News

In a new campaign, cybercriminals are using Discord to target gamers and steal their credentials and financial info. The bad actors have abused Discord to host, spread, and control malware aimed at the users of this chat service, according to new research from Sophos.   Since last year, Discord has increased in popularity with 140 times more URLs hosting malware were blocked in the past two months, compared with the same period in 2020. The...

The man who allegedly hacked Many City is to offer Premier League help in FFP investigation. The alleged hacker, Rui Pinto, at the heart of the Football Leaks allegations has offered assistance to the Premier League in their ongoing investigation of Manchester City. Rui Pinto has been identified as the “whistleblower” who provided German newspaper Der Spiegel with emails and other documents that appeared to suggest the Blues had subverted financial fair play rules, The...

Zscaler has discovered a new batch of apps on the Google Play Store hiding Joker malware that that can steal users' cash and read their text messages. Researchers at Zscaler's ThreatLabz have warned people to delete these "Joker apps" that can steal cash and read your text messages from Android phones. The malware can even sign users up to subscription plans and charge any cards saved to their accounts. This specific type of malware was...

Security researcher, Gilles Lionel, has uncovered a new NTLM relay attack that lets hackers take over Windows domains, the Hacker News has reported. The security flaw, named PetiPotam, in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. Gilles Lionel shared technical details and proof-of-concept (PoC)...

European Commission regulators have proposed changes to EU law that would force companies that transfer Bitcoin or other crypto-assets to collect details on the recipient and sender. The proposals would make crypto-assets more traceable, the EU Commission said, and would help stop money-laundering and the financing of terrorism. The package also includes the proposal for the creation of a new EU authority to fight money laundering. According to the BBC, the proposals could take two...

This week, cybersecurity provider Netskope released the July 2021 Netskope Cloud and Threat Report, the latest installment of Netskope Threat Labs' biannual research analyzing critical trends in enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. The results revealed that some departing employees present disproportionately significant cloud security risks. In their last 30 days of employment, workers have been proven to be uploading three times more data than...

One Identity, an identity-centric security provider, has been named a Leader in the 2021 Gartner Magic Quadrant for Privileged Access Management (PAM) as the company continues to deliver on its next-generation PAM vision. One Identity helps businesses address the shortcomings of legacy security offerings that are fragmented, complex, manual and too narrow to meet today’s challenges, such as an increase in remote working. With 70 percent of breaches linked to privileged abuse, organisations need a streamlined...

Hackers are using weak and stolen credentials in a significant way to compromise business-critical environments. Stealing access to your environment using a known password for a user account is a much easier way to compromise systems than relying on other vulnerabilities. Therefore, using good password security and robust password policies is an excellent way for organizations to bolster their cybersecurity posture. What characteristics make up an effective password policy? Developing an effective reporting structure for...

A nationwide survey of 2,000 UK employees conducted by Censuswide on behalf of Armis, the unified asset visibility and security platform provider, analyses the new working culture and security of personal devices before the inevitable return to the office.  The results demonstrate a heightened cybersecurity threat as the majority of the UK workforce (61%) intend to return to the office with their personal devices, despite a quarter (25%) admitting to having insufficient policies in place...

By the time you have finished reading this sentence, an organisation somewhere in the world will have fallen victim to a ransomware attack and had at least some of its corporate data encrypted. Globally, on average, the criminals behind ransomware attacks hit a new organisation every 10 seconds, but less than five years ago, it was every 40. Recently, Colonial Pipeline, a major US fuel company made headlines after falling victim to such an attack...