dcsimg

Threat spotlight: Phobos ransomware lives up to its name

Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals’ belts years ago. From massive WannaCry outbreaks in 2017 to industry-focused attacks by Ryuk in 2019, ransomware’s got its hooks in global businesses and shows no signs of stopping. That includes a malware family known as Phobos ransomware, named after the Greek god of fear. Phobos is … [Read more...]

New Women in CyberSecurity (WiCyS) veterans program aims to bridge skills gap, diversify sector

The cybersecurity industry has a problem: We have zero unemployment rate. Or so we’re told. With experts predicting millions of job openings in the years to come—coupled with the industry’s projected growth of US$289.9 billion by 2026 and soaring cyberattacks against businesses—now is as good a time as any for organizations to face the problem of the alleged skills shortage and take … [Read more...]

Threat spotlight: The curious case of Ryuk ransomware

Ryuk. A name once unique to a fictional character in a popular Japanese comic book and cartoon series is now a name that appears in several rosters of the nastiest ransomware to ever grace the wild web. For an incredibly young strain—only 15 months old—Ryuk ransomware gaining such notoriety is quite a feat to achieve. Unless the threat actors behind its campaigns call it quits, too—Remember … [Read more...]

Report: Organizations remain vulnerable to increasing insider threats

The latest data breach at Capital One is a noteworthy incident not because it affected over 100 million customer records, 140,000 Social Security numbers (SSNs), and 80,000 linked bank accounts. Nor was it special because the hack was the result of a vulnerable firewall misconfiguration. Many still talk about this breach because a leak of this magnitude, which we’ve historically seen … [Read more...]

SMBs lack resources to defend against cyberattacks, plus pay more in the aftermath

Cyberattacks, many have noted, are the fastest growing economic crime not only in the United States, but also around the world. This upward trend has been observed since 2014, according to PricewaterhouseCoopers (PwC), and won’t likely be slowing down anytime soon. Cyberattacks—much like the advancement of technology, the interweaving of digital lives among familiars and strangers via social … [Read more...]

YouTube ordered to cough up $170M settlement over COPPA infraction

Last week, the Federal Trade Commission (FTC) announced that it has required Google and YouTube to pay a settlement fee totaling $170 million after its video-sharing platform was found violating the Children’s Online Privacy Protection Act (COPPA). The complaint was filed by the FTC and the New York Attorney General, with the former set to receive the penalty amounting to $136 million and the … [Read more...]

300 shades of gray: a look into free mobile VPN apps

The times, they are a changin’. When users once felt free to browse the Internet anonymously, post about their innermost lives on social media, and download apps with frivolity, folks are playing things a little closer to the vest these days. Nowadays, users are paying more attention to privacy and how their personal information is transmitted, processed, stored, and shared. Nearly every … [Read more...]

Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks

Those who are familiar with Bluetooth BR/EDR technology (aka Bluetooth Classic, from 1.0 to 5.1) can attest that it is not perfect. Like any other piece of hardware or software technology already on market, its usefulness comes with flaws. Early last week, academics at Singapore University of Technology, the CISPA Helmholtz Center for Information Security, and University of Oxford released … [Read more...]