Latest news about information security vulnerabilities, threats, incidents and events
Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.
You can get evidence of this fact from the news below.
Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.
New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers
Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password...
Posted on Wed, 21 Feb 2024 21:46:00 +0530
Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS
The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS.
"The piece of customized PlugX malware...
Posted on Wed, 21 Feb 2024 18:33:00 +0530
6 Ways to Simplify SaaS Identity Governance
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps...
Posted on Wed, 21 Feb 2024 17:00:00 +0530
New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022.
The malware is “notable for its ability to automatically...
Posted on Wed, 21 Feb 2024 16:52:00 +0530
Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in...
Posted on Wed, 21 Feb 2024 14:50:00 +0530
Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private
End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes...
Posted on Wed, 21 Feb 2024 12:47:00 +0530
Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks
Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation.
The activity has been linked to Russia-aligned threat...
Posted on Wed, 21 Feb 2024 11:31:00 +0530
VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk
VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw.
Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug...
Posted on Wed, 21 Feb 2024 11:04:00 +0530
New Migo Malware Targeting Redis Servers for Cryptocurrency Mining
A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts.
"This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado security researcher Matt Muir said in a technical report...
Posted on Tue, 20 Feb 2024 20:50:00 +0530
LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released
The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit's source code as well as a wealth of intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos...
Posted on Tue, 20 Feb 2024 18:25:00 +0530
New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics
Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code...
Posted on Tue, 20 Feb 2024 18:00:00 +0530
New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide
North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world.
In a joint advisory published by Germany's Federal Office...
Posted on Tue, 20 Feb 2024 16:23:00 +0530
SaaS Compliance through the NIST Cybersecurity Framework
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS...
Posted on Tue, 20 Feb 2024 16:23:00 +0530
Learn How to Build an Incident Response Playbook Against Scattered Spider in Real-Time
In the tumultuous landscape of cybersecurity, the year 2023 left an indelible mark with the brazen exploits of the Scattered Spider threat group. Their attacks targeted the nerve centers of major financial and insurance institutions, culminating in what stands as one of the most impactful ransomware assaults in recent memory...
Posted on Tue, 20 Feb 2024 16:23:00 +0530
Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now
ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems...
Posted on Tue, 20 Feb 2024 16:08:00 +0530
WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites
A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations.
The flaw, tracked as CVE-2024-25600 (CVSS score: 9...
Posted on Tue, 20 Feb 2024 14:38:00 +0530
Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative
Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023.
This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U...
Posted on Tue, 20 Feb 2024 11:31:00 +0530
LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid
Update: The U.K. National Crime Agency (NCA) has confirmed the takedown of LockBit infrastructure. Read here for more details.An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns...
Posted on Tue, 20 Feb 2024 10:55:00 +0530
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry...
Posted on Mon, 19 Feb 2024 18:44:00 +0530
How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response...
Posted on Mon, 19 Feb 2024 17:00:00 +0530
Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023.
"Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News...
Posted on Mon, 19 Feb 2024 15:59:00 +0530
Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws
Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations...
Posted on Mon, 19 Feb 2024 10:35:00 +0530
Iranian Hackers Target Middle East Policy Experts with New BASICSTAR Backdoor
The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal...
Posted on Mon, 19 Feb 2024 10:09:00 +0530
FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty
A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021.
Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U...
Posted on Sun, 18 Feb 2024 12:42:00 +0530
How Businesses Can Safeguard Their Communication Channels Against Hackers
Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction...
Posted on Sat, 17 Feb 2024 13:48:00 +0530
Google Open Sources Magika: AI-Powered File Identification Tool
Google has announced that it's open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types.
Posted on Sat, 17 Feb 2024 12:56:00 +0530
CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it's being likely exploited in Akira ransomware attacks...
Posted on Fri, 16 Feb 2024 21:12:00 +0530
RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers
Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor.
RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines...
Posted on Fri, 16 Feb 2024 18:57:00 +0530
Why We Must Democratize Cybersecurity
With breaches making the headlines on an almost weekly basis, the cybersecurity challenges we face are becoming visible not only to large enterprises, who have built security capabilities over the years, but also to small to medium businesses and the broader public...
Posted on Fri, 16 Feb 2024 16:20:00 +0530
Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks
A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS)...
