Uncategorized

Crossword Cybersecurity Plc has released a report highlighting anxieties surrounding security strategies soon growing outdated. Over 200 CISOS and senior cybersecurity professionals were surveyed. Key findings include: 40% of respondents expect their current cybersecurity strategy be outdated in the next two years. A further 37% expected their current cybersecurity strategy be outdated in the next three years 61.4% were "fairly confident" in their ability to prevent cyber attacks 44% said they had the means necessary...

NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE) has admitted South Korea, the first Asian country to join. The country's National Intelligence Service (NIS) made the announcement today, noting that it will represent South Korea in the centre's training and research activities. “We plan to strengthen our cyber response capabilities to a world-class level by increasing the number of our staff sent to the centre and expanding the scope of joint training,” the NIS said, as...

Synopsys has been named by Gartner, Inc. as a Leader in the “Magic Quadrant for Application Security Testing” for the sixth consecutive year.1 In the report, Gartner evaluated 14 application security testing vendors based on their Completeness of Vision and Ability to Execute. Synopsys placed highest in Ability to Execute and Completeness of Vision for the fourth year in a row. As the speed and complexity of development increases and the occurrence of high-impact application security...

State sponsored hackers operating out of North Korea have been targeting journalists with a novel malware strain, it has been revealed.  The group, known as APT37, distribute the malware through a phishing attack originally discovered by NK news, a US news site specialising in covering news and providing research and analysis about North Korea, using intelligence from within the country. APT37, also known as Ricochet Chollima, is suspected to be sponsored by the North Korean...

The Five-Eyes joint advisory board has warned that Russia is considering cyber attacks on Western nations as part of its war in Ukraine. Five-Eyes agencies have said several Russian government and military organisations, including the Federal Security Service (FSB), the Foreign Intelligence Service (SVR) and the General Staff Main Intelligence Directorate (GRU), have conducted malicious cyber operations against information and operational technology networks. It's believed that multiple advanced persistent threat (APT) actors operating out of...

The world has had a rough time following the spread of Coronavirus, also referred to as COVID-19. Following the pandemic’s impact on economical, political, and social aspects, one of the biggest adoptions was working from home, also referred to as remote working. If companies and businesses were to continue operating and cut down losses, remote working was the solution.  However, remote working is completely different compared to working at the office in numerous ways, but...

The UK Prime Minister's Office has been targeted by Pegasus spyware over the past two years. Citizen Lab, a Canadian non-profit, has been tracking the use of the spyware, produced by Israel's NSO group, in recent years. NSO Group is being sued by WhatsApp and Apple as their customers were targeted by the covert malware. It also emerged last year that the iPhones of nine US State Department officials were compromised by the spyware. Citizen Lab revealed...

Cash App, a popular stock trading app, has suffered a data breach impacting up to 8.2 million former and current users. It has been reported that the breach was caused by a former employee illegitimately accessing customer information. Block, Cash App's owner, notified the Security and Exchange Commission (SEC) of the breach on Monday. The filing reported that a former employee downloaded investing reports containing information belonging to US customers, including full names, brokerage account numbers,...

A relatively new Ransomware, LokiLocker, uses the standard extortion-through-encryption racket but also incorporates disk-wiper functionality. Double extortion soared in popularity last year, with ransomware gangs stealing files before encrypting them to threaten victims with a sensitive data leak if they didn't pay up. BlackBerry Threat Intelligence is warning that LokiLock, first seen in August 2021, now features an "optional wiper functionality" to put increased pressure on victims. Instead of using the threat of leaking a...

New research suggests that mobile applications boasting tens of millions of downloads are leaking sensitive user data due to the misconfiguration of back-end cloud databases, according to Check Point. Check Point's three-month study began with a simple query on VirusTotal for mobile apps listed on the malware scanning service that communicates with the Firebase cloud database. Using this method, the vendor discovered 2113 mobile apps that had their Firebase back-end exposed due to misconfigurations. The vendor...