Privacy Awareness Week 2019 – Are You In The Dark About Your Online Privacy?
If you haven’t given your online privacy much attention lately then things need to change. In our era of weekly data breaches, the ‘I’ve got nothing to hide’ excuse no longer cuts it. In my opinion, ensuring your privacy is protected online is probably more important than protecting your home and car! A sloppy approach […] more…ScarCruft continues to evolve, introduces Bluetooth harvester
Executive summary After publishing our initial series of blogposts back in 2016, we have continued to track the ScarCruft threat actor. ScarCruft is a Korean-speaking and allegedly state-sponsored threat actor that usually targets organizations and companies with links to the Korean peninsula. The threat actor is highly skilled and, by all appearances, quite resourceful. We […] more…New Guide on the Sucuri Referral Program
Referral programs and affiliate marketing opportunities can be found on many web-based company sites, however, often they’re overlooked. Commonly people consider these programs as something that they, “should leave to the professionals”. We designed our new Referral Program Guide to give clear insight into affiliate marketing for both beginners and long-term affiliates. You don’t need to […] more…Saving Summer: 5 Strategies to Help Reign In Family Screen Time Over Break
It’s the most wonderful time of the year — for teachers and lifeguards. For everyone else (parents) we have a little prep work to do to make sure the summer doesn’t lull our kids into digital comas. Most of us have learned that given zero limits, kids will play video games, watch YouTube, send snaps, […] more…Free Website Security Consultation for GoDaddy Pros
Sucuri is partnering with GoDaddy Pro to make the internet more secure, one website professional at a time. Developers, designers, agencies, and freelancers now have an exclusive avenue to level up security knowledge and differentiate their businesses from the competition. GoDaddy Pro helps web developers and designers save time and money while managing multiple websites. […] more…New Samsung Exynos Chip Secures IoT Devices With Short-Range Comms
Samsung this week unveiled Exynos i T100, a new mobile system-on-chip (SoC) designed to enhance the security and reliability of Internet-of-Things (IoT) devices that use short-range communication protocols. read more more…New Product Protects SMBs From Credential Stuffing Attacks
Shape Security has announced a new product designed to protect small and medium business (SMB) websites from the growing scourge of advanced bot-based credential stuffing. read more more…Dharma Ransomware Uses AV Tool to Distract from Malicious Activities
by Raphael Centeno The Dharma ransomware has been around since 2016, but it has continued to target and successfully victimize users and organizations around the world. One high profile attack happened in November 2018 when the ransomware infected a hospital in Texas, encrypting many of their stored records; luckily the hospital was able to recover […] more…FIN7.5: the infamous cybercrime rig “FIN7” continues its activities
On August 1, 2018, the US Department of Justice announced that it had arrested several individuals suspected of having ties to the FIN7 cybercrime rig. FIN7 operations are linked to numerous intrusion attempts having targeted hundreds of companies since at least as early as 2015. Interestingly, this threat actor created fake companies in order to […] more…We Are Ready on Day One for Our Linux Customers
Our customers look to McAfee to ensure that their enterprises are protected from the changing threat landscape. That’s why we’ve worked with Red Hat, the world’s leading provider of open source solutions for Linux, to ensure that we were part of the entire process leading up to today’s announcement of Red Hat Enterprise Linux 8 […] more…CVE-2019-3396 Redux: Confluence Vulnerability Exploited to Deliver Cryptocurrency Miner With Rootkit
by Augusto Remillano II and Robert Malagad In March 2019, Atlassian published an advisory covering two critical vulnerabilities involving Confluence, a widely used collaboration and planning software. In April, we observed one of these vulnerabilities, the widget connector vulnerability CVE-2019-3396, being exploited by threat actors to perform malicious attacks. Security provider Alert Logic also discovered […] more…UK Publishes Proposed Regulation for IoT Device Security
The UK government has published a consultation document on the proposed regulation of consumer IoT devices. The consultation is not designed to see whether regulation is necessary, but to help the government “make a decision on which measures to take forward into legislation.” read more more…Vulnerabilities Found in Over 100 Jenkins Plugins
A researcher has discovered vulnerabilities in more than 100 plugins designed for the Jenkins open source software development automation server and many of them have yet to be patched. read more more…Mirrorthief Group Uses Magecart Skimming Attack to Hit Hundreds of Campus Online Stores in US and Canada
We uncovered a recent activity involving the notorious online credit card skimming attack known as Magecart. The attack, facilitated by a new cybercrime group, impacted 201 online campus stores in the United States and Canada. We started detecting the attacks against multiple campus store websites on April 14, during which the sites were injected with […] more…Confused about Cybersecurity Platforms? We Can Help.
“Cybersecurity platform” continues to be an industry buzzword. Vendors talk about it at industry events, and many analysts. But can every vendor claim to offer a platform and also be credible? More importantly, how does that help your business? The security industry has evolved by responding to emerging threats with new, shiny tools, resulting in […] more…Xinjiang Surveillance App Targets Legal, Everyday Behaviour: Rights Group
Chinese authorities are using a mobile app designed for mass surveillance to profile, investigate and detain Muslims in Xinjiang by labelling “completely lawful” behaviour as suspicious, a Human Rights Watch report said Thursday. read more more…More information
- Zuckerberg Phones Obama for Answers About NSA Spying
- Bitcoin to reach $250K (by 2022), say leaders at the 2018 Crypto Finance Conference
- UEM to marry security – finally – after long courtship
- Microsoft Internet Explorer CVE-2015-2490 Remote Memory Corruption Vulnerability
- US woman arrested for bank robbery brags on YouTube about robbing a bank
- CISA, NSA Share Guidance on Hardening Baseboard Management Controllers
- Binance Bridge Hit by $560 Million Hack
- Online applications for Office 365 are slow
- George Clooney issues burner phones to stop guests from leaking wedding photos
- Segway miniPRO Flaws Put Riders at Risk of Injury