Posted on Fri, 16 Feb 2024 16:19:00 +0530
U.S. State Government Network Breached via Former Employee's Account
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee...
Posted on Fri, 16 Feb 2024 13:10:00 +0530
U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage
The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities...
Posted on Fri, 16 Feb 2024 12:19:00 +0530
Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor
The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023...
Posted on Thu, 15 Feb 2024 20:38:00 +0530
Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries
A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains.
Eclypsiusm, which acquired firmware version 9...
Posted on Thu, 15 Feb 2024 19:50:00 +0530
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications...
Posted on Thu, 15 Feb 2024 17:00:00 +0530
Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS...
Posted on Thu, 15 Feb 2024 15:01:00 +0530
Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates...
Posted on Thu, 15 Feb 2024 10:49:00 +0530
Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations...
Posted on Wed, 14 Feb 2024 20:09:00 +0530
Ubuntu 'command-not-found' Tool Could Trick Users into Installing Rogue Packages
Cybersecurity researchers have found that it's possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating system...
Posted on Wed, 14 Feb 2024 18:56:00 +0530
Cybersecurity Tactics FinServ Institutions Can Bank On in 2024
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete...
Posted on Wed, 14 Feb 2024 16:53:00 +0530
Bumblebee Malware Returns with New Tricks, Targeting U.S. Businesses
The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024.
Enterprise security firm Proofpoint said the activity targets organizations in the U...
Posted on Wed, 14 Feb 2024 16:48:00 +0530
DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability
A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders...
Posted on Wed, 14 Feb 2024 13:03:00 +0530
Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation...
Posted on Wed, 14 Feb 2024 10:31:00 +0530
Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit
The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware...
Posted on Tue, 13 Feb 2024 20:07:00 +0530
PikaBot Resurfaces with Streamlined Code and Deceptive Tactics
The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of "devolution."
"Although it appears to be in a new development...
Posted on Tue, 13 Feb 2024 19:37:00 +0530
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy...
Posted on Tue, 13 Feb 2024 16:40:00 +0530
Ivanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT Infrastructures
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices.
That's according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code...
Posted on Tue, 13 Feb 2024 12:33:00 +0530
Alert: CISA Warns of Active 'Roundcube' Email Attacks - Patch Now
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation...
Posted on Tue, 13 Feb 2024 10:21:00 +0530
Rhysida Ransomware Cracked, Free Decryption Tool Released
Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware.
The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA)...
Posted on Mon, 12 Feb 2024 18:42:00 +0530
4 Ways Hackers use Social Engineering to Bypass MFA
When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches...
Posted on Mon, 12 Feb 2024 16:44:00 +0530
Student Loan Breach Exposes 2.5M Records
2.5 million people were affected, in a breach that could spell more trouble down the line.
Posted on Wed, 31 Aug 2022 12:57:48 +0000
Watering Hole Attacks Push ScanBox Keylogger
Posted on Tue, 30 Aug 2022 16:00:43 +0000
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Posted on Mon, 29 Aug 2022 14:56:19 +0000
Ransomware Attacks are on the Rise
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Posted on Fri, 26 Aug 2022 16:44:27 +0000
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Posted on Thu, 25 Aug 2022 18:47:15 +0000
Twitter Whistleblower Complaint: The TL;DR Version
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Posted on Wed, 24 Aug 2022 14:17:04 +0000
Firewall Bug Under Active Attack Triggers CISA Warning
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Posted on Tue, 23 Aug 2022 13:19:58 +0000
Fake Reservation Links Prey on Weary Travelers
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
Posted on Mon, 22 Aug 2022 13:59:06 +0000
iPhone Users Urged to Update to Patch 2 Zero-Days
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Posted on Fri, 19 Aug 2022 15:25:56 +0000
Google Patches Chrome’s Fifth Zero-Day of the Year
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
Posted on Thu, 18 Aug 2022 14:31:38 +0000
How to Recover an Unsaved Excel File
If your Excel file was left unsaved by accident, don’t fret – Microsoft understands mistakes happen and provides built-in functionality to help recover it. To recover an unsaved file, navigate...
