If you, or your kids, are fans of Minecraft - you might be wise not to download any new mods of plugins for a while. Computer security researchers say that they have uncovered that cybercriminals have succeeded in embedding malware named "Fracturizer" within packages and plugins used to modify the behaviour and appearance of the phenomenally popular game. As Bleeping Computer reports , hackers...

Contrary to stereotype, today’s cyberattacks aren’t limited to complex tactics such as the use of zero-day exploits or polymorphic malware that flies under the radar of traditional defenses. Instead of going the extra mile to set such schemes in motion, most threat actors take a shortcut and piggyback the human factor. A combination of a would-be victim’s security awareness gap, insufficient...

It’s hard to be in the realm of technology and not hear about APIs these days. Whether it’s the launch of the ChatGPT API or news of a significant data breach at Twitter , APIs are having their time in the spotlight. Yet, despite their ubiquity, many still have questions about APIs' capabilities (and limitations). What are APIs for? What do they do? And what are they unable to do in the current...

On the surface, ransomware – malicious software designed to block access to a computer system until a sum of money is paid – appears to be off to yet another ruthless start in 2023 as one of the leading types of malware. Recent victims of public attacks in North America include industries such as health care, communication, education, and even government offices and municipalities. While this all...

Traveling abroad, whether for business or leisure, brings plenty of tangible benefits to individuals and organizations. Coupled with the convenience of innovative technology at our fingertips, business professionals can achieve a lot if they spend much of their time on foreign shores. However, despite this digital evolution, traveling abroad can present numerous risks to your data and systems. If...

Back in 2015, we published an article about the apparent perils of driverless cars. At that time, the newness and novelty of sitting back and allowing a car to drive you to your destination created a source of criminal fascination for some, and a nightmare for others. It has been eight years since the original article was published, so perhaps it is time to revisit the topic to see if driverless...

Jetpack, an extremely popular WordPress plugin that provides a variety of functions including security features for around five million websites, has received a critical security update following the discovery of a bug that has lurked unnoticed since 2012. Jetpack's maintainers, Automattic, announced on Tuesday that it had worked closely with the WordPress security team to push out an automatic...

Not all Risks Become Threats Insider threats are an updated version of the wolf in sheep's clothing - the people we rely on to safeguard systems and data can sometimes be the ones who pose the greatest risk. From malicious actors to negligent employees, insider threats come in many forms and can have devastating consequences for organizations of all sizes. Who’s an Insider? An insider is “anyone...

Cybersecurity has risen to become a major concern for nearly every industry. With the constant stream of news about the escalating numbers of breaches, it is understandable that governments have taken a more active role by passing cybersecurity and privacy legislation. Some of the industries are not top of mind to many people. For example, few people are aware of all of the industries that make up...

How many internet-connected devices do you own? If you took a quick inventory around your house , you may be surprised at exactly how many there are. Have you ever wondered how they all communicate, not only with each other, but with the internet as well? This is, in part the result of technology known as IP addressing. What is an IP address? An IP (Internet Protocol) address is your computer's...

The US healthcare sector continues to be aggressively targeted by ransomware operators. Royal and BlackCat are two of the more recent – and highly sophisticated – ransomware threats. These two new flavors of ransomware pose serious potential impacts on the healthcare sector, but there are appropriate mitigation and defense strategies that organizations can take to protect against them. What is...

Bad enough for your company to be held to ransom after a cyber attack. Worse still to then have one of your own employees exploit the attack in an attempt to steal the ransom for themselves. That's the situation gene and cell therapy firm Oxford BioMedica found itself in. On 27 February 2018, the Oxford-based firm discovered that it had suffered a cyber attack after it received a ransom demand...

Polymorphic and metamorphic malware constantly changes itself in order to avoid detection and persistently remain on the system. This adaptive behavior is the main distinctive attribute of these types of malware, which is also why they are harder to detect; it is also why they pose a great threat to systems. On the surface, the functionality of this sort of changing and mutating malware appears...

This one took a bit longer to read than most of the books we review, but that’s entirely on me… everyone else finished it a while ago. This time around, we’re looking at How to Hack Like a Legend: Breaking Windows by Sparc Flow. The No Starch Press page says that the book is “packed with interesting tricks, ingenious tips, and links to useful resources to give you a fast-paced, hands-on guide to...

The Tripwire Vulnerability Exposure and Research Team (VERT) keeps its finger on the cybersecurity pulse. Check out some of the stories that stood out for us recently: Multiple Vulnerabilities in Netgear Routers Netgear RAX30 routers are subject to multiple vulnerabilities. These vulnerabilities could be chained together to achieve an authentication bypass and code execution. It is advised that...

The Artificial intelligence (AI) based language model, ChatGPT, has gained a lot of attention recently, and rightfully so. It is arguably the most widely popular technical innovation since the introduction of the now ubiquitous smart speakers in our homes that enable us to call out a question and receive an instant answer. But what is it, and why is it relevant to cyber security and data...

Gabrielle is a security engineer. She deploys tools to scan for threats and vulnerabilities, read logs, and manage the security risks for her company, but is all that data really helping? Sometimes, it seems like she works in a noise factory instead of a SOC . The cacophony of all the log and event data and vulnerability scans are pouring into the SIEM, and it’s Gabrielle’s job to listen to the...

The US Cybersecurity and Infrastructure Security Agency (CISA), FBI, and others have issued a joint alert , advising organisations of the steps they should take to mitigate the threat posed by BianLian ransomware attacks. BianLian, which has been targeting different industry sectors since June 2022, is a ransomware developer, deployer and data extortion group which has predominantly targeted...

‘A ship in port is safe, but that's not what ships are built for,’ said Dr. Grace Hopper, Rear Admiral of the US Navy and a computer pioneer. As soon as the ship leaves the harbor, or even the dock, there are risks. Depending on conditions and purposes, the ship's crew might decide they are negligible, that they can be recovered from, or that the potential rewards are worth the risk. The same...

While there are an estimated 30,000 daily cyber attacks on business websites, there are roughly ten times as many attacks against social media accounts every single day, equating to roughly 1.4 billion accounts every month. Social media attacks and scams have become pervasive problems, with threat actors finding innovative new ways to deceive users and steal their information. While social media...