Phishing attacks from last year have broken previous records from the past years. Experts claimed that the emergence of phishing-as-a-service methods and new attack vectors caused this massive upsurge of the attacks. Some researchers also think that the low barrier of entry contributed to the widespread of similar attacks. Threat actors take advantage of current...Continue Reading
The UK’s top cyber security authority has supported the United State government’s call for setting a solid defense against hackers, especially from Moscow, during this Russia/Ukraine geopolitical conflict. According to the NCSC, the current war near their region should encourage security providers to develop a more vigilant way of countering risks. The NCSC also recommends...Continue Reading
Google has recently revealed big news regarding their latest acquisition of a threat intelligence and cybersecurity firm, Mandiant, sold in an all-cash deal of $5.4 billion. After the acquisition has been finalised, Mandiant will be added to the array of Google’s cybersecurity portfolio, including VirusTotal, BeyondCorp Enterprise, Cybersecurity Action Team, and Chronicle, which is expected...Continue Reading
Since the beginning of Russia’s invasion, Ukraine has been seeking the help of different companies and organizations worldwide to be their ally against the threats of the attacking country. One of the requests that Ukraine has made is for the Internet Corporation for Assigned Names and Numbers or ICANN to revoke Russia’s top-level domains and...Continue Reading
Security researchers have demonstrated a new method called Poisoned Pipeline Execution (PPE) that abuses permissions inside Source Code Management (SCM) repositories. Experts claim that the new approach exploit can lead to poisoned pipeline attacks. Moreover, the researchers noted that the Poisoned Pipeline Execution focuses on utilising CI configuration files stored in pipeline repositories. These files...Continue Reading
A school website services provider called FinalSite has experienced a ransomware attack resulting in numerous shutdowns of school websites globally. The website services provider is a SaaS (software-as-a-service) that offers website makeover, hosting, design, and content management solutions for senior high school districts and universities. FinalSite has provided website solutions for approximately 8,000 academic institutions...Continue Reading
A newly developed method to detect stealthy malware on IoT devices has been created by cybersecurity researchers, which uses electromagnetic field emanations to identify existing malware in every device. The method can also be applied to detecting obfuscated malware. The recent discovery was introduced by researchers from IRISA (Research Institute of Computer Science and Random...Continue Reading
Microsoft has disrupted a hacking group’s activities after legally seizing malicious websites operated by a Chinese threat group named Nickel. Nickel was discovered to have targeted multiple firms in 28 countries, including human rights organisations, government agencies, and other intelligence groups. For this reason, Microsoft believed that the Chinese threat group was mainly focusing on...Continue Reading
Microsoft recently announced that the first Secured-core certified Windows Servers and Microsoft Azure Stack HCI devices are now safe against cyberattacks, including ransomware threats. The tech giant’s Secured-core devices are offered to protect users against the surge of firmware vulnerabilities exploited by threat actors in bypassing Windows devices’ Secure Boot and the deficiency in firmware visibility...Continue Reading