Posted on Fri, 12 Jan 2024 18:27:54 +0000
How to See Who Blocked You on Facebook
If you suspect someone has blocked you on Facebook, various methods exist to investigate their actions. One option would be searching for their name; they may have blocked you if...
The post How to See Who Blocked You on Facebook appeared first on Hacker Combat ...
Posted on Fri, 12 Jan 2024 18:25:01 +0000
How To Access Your Photos On iCloud
iCloud can be an easy and secure way to back up photos and videos, but accessing those files across devices may prove challenging. Thank goodness there are multiple ways to...
The post How To Access Your Photos On iCloud appeared first on Hacker Combat ...
Posted on Fri, 12 Jan 2024 18:07:23 +0000
Why is the iPhone Force Restart Not Working?
If the iPhone force restart does not work as intended, there may be an issue with the iOS system. To address this, look for physical damage to buttons used for...
The post Why is the iPhone Force Restart Not Working? appeared first on Hacker Combat ...
Posted on Fri, 12 Jan 2024 18:04:00 +0000
YouTube Not Working on iPhone? Here’s How to Fix It
If the YouTube app on your iPhone is crashing or will not open, there are various fixes you can try, such as force quitting the app, rebooting your device, and...
The post YouTube Not Working on iPhone? Here’s How to Fix It appeared first on Hacker Combat ...
Posted on Fri, 12 Jan 2024 17:55:17 +0000
How to Temporarily Deactivate Instagram?
Instagram is an amazing social platform where you can stay in touch with your friends and influencers, but sometimes it can be too much. Taking a break may help. Instagram...
The post How to Temporarily Deactivate Instagram? appeared first on Hacker Combat ...
Posted on Mon, 18 Dec 2023 18:04:11 +0000
How To Delete Facebook Business Page?
An inactive Facebook business page won’t do your brand any good; sometimes, it may be best to delete it and start fresh. Deleting a page is straightforward and can be...
The post How To Delete Facebook Business Page? appeared first on Hacker Combat ...
Posted on Mon, 18 Dec 2023 18:00:00 +0000
Do AirPods Work With Android?
AirPods work well with Android, but the experience may be less satisfying or convenient compared to Apple’s ecosystem. Certain features are unavailable such as customizing double-tap functionality and access to...
Posted on Mon, 18 Dec 2023 17:54:22 +0000
How to Know If Someone Screengrabs Your Instagram Story
Instagram doesn’t inform its users when their Story or Reel has been screengrabbed – no matter whether they have millions of followers or just an everyday account – which means...
The post How to Know If Someone Screengrabs Your Instagram Story appeared first on Hacker Combat ...
Posted on Mon, 18 Dec 2023 17:43:25 +0000
How To Scan a QR Code On iPhone
The iPhone offers multiple ways of scanning QR codes, but the quickest and easiest method is using its built-in camera app. Open your camera app and point at a QR...
The post How To Scan a QR Code On iPhone appeared first on Hacker Combat ...
Posted on Mon, 18 Dec 2023 17:39:30 +0000
How I Introduced the Cybersecurity World to a Cold War Hero
If you told me a year ago that I would meet a cold war hero at a birthday
party, I wouldn’t have believed you. And I would be even more skeptical if
you told me she would be an unintimidating, approachable music professor
with an infectious smile...
Posted on Thu, 30 Jun 2022 00:39:31 +0000
UPDATED December 16, 2021
If you are reading this, you likely have heard about Log4Shell, the
December, 2021 critical zero-day remote-code execution vulnerability in the
popular Log4j software library that is developed and maintained by the
Apache Software Foundation...
Posted on Tue, 14 Dec 2021 18:56:34 +0000
Hacking Humble Bundle
Last year, Humble Bundle teamed up with the great tech publisher, No Starch
Press, to offer deeply discounted hacking ebooks for as little as one
dollar with the Hacking 101 By No Starch Press Humble Bundle of ebooks...
Posted on Tue, 30 Nov 2021 17:11:00 +0000
Cybersecurity Awareness Month 2021
October is Cybersecurity Awareness Month and Breast Cancer Awareness Month.
Since this is a cybersecurity blog, we will focus on cybersecurity but
let’s take a moment to talk about the important topic of breast cancer...
