Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain initial access. “The analyzed threat campaign appears to end in one of two ways, either the selling of ‘access’ to the compromised host, or the […]
Cyber News
This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN: The second notable new feature is the ability to interrupt biometric operations on the device, like fingerprint and face unlock, by using the Accessibility service to force a fallback to PIN or password authentication. […]
Cyber News
Clients of a pregnancy care clinic in Ontario have had their personal information exposed to hackers. I’m sure I don’t need to tell anyone who has made use of the services of a midwife, that a lot can happen in nine months… Read more in my article on the Hot for Security blog.
Cyber News
Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees […]
Cyber News
A security flaw has been disclosed in Kyocera’s Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. “This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to capture or relay Active Directory hashed credentials if the ‘Restrict […]
Cyber News
Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma. “These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly,” Fortinet […]
Cyber NewsFedRAMP: The Gateway to Secure Cloud Computing in the U.S. Government In an age where digital transformation is not just a trend but a necessity, cloud computing has become the cornerstone for driving innovation and efficiency. However, with great power comes great responsibility, especially in terms of data security and compliance. This is where the […]
FedRAMP Compliance
British police say that they are investigating reports that a girl under the age of 16 was sexually assaulted… in an online virtual reality game.
Cyber News
In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a fascinating and untold backstory behind the two Russian men involved, who co-ran […]
Cyber News