Get in Touch
The U.S. and global protests of the killing of George Floyd are being used to spread malware according to the cybersecurity non-profit organization abuse.ch.
The Zurich-based group identified a phishing campaign that capitalizes on the Black Lives Matter movement to distribute malware. Emails with the subject line “Vote anonymous about ‘Black Lives Matter’” have been sending a variant of TrickBot,...
CIA-developed hacking tools stolen in 2016 were compromised by an organizational culture of lax cybersecurity, according to an internal memo.
In a 2017 memo recently acquired by the Washington Post, a CIA task force attributed the exfiltration of critical hacking tools and data to “a culture… that too often prioritized creativity and collaboration at the expense of security.”
The task force...
269 gigabytes of potentially sensitive data collected from more than 200 police departments across the country were leaked online last week.
The data, called “BlueLeaks,” was shared online by a group called Distributed Denial of Secrets, or DDoSecrets), a Wikileaks-style organization committed to “enabling the free transmission of data in the public interest.”
According to the leakers, the dump included, “Ten...
Phony contact-tracing apps meant to mitigate the spread of the Covid-19 pandemic are installing ransomware on mobile devices.
One app billed itself, “The Covid-19 Tracer App,” claiming to be an official mobile app of the Canadian government’s coronavirus contact tracing effort. “The more Canadians who voluntarily download and use the app, the safer we’ll be, and the faster we can...
We're not even halfway through 2020, and already it's been a record-breaking year for ransomware attacks. Barely a week goes by without reports of a new strain or variant of malware wreaking havoc among companies.
1-99-employee companies are a target
No industry, category, size, or group is safe from this cyber scourge.
We hear about the big ones. Manufacturing giant Honda had its networks brought to a...
There is no overestimating the value of your company's domain name. Whether you work for a big brand or run a mom-and-pop dot-com, the goal is easy navigation to your site. A prospective client or customer types your company name and their browser does the rest.
What would happen if you typed in "Amazon," the corresponding domain popped up, and you clicked, but...
The NSA has issued a cybersecurity advisory about the use of location data on personal devices, social media accounts, mobile applications, as well as Internet of Things-enabled devices.
The advisory, titled “Limiting Location Data Exposure,” was released August 4. While it is directed at government officials, the advice could also help the general public mitigate risks to data and privacy...
Simple spelling errors in URLs can expose you to phishing, malware, and other kinds of cyber trickery. In the latest episode of Third Certainty, Adam Levin discusses typosquatting and how it can put your data security in jeopardy.
The FBI warned in a private industry notification published August 3 that companies and organizations still using Windows 7 are at risk.
Microsoft’s end of life (EOL) announcement for version 7 of its flagship Windows operating system means most customers still using it would no longer receive security updates or technical support. According to the FBI notification, continued use of...
Cybercriminals are increasingly registering email addresses with legitimate services and using them in the commission of business email compromise (BEC) attacks.
A recent study of hacking methods published by Barracuda found that more than 6,000 email accounts using legitimate services had been linked to more than 100,000 BEC attacks on roughly 6,600 organizations this year.
Gmail accounted for 59% of the...