Snake bites: Beware malicious Python libraries
Earlier this week, two Python libraries containing malicious code were removed from the Python Package Index (PyPI), Python’s official repository for third-party packages. It’s the latest incarnation of a problem faced by many modern software development communities, raising an important question for all developers who rely on open source software: How can you make it possible […] more…CSO Hall of Fame honorees
The CSO Hall of Fame was created to spotlight outstanding leaders who have significantly contributed to the advancement of information risk management and security. Selected by the editors of CSO, its advisors and executives, the individuals in this inaugural class of the CSO Hall of Fame exemplify leadership excellence and, by their example, contribute to the […] more…CrowdStrike, Ukraine, and the DNC server: Timeline and facts
President Donald Trump, Senator John Kennedy from Louisiana and Secretary of State Mike Pompeo have all given credence to what cybersecurity experts and the US intelligence community deride as a baseless conspiracy theory pushed by Russia. That theory posits that Ukraine, and not Russia, was responsible for hacking into the networks of the Democratic National […] more…IT threat evolution Q3 2019. Statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network: Kaspersky solutions blocked 989,432,403 attacks launched from online resources in 203 countries across the globe. 560,025,316 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted infections by […] more…Could Your Child be Sexting? Signs to Look for and Ways to Respond
Oh, what we wouldn’t do to travel back in time to the days before smartphones kid-jacked our families, right? But here we are. Our kids are forever connected. And, it’s up to parents to help them navigate the risks — one of which is sexting. Ouch. Even reading the word may make any parent want […] more…First Cypriot to Be Extradited to US, on Hacking Charges
A 20-year-old Cypriot wanted for hacking offences in the United States is set to be the country’s first citizen to be extradited there, his lawyer said Monday. The FBI accuses Joshua Epifaniou of extorting thousands of dollars from US firms while still a teenager by breaking into their IT systems and threatening to leak their […] more…Visa Warns of New JavaScript Skimmer ‘Pipka’
A new JavaScript skimmer targets data entered into the payment forms of ecommerce merchant websites, Visa Payment Fraud Disruption (PFD) warns. Dubbed Pipka, the skimmer was discovered on an ecommerce website previously infected with the JavaScript skimmer known as Inter, but it has infected at least sixteen other merchant websites as well. read more more…Alleged mastermind behind $20m stolen-card site extradited to US
Aleksei Burkov allegedly ran Cardplanet, advertised as the only shop with a guarantee: your stolen card will work, or you get a new one! more…More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
By Feike Hacquebord, Cedric Pernet, and Kenney Lu The threat group regularly referred to as APT33 is known to target the oil and aviation industries aggressively. This threat group has been reported on consistently for years, but our recent findings show that the group has been using about a dozen live Command and Control (C&C) […] more…Huge Airbnb scam leads to promise to vet every host, every listing
Shuffling people into – surprise! – cobwebby rat traps has been a snap. Actual vetting may help, plus a new guarantee of 100% refunds. more…Sadfishing, Deepfakes & TikTok: Headlines You May Have Missed
Technology trends move fast and the digital newsfeeds run non-stop. No worries, we’ve got your backs, parents. Here are three important headlines you may have missed about some of the ways kids are using their devices and how you can coach them around the risks. What’s Sadfishing and is Your Child Doing it Online? Sadfishing […] more…Buran Ransomware; the Evolution of VegaLocker
McAfee’s Advanced Threat Research Team observed how a new ransomware family named ‘Buran’ appeared in May 2019. Buran works as a RaaS model like other ransomware families such as REVil, GandCrab (now defunct), Phobos, etc. The author(s) take 25% of the income earned by affiliates, instead of the 30% – 40%, numbers from notorious malware […] more…Mueller Documents: Manafort Pushed Ukraine Hack Theory
During the 2016 presidential campaign, Trump campaign chairman Paul Manafort pushed the idea that Ukraine, not Russia, was behind the hack of the Democratic National Committee servers, Manafort’s deputy told investigators during the special counsel’s Russia probe. The unsubstantiated theory, advanced by President Donald Trump even after he took office, would later help trigger the […] more…Helping Kids Think Critically About Influencers They Follow Online
When I was a teenager, my role model was Olympic gymnast Mary Lou Retton. I admired everything about her. I cut my hair like hers and brushed my teeth three times a day, determined to get my smile to sparkle like hers. I even started eating Wheaties when she endorsed them, thinking it would help […] more…Ransomware: The Digital Plague that Still Persists
Ransomware began its reign of cyber terror in 1989 and remains a serious and dangerous threat today. In layman’s terms, ransomware is malware that employs encryption to lock users out of their devices or block access to critical data or files. A sum of money, or ransom, is then demanded in return for access to […] more…7 Ways to Help Girls Pursue Their Passion for Tech
One of my favorite binges of late is the Netflix series Halt and Catch Fire. It’s a story about the personal computer revolution of the 1980s. The lead character, Cameron Howe, is a brilliant, self-assured young woman who runs circles around her, mostly male, co-workers, with her mad coding skills. I remember being influenced by a […] more…More information
- CISA Says Hackers Exploited BIG-IP Vulnerability in Attacks on U.S. Government
- Protecting art and passwords with biochemistry
- "Ransom32" JavaScript Ransomware Offered as Service
- Enterprise internet attack surface is growing, report shows
- Shellshock Vulnerability Requires Attention
- HP To Adopt Android For Upcoming Mobile Devices
- Cisco secures its SDN
- Tor Project working to fix weakness that can unmask users
- Love a Little Online Shopping? How’s Your Privacy Awareness?
- Google Paid $8.7 Million in Bug Bounties Last Year