5 Lessons Learned From Hundreds of Penetration Tests
Developers must balance creativity with security frameworks to keep applications safe. Correlating business logic with security logic will pay in safety dividends.
Cyber News, Cyber Threat Trends
- March 13, 2023
The Art of Cyber
Written in ancient China, Sun Tzu’s The Art of War is a timeless masterwork of military strategy that has been studied and implemented for centuries. Nonetheless, the book’s described principles and techniques are not limited to military applications. They are applicable in numerous settings, including business, sports, and even cybersecurity. The Art of Cyber is […]
Cyber News, Cyber Threat TrendsFriday Squid Blogging: Chinese Squid Fishing in the Southeast Pacific
Chinese squid fishing boats are overwhelming Ecuador and Peru. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Cyber News, Cyber Threat Trends
- March 11, 2023
ChatGPT Browser Extension Hijacks Facebook Business Accounts
Between March 3 and March 9, at least 2,000 people a day downloaded the malicious “Quick access to ChatGPT” Chrome extension from the Google Play app store.
Cyber News, Cyber Threat Trends
- March 11, 2023
And the Cyberattack Goes To … Oscar-Nominated Film Fans
With the rise of cybercriminals targeting online piracy, this year’s Oscar-nom fans need to be especially careful not to download malicious files while attempting to watch popular films for free.
Cyber News, Cyber Threat Trends
- March 11, 2023
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. According to cybersecurity company eSentire, malicious ads are used to spoof a wide range of legitimate apps and services such as Adobe, OpenAPI’s ChatGPT, Spotify, Tableau, and Zoom. BATLOADER, as the name suggests, is a loader that’s […]
Cyber News, Cyber Threat TrendsWhatsApp and UK government on collision course, as app vows not to remove end-to-end encryption
The boss of WhatsApp, the most popular messaging platform in the UK, says that it will not remove end-to-end encryption from the app to comply with requirements set out in the UK government’s online safety bill. Learn more in my article on the Hot for Security blog.
Cyber News, Cyber Threat TrendsAttend Network Meeting
The post Attend Network Meeting appeared first on Da Vinci Forensics.
Cyber News, Cyber Threat Trends
- March 9, 2023
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world. The intrusions entail the exploitation of a recently disclosed deserialization vulnerability in IBM Aspera Faspex file-sharing software (CVE-2022-47986, CVSS score: 9.8), according to
Cyber News, Cyber Threat Trends