Cybersecurity researchers have discovered a case of “forced authentication” that could be exploited to leak a Windows user’s NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file. The attack takes advantage of a legitimate feature in the database management system solution that allows users to link to […]
Cyber News
Join me, and the experts from JFrog, for a discussion about software supply-chain security on December 5 2023. In the webinar we will be exploring the challenges facing companies in the coming year, sharing some best practices, and detailing the essential strategies you should be putting in place as threats evolve and technology advances. For […]
Cyber News
The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed “mixing and matching” different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN. The findings come from cybersecurity firm SentinelOne, which also tied a third macOS-specific malware called ObjCShellz to the RustBucket campaign. RustBucket […]
Cyber News
If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information. SaaS applications supporting retail efforts will […]
Cyber News
The CRAZY world of ransomware – keynote by cybersecurity expert Graham Cluley Watch this video on YouTube Here’s a bit of fun. A video of me talking for twenty minutes about ransomware – specifically some of the more bonkers stories from the world of ransomware. Be sure to check out my YouTube video above, or […]
Cyber News
Graham Cluley Security News is sponsored this week by the folks at Glide. Thanks to the great team there for their support! AI technology is quickly finding it’s footing in the workplace. IT teams need to lead the charge on AI adoption at their companies to ensure it happens safely, securely, and successfully. There are […]
Cyber News
Graham CLULEY November 27, 2023 Promo Protect all your devices, without slowing them down. Free 30-day trial Multi-player online role-playing videogame “Ethyrial: Echoes of Yore” has suffered a ransomware attack which saw the deletion of every player’s account and the loss of all characters. On Thursday last week, the game’s official Discord channel announced that […]
Cyber News
A new study has demonstrated that it’s possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by observing when naturally occurring computational faults that occur while the connection is being established. The Secure Shell (SSH) protocol is a method for securely transmitting commands and logging in to a […]
Cyber News
There seems to be no end to warrantless surveillance: According to the letter, a surveillance program now known as Data Analytical Services (DAS) has for more than a decade allowed federal, state, and local law enforcement agencies to mine the details of Americans’ calls, analyzing the phone records of countless people who are not suspected […]
Cyber News