Researchers Uncover New Version Of The Infamous Flame Malware

Flame, the nation-state-developed malware kit that targeted computers in Iran, has reemerged after going quiet when researchers exposed it back in 2012. The attackers tried to hide their tracks by scrubbing servers used to talk to infected computers. Some thought they had seen the last of the potent malware platform.  Tracing early components of Flame, researchers found a new […]

F5 Research Explores 2018 Breach Trends

Reaching out to share 2018 breach trends research from F5 Networks which explores the relationship between business models and breach vectors. This research is part of the 2019 application protection report, which is being released in a series of short, focused research segments rather than the lengthier report of years’ past.    Notable takeaways include:  Phishing was the […]

Dangerous Account Validation Phishing Scam Sails Right Past Email Spam Filters

According to new research by Comparitech.com, some websites have failed to fully secure their sign-up forms, which scammers are using as a gateway to smuggle malicious phishing links past email spam filters and into user inboxes.  At present, there’s no effective method users can employ to stop these emails from bypassing email spam filter. Although spam […]

Yahoo In New $117.5 Million Data Breach Settlement

Yahoo has reached a revised $117.5 million (89.8 million pounds) settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history. Verizon's plan to spend $300M on #cybersecurity is 5X what Yahoo had previously spent during the #breach years 🙈 And they're pledging to quadruple Yahoo's #infosec staff. 👍😊 […]

European Union Releases Guidelines On Ethical AI

cyber security and tech industry

Yesterday, the European Commission released its own guidelines calling for “trustworthy AI.” According to the EU, AI should adhere to the basic ethical principles of respect for human autonomy, prevention of harm, fairness and accountability. The guidelines include seven requirements — listed below — and call particular attention to protecting vulnerable groups, like children and people with […]

Xiaomi Browsers Still Vulnerable After Failed Patches

It has been reported that Xiaomi browsers are still vulnerable after failed patches. Xiaomi has trouble permanently patching its browsers against a vulnerability that enables spoofing URLs in a way that is difficult to detect by users. The flaw affects the international versions of Mint Browser and Mi, the web browser that comes pre-installed on Xiaomi smartphones. It […]

Powerful Malware That Tried To Blow Up Saudi Plant Strikes Again

A highly capable malware reportedly used in a failed plot to blow up a Saudi petrochemical plant has now been linked to a second compromised facility.    FireEye researchers say the unnamed “critical infrastructure” facility was the latest victim of the powerful Triton malware, the umbrella term for a series of malicious custom components used to launch […]

3 Cybersecurity Takeaways From RSA Conference 2019

Like most of the cybersecurity industry, the Awake team was on the ground at RSA Conference last month discussing the latest security trends, threats and solutions. During the show, we surveyed pros who visited the Awake booth to learn more about the issues they’re currently facing. Here are some of the key takeaways uncovered by […]

TajMahal: Rare Spying Platform With 80 Malicious Modules, Unique Functionality And No Known Links To Current Threat Actors

Kaspersky Lab researchers have uncovered a technically sophisticated cyberespionage framework that has been active since at least 2013 and appears to be unconnected to any known threat actors. The framework, which researchers have named TajMahal, features around 80 malicious modules and includes functionality never before seen in an advanced persistent threat, such as the ability to […]