Viry a Červi

Man seized in Morocco is now presumably sleepless in Seattle

A French citizen was scheduled to appear before a US court on Friday on a nine-count indictment related to his alleged involvement in the ShinyHunters cybercrime gang that trafficked in identity and corporate data theft and sometimes extortion.…

If you want to keep the miscreants out, put the updates in, Redmond says

Microsoft is urging organizations to protect their Exchange servers from cyberattacks by keeping them updated and hardened, since online criminals are still going after valuable data in the email system.…

New meaning to sweetening the pot

Uncle Sam has put up a $10 million reward for intel on Hive ransomware criminals' identities and whereabouts, while Russia has blocked the FBI and CIA websites, along with the Rewards for Justice site offering the bounty.…

Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"...

Sign up to SANS Institute to keep up to speed with all aspects of the fast-evolving infosec sector

Sponsored Post  They say there's no such thing as a free lunch, but in fact there's a veritable feast of valuable resources online for infosec professionals which won't cost you anything.…

Nice people on LinkedIn want to harvest logins from politicians, boffins, and defense types

The UK's National Cyber Security Centre (NCSC) has warned of two similar spear-phishing campaigns, one originating from Russia, the other from Iran.…

If you yell 'death to America' and no one watches the video, does it make a sound?

Google's Threat Analysis Group (TAG) has burned more than 50,000 spammy fake news stories and other content posted by the pro-China 'Dragonbridge' gang.…

Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records.

Uncle Sam doles out decryption keys to 300+ victims amid sting op

The FBI said it has shut down the Hive's ransomware network, seizing control of the notorious gang's servers and websites, and thwarting the pesky criminals' ability to sting future victims.…

Lastest episode - listen now! (Or read the transcript.)

If true, was it worth the $500k and prison jumpsuit?

A man suspected of stealing personal data belonging to tens of millions of people worldwide and selling that info on cybercrime forums has been arrested by Dutch police.…

You know when we all said quit using MD5? We really meant it

Most Windows-powered datacenter systems and applications remain vulnerable to a spoofing bug in CryptoAPI that was disclosed by the NSA and the UK National Cyber Security Center (NCSC) and patched by Microsoft last year, according to Akamai's researchers.…

More of them used by baddies since Redmond blocked VBA macros

Microsoft in March will start blocking Excel XLL add-ins from the internet to shut down an increasingly popular attack vector for miscreants.…

We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days.

How to locate cybersecurity risks in remote working

Webinar  The implementation of lockdowns during the maelstrom of the Coronavirus pandemic led to fast track changes to traditional work practices. To meet the challenges of operating in a global emergency, businesses and organizations of every kind had to urgently find a way to keep operating.…

SANS Institute meets fast-growing demand for cyber security training in Latin America

Sponsored Post  The scale of cybersecurity threats facing Latin America was brought into focus by recently when it published details of NICKEL, a "China-based threat actor". The malware was used to attack global organisations with "a large amount of activity" targeting Central and South America, including Mexico and Brazil.…

Ongoing probe into cloud storage attack finds customer data exfiltrated

Remote access outfit GoTo has admitted that a threat actor exfiltrated an encryption key that allowed access to "a portion" of encrypted backup files.…

You know the drill: patch before criminals use these bugs in vRealize to sniff your systems

VMware has issued fixes for four vulnerabilities, including two critical 9.8-rated remote code execution bugs, in its vRealize Log Insight software. …

Well played, feds. What's next? Ransomware is rampant? Strong passwords are important?

The FBI has confirmed what cybersecurity researchers have been saying for months: the North Korean-sponsored Lazarus Group was behind the theft last year of $100 million in crypto assets from blockchain startup Harmony.…

Also: Yay for Data Privacy Day!

Apple has issued an emergency patch for older kit to fix a WebKit security flaw that Cupertino warns is under active attack.…