixes 5 Gaping Holes in Wi-Fi appeared first on Security Boulevard. Linux’s Wi-Fi code has some *nasty* bugs, which can be exploited simply by being near an attacker. They’re caused by our old friend: Memory-unsafe C code.

Firewall

Firewall Security Awareness IoT Risk

SHOCKER: Senate Says Security Sucks—Still

Security Boulevard

AUGUST 5, 2021

The post SHOCKER: Senate Says Security Sucks—Still appeared first on Security Boulevard. A Senate committee graded cybersecurity as poor among eight big agency departments. Not much has changed since the last report.

Cybersecurity

Cybersecurity Social Engineering Security Awareness Engineering

‘Russian’ Ransom Gang Targets Big Agri Co-op—Food Shortages Ahoy?

Security Boulevard

SEPTEMBER 23, 2021

appeared first on Security Boulevard. NEW Cooperative got hacked by BlackMatter ransomware scrotes. The post ‘Russian’ Ransom Gang Targets Big Agri Co-op—Food Shortages Ahoy?

Ransomware

Ransomware Hacking Security Awareness IoT

Ukraine Beats Russia in Cyberwarfare — at ‘Unprecedented Scale’

Security Boulevard

APRIL 28, 2022

The post Ukraine Beats Russia in Cyberwarfare — at ‘Unprecedented Scale’ appeared first on Security Boulevard. Russia is attacking Ukraine with cyberattacks and psyops. But the scale is pathetic and Ukraine is fighting back—hard.

Social Engineering

Social Engineering DDOS Security Awareness Engineering

Lapsus$ Strikes Again—190GB Samsung Data Release by Nvidia Hackers

Security Boulevard

MARCH 7, 2022

The post Lapsus$ Strikes Again—190GB Samsung Data Release by Nvidia Hackers appeared first on Security Boulevard. Samsung Electronics has confidential data stolen and leaked by ransomware scrotes—190 GB of it.

Ransomware

Ransomware Social Engineering Security Awareness Engineering

Microsoft’s Legal Head: U.S. must Stop Secret Gag Orders

Security Boulevard

JUNE 16, 2021

must Stop Secret Gag Orders appeared first on Security Boulevard. Microsoft president and CLO Brad Smith says secretly subpoenaing data from cloud providers—blocking them from telling customers—must stop. The post Microsoft’s Legal Head: U.S.

Social Engineering

Social Engineering CISO Security Awareness Engineering

Ransomware Prevention, Detection, and Simulation

NetSpi Executives

APRIL 27, 2024

Ransomware, a definition Ransomware is a set of malware technologies, hacking techniques, and social engineering tactics that cybercriminals use to cause harm, breach data, and render data unusable. Step 4: Attackers use malware and exploits off-the-shelf or customize the tools to create ransomware variants and new techniques.

Ransomware

Ransomware Cyber Insurance Backups Insurance

Cloud Security Fundamentals: Understanding the Basics

eSecurity Planet

MAY 24, 2024

Consider applying these methods for checking your security controls: Ensure physical security: Verify the data center’s security measures, such as surveillance, access controls, and the presence of security officers, to prevent unwanted access. Ensure that security measures stay effective and compliant.

Encryption

Encryption Risk Passwords Authentication

Malvertising Campaign Targets IoT Devices: GeoEdge

North Korea IT Worker Scam Brings Malware and Funds Nukes

Webinars

Trending Sources

Strong medical device security awareness stifled by inventory, knowledge gaps

Webinars

Gov’t Advisory Warns of Pipedream Malware Aimed at ICS

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Cyber Security Roundup for May 2021

Cybersecurity in 2020

‘LitterDrifter’ Russian USB Worm Leaks from Ukraine War Zone

Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

South Korean iPhone Ban: MDM DMZ PDQ

Irony of Ironies: CISA Hacked — ‘by China’

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi

Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

NoaBot Pwns Hundreds of SSH Servers as Crypto Miners

Microsoft Repeatedly Burned in ‘Layer 7’ DDoS

FBI Warns: Ubiquiti EdgeRouter is STILL Not Secure

Best of 2023: Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

Contec SolarView: Critical Bug Unpatched After 14 MONTHS

U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens

OpenSSL ‘CRITICAL’ Bug — Sky Falling — Patch Hits 11/1

ALERT: Google Wants to DRM your OS for ‘Web Environment Integrity’

Tesla Fails Yet Again: Hackers can Steal Cars via NFC

NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)

‘Crypto Bug of the Year’ Fixed — Update Java NOW

‘Trojan Source’ Makes Scary Headlines—But it’s Not New

Putin’s ‘Victory Parade’ TV Show Hacked: ‘Blood on Your Hands’

CISA, NSA Warn of Russian Attacks on Critical Infrastructure

R.I.P. Kevin Mitnick, 1963–2023

Alleged Russian RSOCKS Hacker: ‘Send Me to US’

Russian Hackers Declare War on Lithuania — Killnet DDoS Panic

Great Firewall Ready to Unleash ‘Gigantic’ DDoS—so are Other Middleboxes

US Helped Ukraine With Infosec—Story is ‘Dangerous Arrogance’

Puttin’ Putin on Notice—We Will Hack Russia Back

Do You Want Secure Supply Chains? SHOW ME THE MONEY

Linux Fixes 5 Gaping Holes in Wi-Fi

SHOCKER: Senate Says Security Sucks—Still

‘Russian’ Ransom Gang Targets Big Agri Co-op—Food Shortages Ahoy?

Ukraine Beats Russia in Cyberwarfare — at ‘Unprecedented Scale’

Lapsus$ Strikes Again—190GB Samsung Data Release by Nvidia Hackers

Microsoft’s Legal Head: U.S. must Stop Secret Gag Orders

Ransomware Prevention, Detection, and Simulation

Cloud Security Fundamentals: Understanding the Basics

Stay Connected