Friday , 26 May 2017
Home » Author Archives: Dean Alvarez

Author Archives: Dean Alvarez

Dean is Features Editor at IT Security Guru. Aside from cyber security and all things tech, Dean's interests include wine tasting, roller blading and playing the oboe in his Christian rock band, Noughts & Crosses.

You can reach Dean via email - dean@itsecurityguru.org

3 Nigerian Cyberthieves Sentenced to Total of 235 Years in Prison

A federal district court sentenced three Nigerian cybercriminals to a collective 235 years in prison for tens of millions of dollars in intended losses via identity theft, credit card fraud, mail fraud, and pilfering government property, the US Department of Justice announced today. Femi Alexander Mewase, 45, received a 25-year prison sentence; Oladimeji Seun Ayelotan, 30, received a 95-year prison ... Read More »

Kremlin critics targeted in hacking attack

Hackers are stepping up efforts to steal and manipulate emails from critics of the Russian government, security researchers say, using techniques that were hallmarks of a cyber attack on Emmanuel Macron’s campaign on the eve of France’s presidential election.   View Full Story Here ORIGINAL SOURCE: Financial Times Read More »

WannaCry: Ransom note analysis throws up new clues

As the world works towards identifying the perpetrators of the WannaCry ransomware campaign, one group of cybersecurity researchers says they’ve likely determined the native language of the writer of the ransom note, another potential step towards attributing the attack. A number of cybersecurity firms have tentatively linked the attack to North Korea, but now analysis of WannaCry ransom notes in 28 languages ... Read More »

Fat-thumbed dev slashes Samba security

Sysadmins tending Samba need to get patching. Samba’s announcement, here, explains that it’s suffering from a remote code execution bug that applies to all versions newer than Samba 3.5.0. The software, currently at version 4.6.4, provides *nix integration with Windows file and print services. In CVE-2017-7494, a malicious client can “upload a shared library to a writable share, and then cause ... Read More »

Tech Support Scammers Are Exploiting Mass Hysteria Surrounding WannaCry

As everyone expected, scammers are attempting to cash in on the mass hysteria currently surrounding the WannaCry ransomware outbreak, a mass-infection took place over the weekend of May 12 and 14, and whose effects we still feel today. While the WannaCry attacks have been stopped thanks to a British researcher named MalwareTech, the ransomware’s virulent attacks have made everyone take notice. View Full ... Read More »

Republican lawmaker suggests DNC hack may have been ‘insider job’ citing ‘stuff on the internet’

Republican Representative Blake Farenthold of Texas suggested on Wednesday (24 May) that the 2016 Democratic National Committee hack could have been an “insider job”, citing “stuff circulating on the internet”. Last year, whistleblowing outfit WikiLeaks leaked thousands of embarrassing internal emails from top Democratic officials. Earlier this week, Fox News retracted a story that fuelled a conspiracy theory linking the murder of ... Read More »

CIOs increasingly focus on innovation

Two-thirds of organizations are adapting their technology strategies in the midst of global political and economic uncertainty, with 89 percent maintaining or ramping up investment in innovation, including in digital labor, and 52 percent investing in more nimble technology platforms, according to the 2017 Harvey Nash/KPMG CIO Survey. It is clear digital strategies have infiltrated businesses across the globe at an entirely new ... Read More »

Twitter flaw allowed you to tweet from any account

http://www.zdnet.com/article/twitter-flaw-allowed-you-to-tweet-from-any-account/ A Twitter security flaw which went undetected for years allowed attackers to post messages masquerading as any user they chose. A security researcher that goes under the moniker Kedrisch disclosed the flaw on Tuesday, which was present on the microblogging platform until 28 February this year. Discovered in Twitter Ads Studio, a platform for advertisers to upload media and content, the high-severity ... Read More »

Government plans to push through powers that will force tech giants to hand over encrypted messages

Swiftly after the UK’s surveillance laws came into force at the end of last year, a legal challenge was launched by privacy campaigners to fight the bulk data collection allowed under the law. The government’s implementation of the Investigatory Powers Act is now continuing with ministers saying they will push through powers to allow for almost real-time surveillance and the removal of encryption. According ... Read More »

Media players wide open to malware fired from booby-trapped subtitles

Hackers have gone back to the future by attempting to infect targets with booby-trapped subtitle files. By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers, attackers can hope to take complete control of any device running the vulnerable platforms. Hackers have pushed trojans under the guise of subtitle files as far back as 2003. This ... Read More »