Editor's News

Lookout has announced the discovery of an enterprise-grade Android surveillanceware currently used by the government of Kazakhstan within its borders. Lookout researchers also found evidence of deployment of the spyware – which Lookout researchers have named “Hermit” – in Italy and in northeastern Syria.   Hermit is likely developed by Italian spyware vendor RCS Lab S.p.A. and Tykelab Srl, a telecommunications solutions company that may be operating as a front company. RCS Lab, a known developer...

SafeBreach, the pioneer in breach and attack simulation (BAS), today announced the launch of their EMEA programme, which will aim to bring their dynamic continuous security validation platform to an EMEA audience. The SafeBreach platform enables security teams to assess the efficacy of their security ecosystem by safely executing attacks across the entire cyber kill chain to validate and optimise security controls, prioritise remediation efforts and mitigate critical gaps before a breach occurs. As a...

On 16 April 2022, the ContiNews ransomware PR site posted the gang's newest victim: the Ministry of Finance of Costa Rica. Three days later, the post was updated with a sample of the stolen data, and a threat to continue attacks against Costa Rican agencies unless the government paid a requested ransom of $10 million. On April 21, the post was updated to include the URLs of two more compromised government departments - the Ministry...

A new industry report evaluating the level of security culture worldwide has found a positive improvement overall. The 2022 Security Culture Report by KnowBe4 looked at trends in security culture for the first time, analysing the ideas, customs and social behaviors of an organisation that influence their security. In particular, the report looked at the seven different dimensions of security culture (Attitudes, Behaviors, Cognition, Communication, Compliance, Norms and Responsibilities) across regions and industries worldwide. Key...

Today, Outpost24 has released the results of its 2022 FTSE 100 Credential Theft Study outlining the number of breached credentials from the UK’s most profitable companies online and found up to 31,135 exposed user credentials belonging to FTSE 100 companies on the open, deep and dark web. In fact, 75% of these credentials were stolen through data breaches and 25% were unknowingly obtained via malware infection/stealer. Of this number, over 60% of the stolen user...

  Armis, the unified asset visibility and security platform, disclosed five critical vulnerabilities, known as TLStorm 2.0, in the implementation of TLS communications in multiple models of network switches. The vulnerabilities stem from a similar design flaw identified in the TLStorm vulnerabilities (discovered earlier this year by Armis), expanding the reach of TLStorm to millions of additional enterprise-grade network infrastructure devices.   In March 2022, Armis first disclosed TLStorm—three critical vulnerabilities in APC Smart-UPS devices....

KB4Con 2022 ended on a high point as it involved an individual many of the attendees had been excited to hear from – someone who is widely considered to have coined the term hacking. It was none other than computing security consultant, author, “one-time world-most wanted hacker” and Chief Hacking Officer at KnowBe4, Kevin Mitnick. Kevin, who attend virtually via Zoom, was joined on stage by Colin Murphy, Chief Information Officer at KnowBe4. The talk...

Humanity has always embraced technology and, today, we are seeing increased IoT integration, cloud adoption and vast wave of remote workers who are connecting to more online infrastructures. However, this is leading many to question the cyber resiliency of organisations, particularly at a time when cyber-attacks are at an all-time high. In fact, according to respected engineer and technology author Peter Diamandis, “over the next ten years, we are going to see roughly 100 years...

Yesterday, Synopsys, Inc. announced that it has signed a definitive agreement to acquire WhiteHat Security, a leading provider of application security Software-as-a-Service (SaaS). The addition of WhiteHat Security will provide Synopsys with significant SaaS capabilities and market-segment-leading dynamic application security testing (DAST) technology to strengthen what is considered one of the industry's broadest application security testing portfolio. Synopsys and WhiteHat Security, which was acquired by NTT Security Corporation in 2019, share a vision for delivering SaaS-based security...

Mobile banking is the safest way to bank for UK consumers, RiskOps platform for financial risk management Feedzai revealed in their Q2 2022 Financial Crime Report, based on the analysis of over 18 billion global banking transactions throughout 2021. According to the report, banking represented 88% of all banking transactions in the U.K. during this period; however, fraud rates were over 50% lower using a mobile device compared with desktop, laptop, telephone, or in-person transactions...