


It’s interesting that they are targeting construction – that’s an industry that hasn’t received as much attention from attackers as other sectors. Usually, attackers are focused on healthcare, finance, energy, and retail – but those industries have certainly increased their investments in cybersecurity training over the last two years, so these attackers cleverly shifted to construction, where every initiative involves tens of millions or often hundreds of millions of dollars, and
.....Read More
The questions to ask are who are they, who are they watching, and why? It’s a given that this type of data stalking on a mass scale is criminal - there’s a very clear and thick legal line of privacy and data that this group is on the other side of with their data extraction.
While we don’t know if this is a state-sponsored actor, a proxy for a nation-state, or a monetization player, we do that the Biden Administration will be tackling cybersecurity policy on these types of threats with new
.....Read More
This FreakOut malware is just at the beginning of its infancy, but it’s a great reminder that even if you think you’re not a target, you absolutely are, and we all need to do whatever we can to stay safe and keep our risks as low as possible. You must always assume that the vulnerability is out there.
This malware attacks Linux devices that haven’t been updated. Once it’s gains access to a network, it does port scanning, sending TCP packets, network sniffing, etc. But, if you’ve been
.....Read More
Healthcare was hard hit in 2020 and 2021 looks like it will bring more of the same. The COVID19 pandemic changed how we work, with a massive shift to remote work for those who can do it, and that brought new cybersecurity challenges as organizations brought their security up to deal with the new threat surfaces. This was especially challenging for Healthcare, which had the added challenge of an unprecedented number of patients stressing their resources to the limit and leaving few cycles to
.....Read More
Our applause to Sakura Samurai’s team – what they did was worthy of it! This was successful because the UN’s vulnerability disclosure policy was transparent – that’s why they decided to look for the vulnerabilities. There was a sense of trust that they would be recognized, not persecuted.
Also, it wasn’t well known that the UN has a vulnerability disclosure policy, and that’s ironic as these types of organizations are the ones that need it the most. The process the researchers faced could
.....Read More




