News
-
"ICO Warns of "Immature" Biometric Tech"The UK’s data protection regulator has warned organizations using or developing “emotion analysis” technology to act responsibly or risk facing a formal investigation. The Information Commissioner’s Office (ICO) issued a statement recently,…
-
"Ransomware Threat Shifts from US to EMEA and APAC"Security researchers at SonicWall have discovered that the volume of ransomware detections in Q3 2022 was the lowest in two years, but certain geographical regions have become bigger targets as attacks on US organizations wane. The researchers used…
-
"Researchers Uncover Cryptojacking Campaign Targeting Docker, Kubernetes Cloud Servers"CrowdStrike researchers have discovered a new hacking campaign that targets cloud infrastructure worldwide in the service of a cryptojacking scheme. The "Kiss-A-Dog" campaign has been active since at least September, when a CrowdStrike honeypot detected…
-
"BlackBerry Commissioned Research Reveals Four in Five Software Supply Chains Exposed to Cyberattack in the Last 12 Months"BlackBerry announced new research at the 9th annual BlackBerry Security Summit, revealing the scope of software supply chain cybersecurity vulnerabilities in today's organizations. In the last 12 months, four in five (80 percent) IT decision-makers said…
-
"VMware Fixes Critical RCE in VMware Cloud Foundation"VMware has released security updates to address a critical vulnerability in VMware Cloud Foundation, identified as CVE-2021-39144 (CVSSv3 9.8). VMware Cloud Foundation is an advanced hybrid cloud platform as it offers a comprehensive set of software-…
-
"See Tickets Discloses Major Card Data Breach"Global ticketing giant See Tickets has recently begun notifying customers of a significant breach of their personal and financial information, which lasted for over two-and-a-half years. The company, owned by French media firm Vivendi, revealed the…
-
"Incoming OpenSSL Critical Fix: Organizations, Users, Get Ready!"The OpenSSL Project team has announced that on November 1, 2022, OpenSSL version 3.0.7 will be released, which will address a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0).…
-
"LinkedIn Phishing Spoof Bypasses Google Workspace Security"A phishing email appearing to be from LinkedIn with the subject line "We noticed some unusual activity" was discovered targeting users at a travel company in an attempt to steal their LinkedIn credentials. According to Armorblox, the phishing campaign…
-
"Massive Cryptomining Campaign Abuses Free-Tier Cloud Dev Resources"An automated and large-scale 'freejacking' campaign exploits free GitHub, Heroku, and Buddy services to mine cryptocurrency at the expense of the provider. The operation is based on exploiting the limited resources provided by free-tier cloud accounts in…
-
"Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector"Vice Society, a cybercrime organization, has been linked to multiple ransomware strains in its malicious campaigns targeting the education, government, and retail sectors. The Microsoft Security Threat Intelligence team, which is tracking the threat…
-
Spotlight on Lablet Research #35 - Uncertainty in Security AnalysisSpotlight on Lablet Research #35 - Uncertainty in Security Analysis