Malware Attacking IoT Devices To Intensify

A new strain of malware is wiping the firmware of IoT devices in attacks reminiscent of the old BrickerBot malware that destroyed millions of devices back in 2017.  In the last 24 hours, thousands of IoT devices have been bricked by a new malware strain. Named Silex, the malware is wiping the firmware of IoT devices with more than […]

Windows FlawedAmmyy RAT Malware Spreading via Excel -MSOFT Recommends Disabling Macros

Developing a Security Strategy

Microsoft’s Security Intelligence team warns of a new malware campaign that infects and compromises fully patched Windows PCs, and which spreads via malicious macro functions in an Excel attachment to activate “a complex infection chain to download and run the notorious FlawedAmmyy remote access trojan directly in memory.” Microsoft recommends disabling macros. A Virsec expert offers thoughts. New attack wave with FlawedAmmyy RAT #ThreatoftheDay […]

Survey: Organisations Increase Risk With Over Reliance On Cloud Vendors For Security

CyberArk Report Shows 70 Percent of UK Organisations Rely Primarily on Cloud Providers to Protect Their Workloads  According to a new CyberArk (NASDAQ: CYBR) survey, as organisations increasingly move critical applications, regulated customer data and development work into public cloud environments, 32 percent of UK organisations say the number one benefit for moving workloads to the cloud is to offload security risk. This is […]

Raspberry Pi Used To Steal Data From NASA Lab

It has been reported that a tiny Raspberry Pi computer has been used to steal data from Nasa’s Jet Propulsion Laboratory. An audit report reveals the gadget was used to take about 500MB of data. It said two of the files that were taken dealt with the international transfer of restricted military and space technology. The attacker who used […]

Construction Industry Most Vulnerable To Phishing Scams

According to a recent ‘Phishing by Industry‘ report by KnowBe4, construction industry staff are most vulnerable when it comes to phishing scams.  The report looks at 19 industries breaking them down into three categories, small (up to 250 workers); medium (250-999); and large (1,000+)  Those in the construction industry placed first in falling for attacks in small and medium-sized businesses and […]

Australian Hacker Jailed For Insider Trading

Following the news that an Australian man has been sentenced to three years in prison after pleading guilty to 11 charges including insider trading and unauthorised access to data with the intention to commit a serious offence, security experts commented below.  Australian Hacker to Serve 3 Years in Prison for Insider Trading, Unauthorized Computer Access — CSPF […]

iOS Devices Compromised Again

A Seemingly Common Attack  The Media Trust has uncovered malicious campaigns streaming through one of the world’s largest global demand-side (DSP) adtech providers. The team detected the attacks while monitoring premium websites and mobile apps on devices using iOS version 12. Hiding within a PNG file to escape detection and persist, the malware behind the attack, named […]

Espionage Campaign Steals Massive Amounts Of Data From Cell Network Providers

Security researchers at Cybereason have uncovered a massive espionage campaign involving the theft of call records from hacked cell network providers to conduct targeted surveillance on individuals of interest. The hackers systematically broke into more than 10 cell networks around the world over the past seven years to obtain all data stored in the active directories including usernames, […]