You know, I really hate saying, “I told you so….but….” Back in 2013, I witnessed the capabilities of the Pegasus spyware. I was introduced to the NSO group through an Israeli colleague of mine, where our friendship went back to just after the 9-11 attacks. Right in front of me, NSO actually took control of a cell phone (though a demo, I hoped). They then touted the magnitude of what this type of surveillance could provide to law enforcement and governments. I immediately said, “if that was
All Articles (2633)
Sort by
Healthcare facilities keep getting attacked. Earlier this year, hospitals with the Ascension network in Kansas were hit with a ransomware attack that has left a lasting impact. Now, the company is reaching out to patients who may have had their personal data compromised by the situation. Ascension shared a new update on Dec. 19 regarding the cyber-attack and will now contact people whose data was impacted. Ascension said the type of data is varied but can include medical, payment, insurance,
In February 2024, Microsoft released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange 2019. While we’re currently unaware of any active threat campaigns involving NTLM relaying attacks against Exchange, we have observed threat actors exploiting this vector in the past.
With the release of Windows Server 2025 earlier this month, we releas
There are many Android TV boxes out there for sale. Some are surprisingly cheap. Before you consider pulling the trigger on that cheap Android TV box, think again. This is because according to a report from the researchers at BitSight, the BadBox malware is back and that it has managed to infect close to 200,000 devices so far.
What is BadBox? BadBox is an Android malware that is thought to be based on the “Triada” malware family. It infects devices made by lesser-known manufacturers. The at
Software supply chain management platform Sonatype’s latest research shared with Hackread.com reveals that on 20 December 2024, popular npm packages @rspack/core and @rspack/cli were compromised by attackers who accessed a compromised npm token. According to Sonatype’s blog post, these attackers then published malicious versions (1.1.7) of these packages.
Sonatype’s automated malware detection systems quickly caught these malicious versions and blocked them for users using Nexus Repository Firew
Believe it or not, many do their gift shopping AFTER Christmas. Why? Because the deals are in plenty. Cyber shopping is no different, but……. Seemingly innocent "white pages," including an elaborate Star Wars-themed site, are bypassing Google's malvertising filters, showing up high in search results to lure users to second-stage phishing sites. Threat actors appear to have found yet another innovative use case for artificial intelligence in malicious campaigns: to create decoy ads for foolin
Several years ago, I presented a joint panel discussion in Las Vegas on the integration of Physical and Cyber Security, in conjunction with Human Relations departments. I am not sure that message has resonated within all the various business sectors, but many are adopting this new synergy. Red Sky would like to provide some security predictions for 2025.
Cyber Security - 12 CIS Experts' Cybersecurity Predictions for 2025: The 2024 general election...the CrowdStrike Falcon outage...insider thre
A thwarted attack demonstrates that threat actors are using another delivery method for the malware, which has already been spread using phishing emails, malvertising, hijacking instant messages, and SEO poisoning. The DarkGate remote access Trojan (RAT) has a new attack vector: A threat actor targeted a Microsoft Teams user via a voice call to gain access to their device. Researchers said the attack adds to the other methods for spreading the RAT, which previously has been propagated using phis
It seems like a reasonable request. Type in your email address to enter a contest, sign up for a newsletter, or score a discount coupon. What could go wrong? A couple of hundred trash emails every week. Once you hand over your email address, you can expect regular deliveries of ads, come-ons, and offers for things you would never consider buying. Those marketers will pass your address along to partners who clutter your inbox.
How do you avoid that crushing inbox overload? The best solution is to
An ongoing cyber-espionage campaign by Russia's Midnight Blizzard threat group may be much larger in scope than generally assumed, targeting international entities in government, armed forces, and academic institutions, Trend Micro said in recently released research. At its peak in October 2024, researchers observed Midnight Blizzard which they track as Earth Koshchei hitting as many as 200 entities a day with phishing emails containing a malicious Remote Desktop Protocol (RDP) file and red tea
“This is a National Security Threat,” says Kymberlee Price. Ransomware is doing more to change the security landscape than the last 20 years of Secure Development Lifecycle, DevSecOps, Zero Days, Breaches, or any corporate memo. Pair this with predatory pricing models from software vendors that sell security features as add-on products in premium or enterprise tier licenses, and you’ve got a perfect storm that hits small and medium sized businesses (SMBs) the hardest.
In this hard-hitting talk
Concerns about the security risks of mobile messaging are increasing with concerns over the security of messaging between platforms like iPhone and Android have significantly increased. At the same time, Apple has launched its own RCS messaging system that will compete with WhatsApp and other messaging platforms. US authorities are telling the public to adopt fully encrypted communication services to protect against growing cyber threats. The FBI and the Cybersecurity and Infrastructure Securi
Firmware is low-level software that creates the interaction between the hardware and the operating system. It contains important instructions for operating electronic devices such as routers, IoT sensors, smartphones, and even cars. However, these instructions are often invisible to the user, making firmware less secure. The report below will show the principal risks of firmware security and best practices for protecting against hackers.
Key security risks in firmware development - Ensuring the
This article was written by Joshua Goldfarb, Field CISO, F5, and published on DarkReading (www.darkreading.com). I am posting his article in its entirety (including some grammar edits) as it is an excellent observation of today's world. My first bachelor’s degree was a BA in English from DePauw University. In today’s world of high-tech, we often forget the fine arts. We studied art, poetry, and literary classics. I have found that learning more than accounting and software development skills has
The Ukrainian security service (SBU) has uncovered a new suspected espionage campaign by Russian intelligence services involving the recruitment of Ukrainian teenagers for criminal activities disguised as "quest games." During an operation in the northeastern city of Kharkiv, local law enforcement arrested two groups of alleged Russian Federal Security Service (FSB) agents, all of whom were 15- and 16-years-old.
The teenagers were allegedly tasked with carrying out espionage, directing missile
A federal appeals court has upheld a law that could see TikTok banned across the US unless its Chinese parent company, ByteDance, divests its ownership. The decision was issued by a three-judge panel from the US Court of Appeals for the District of Columbia Circuit on 06 December 2024, marking a significant setback for the video-sharing platform as it battles to remain operational in the United States. The court ruled that the law, signed by President Joe Biden in April 2024, does not violate
Darktrace reported on 04 December 2024 a surge in retail cyberattacks at the opening of the 2024 holiday shopping season. Analysis from Darktrace's threat intelligence team using data from across the Darktrace customer fleet shows that during Black Friday week (November 25-29), attempted Christmas-themed phishing attacks leaped 327%[1] around the world, while Black Friday-themed phishing attacks jumped 692% compared to the beginning of November (4-9)[2], as bad actors seek to take advantage of c
BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. “We identified an attempt to compromise our BT Conferencing platform. This incident was restricted to specific elements of the platform, which were rapidly taken offline and isolated,”
Security researchers have flagged a critical vulnerability in Microsoft’s multi-factor authentication (MFA) system, called “AuthQuake,” that could allow attackers to bypass protections and gain unauthorized account access. Their report[1] details how the flaw required no user interaction, did not generate alerts, and took less than an hour to execute. While multi-factor authentication (MFA) is a solid security mechanism, such flaws make it a double-edged sword due to the nature of the user’s r
About a year ago, I rented an AirBnB house. Once I signed up, I realized the point of contact was named “China.” Well, my heart sank until I realized that China was her name. Still unconvinced, I have someone actually “look” at the property and see if it was real. It was, whew…..and “China” turned out to be a lovely person. I guess parents name their children other names than Susie, Patty and Cathy…. Ok, ok - I’m showing my age. But caution should still be employed for any AirBnB rental tr
