As the world of AI and deepfake technology grows more complex, the risk that deepfakes pose to firms and individuals grows increasingly potent. This growing sophistication of the latest software and algorithms has allowed malicious hackers, scammers and cyber criminals who work tirelessly behind the scenes to stay one step ahead of the authorities,...

A new variant of a sophisticated Android locker family used an innovative sequence to load its ransom note on infected devices. On October 8, Microsoft Defender Research Team revealed that it had spotted a new Android locker variant using novel techniques to display its ransom note to its victims. This threat specifically targeted two components on...

The confirmation that US President Donald Trump has been infected by the Coronavirus, and had to spend time this weekend in hospital, has - understandably - made headlines around the world. And there are plenty of people, on both sides of the political divide, who are interested in learning more about his health status. It's no surprise, therefore,...

Researchers uncovered a new toolset they've dubbed "MontysThree" that has played a role in targeted industrial espionage attacks stretching back to 2018. In the summer of 2020, Kaspersky Lab discovered that an unknown actor had been using a modular C++ toolset called "MT3" to conduct targeted industrial espionage campaigns for years. The security...

Qatar is one of the wealthiest countries in the world. Finances Online, Global Finance Magazine and others consider it to be the wealthiest nation. This is because the country has a small population of under 3 million but relies on oil for the majority of its exports and Gross Domestic Product (GDP). These two factors helped to push the country’s...

Tripwire Enterprise is a powerful tool. It provides customers insight into nearly every aspect of their systems and devices. From change management to configuration and compliance, Tripwire can provide “eyes on” across the network. Gathering that vast amount of data for analysis does not come without challenges. Customers have asked for better...

An updated variant of the Valak malware family earned a place on a security firm's "most wanted malware" list for the first time. Check Point revealed that an updated version of Valak ranked as the ninth most prevalent malware in its Global Threat Index for September 2020. First detected back in 2019, Valak garnered the attention of Cybereason in...

As I had mentioned previously, this year, I’m going back to school. Not to take classes but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...

Security researchers came across a new attack that abused the Windows Error Reporting (WER) service in order to evade detection. Malwarebytes observed that the attack began with a .ZIP file containing “Compensation manual.doc.” The security firm reasoned that those responsible for this attack had likely used spear-phishing emails to distribute the...

Tripwire's September 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, and various Linux distributions. Up first on the patch priority list this month is a very high priority vulnerability, which is called "Zerologon" and identified by CVE-2020-1472. It is an elevation of privilege vulnerability that...

“Doubt is an unpleasant condition, but certainty is an absurd one.” Whilst I claim no particular knowledge of the eighteenth-century philosopher Voltaire, the quote above (which I admit to randomly stumbling upon in a completely unrelated book) stuck in my mind as a fitting way to consider the shift from traditional, perimeter-focused ’network...

For many companies it would be a nightmare to discover that they are the latest unwitting victim of a ransomware attack, capable of crippling computer systems and locking up data if a payment isn't made to cybercriminals. There's no magic wand that can make a ransomware attack simply disappear with no impact at all on an organisation, but you can...

A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin, 32, of Russia to 88...

This is a true story. I was sitting at breakfast the other day with my wife. As we waited for our food to arrive, four people were sitting at a socially distanced table. They were discussing how they have to restart their computers every month because of “something Microsoft does that makes me restart.” The conversation continued: Diner 1: “That’s...

As I had mentioned previously, this year, I’m going back to school. Not to take classes but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...

One of our customers (You know who you are, thanks!) made us aware of a new practice guide titled “ERO Enterprise CMEP Practice Guide: Assessment of SVCHOST.EXE” published exactly two weeks ago today on September 15th, 2020. North American Electric Reliability Corporation (NERC) seldom releases guidance like this, so they shouldn’t go unnoticed....

A federal jury convicted the owner of a bitcoin exchange for his role in a multi-million dollar scheme involving online auction fraud. On September 28, a federal jury in Frankfort, Kentucky found Bulgarian national Rossen Iossifov, 53, guilty of one count of conspiracy to commit racketeering and one...

I’ve spoken before about Zero Trust approaches to security, but for many of those starting on their journey, there isn’t an obvious place to start with the model. With this post, I wanted to share an example approach I’ve seen working that many organisations already have in place and can be easily rolled into a larger program of Zero Trust hardening...

Cybersecurity Supply Chain Risk Management (C-SCRM) deals with more than protecting an organization from cyber-attacks on third parties. It also addresses third parties to those third parties (known as “fourth parties”). Further still, a vendor to your vendor's vendor is a fifth party, then a sixth party, etc. Your SCRM should involve knowledge of...

A new ransomware strain called "Mount Locker" is demanding that victims pay multi-million dollar ransom payments to recover their data. According to Bleeping Computer, the ransomware first began making the rounds in July 2020. The malicious actors responsible for this threat took a cue from other crypto-malware gangs by stealing victims' unencrypted...