Daily Read

• What CISOs Can Do About Brand Impersonation Scam Sites
  February 3, 2023
  Apply these nine tips to proactively fight fraudulent websites that use your brand to rip people off.
• Iran-Backed Actor Behind 'Holy Souls' Cyberattack on Charlie Hebdo, Microsoft Says
  February 3, 2023
  The January attack was in retaliation for the satirical French magazine's decision to launch a cartoon contest to lampoon Iran's Supreme Leader.
• Scores of Redis Servers Infested by Sophisticated Custom-Built Malware
  February 3, 2023
  At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021.
• How the Cloud Is Shifting CISO Priorities
  February 3, 2023
  The greatly expanding attack surface created by the cloud needs to be protected.
• MITRE Releases Tool to Design Cyber-Resilient Systems
  February 3, 2023
  Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber-resiliency capabilities.
• Hornetsecurity Combats QR Code Phishing With Launch of New Technology
  February 2, 2023
• Korelock Launches IOT Smart Lock Technology Company
  February 2, 2023
  Denver-based business secures Series A Funding through partnerships with Iron Gate Capital and Kozo Keikaku Engineering.
• Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally
  February 2, 2023
  The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group.
• 6 Examples of the Evolution of a Scam Site
  February 2, 2023
  Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.
• Rising 'Firebrick Ostrich' BEC Group Launches Industrial-Scale Cyberattacks
  February 2, 2023
  The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.

• OpenSSH fixes double-free memory bug that’s pokable over the network
  February 3, 2023
  It's a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code…
• S3 Ep120: When dud crypto simply won’t let go [Audio + Text]
  February 2, 2023
  Latest episode – listen now!
• Password-stealing “vulnerability” reported in KeePass – bug or feature?
  February 1, 2023
  Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
• GitHub code-signing certificates stolen (but will be revoked this week)
  January 31, 2023
  There was a breach, so the bad news isn't great, but the good news isn't too bad…
• Serious Security: The Samba logon bug caused by outdated crypto
  January 30, 2023
  Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
• Hive ransomware servers shut down at last, says FBI
  January 27, 2023
  Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"…
• Dutch suspect locked up for alleged personal data megathefts
  January 26, 2023
  Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records.
• S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]
  January 26, 2023
  Lastest episode – listen now! (Or read the transcript.)
• GoTo admits: Customer cloud backups stolen together with decryption key
  January 25, 2023
  We were going to write, "Once more unto the breach, dear friends, once more"… but it seems to go without saying these days.
• Apple patches are out – old iPhones get an old zero-day fix at last!
  January 24, 2023
  Don't delay, especially if you're still running an iOS 12 device… please do it today!

Advertisement