Posted on Fri, 01 Oct 2021 16:58:53 +0000
Colonial Pipeline: Lessons Learned
The Colonial Pipeline ransomware attack took down the largest fuel pipeline
in the United States and resulted in consumer hoarding of fuel and a
short-term shortage of gasoline on the east coast of the U...
Posted on Fri, 04 Jun 2021 21:23:00 +0000
President Biden's Cybersecurity Executive Order
Aiming to improve cybersecurity in the United States, President Biden
signed an executive order (EO) on May 12, 2021. Although the EO focuses on
U.S. federal departments’ and agencies’ cybersecurity, it will likely
result in standards that will change the way the private sector manages
cybersecurity within the United States and globally...
Posted on Fri, 28 May 2021 19:08:00 +0000
World Password Day - May 6, 2021
It’s World Password Day!
Are your passwords strong enough?
Do you have a long, unique password for every account?
Do you use multi-factor authentication where available?
If you answered, “no”...
Posted on Thu, 06 May 2021 13:30:00 +0000
Facebook Leak Leads To Smishing
I have always considered myself pretty lucky in that I rarely receive
fraudulent text messages. That luck recently ran out. Over the past few
weeks I have noticed an uptick in the number of SMS phishing (smishing)
messages that I receive on my phone...
Posted on Mon, 05 Apr 2021 14:42:00 +0000
2021 Cybersecurity Report Roundup
Annual cybersecurity reports are a rich resource of statistics and
information for cybersecurity professionals, academics, journalists and
anyone who is interested in cybersecurity. Below is a categorized...
Posted on Fri, 02 Apr 2021 12:27:00 +0000
2021 Top Cybersecurity Leaders
The March 2021 issue of Security magazine, partnering with (ISC)2, featured
their inaugural list of the Top Cybersecurity Leaders for 2021. As the
author of this blog, I am both humbled and honored, to not only be part of
the inaugural team, but also to be recognized with these accomplished
Posted on Sun, 07 Mar 2021 19:54:37 +0000
Since today is known for love, let’s look back 21 years to one of the more
destructive, costly and famous viruses in history. The “ILoveYou” worm,
also known as the “Love Bug” or “Love Letter For You” infected more than
ten million Windows computers, beginning on May 5, 2000...
Posted on Sun, 14 Feb 2021 19:36:17 +0000
Safer Internet Day 2021
Tuesday, February 9th, 2021, marks the 18th edition of Safer Internet Day
with the theme "Together for a better Internet." Safer Internet Day (SID)
started as an EU SafeBorders project in 2004 and is now celebrated in
approximately 170 countries worldwide...
Posted on Tue, 09 Feb 2021 16:00:00 +0000
Happy New Year!
2020 was a difficult year and Between The Hacks wants to congratulate
everyone who pulled through the challenges. We have all lived through a
year that delivered a global pandemic, civil unrest, and...
Posted on Thu, 31 Dec 2020 20:58:00 +0000
Merry Christmas & Happy Holidays
Merry Christmas and Happy Holidays from Between The Hacks!
Whether you celebrate Christmas, Hanukkah, Kwanza or Festivus, we hope you
and your family are doing well, staying healthy and surviving 20...
Posted on Fri, 25 Dec 2020 02:51:00 +0000
BTH News 20December2020
This week on Between The Hacks: The SolarWinds hack explained in plain
English, D-Link router vulnerabilities, Google explains their global
outage, 28 malware-infected browser extensions and cybercrime book for the
security enthusiast on your gift list...
Posted on Sun, 20 Dec 2020 15:20:00 +0000
SolarWinds Hack: The Basics
By now you have probably heard about the SolarWinds supply-chain compromise
that has impacted government and businesses all over the world. This story
is still unfolding so I won’t try to explain everything in detail, rather,
I’ll attempt to explain the situation for the less-technical reader and
link to some resources so that you can follow the story...
Posted on Tue, 15 Dec 2020 16:35:12 +0000
BTH News 13December2020
This week on Between The Hacks: A dental data breach, the U.S. IoT Security
Law, a 2020 Microsoft vulnerability report, the final sunset of Adobe
Flash, Rebooting by Lisa Forte and the Smashing Security Christmas party...
Posted on Sun, 13 Dec 2020 21:30:00 +0000
The U.S. IoT Cybersecurity Improvement Act Becomes Law
An important step toward securing the Internet was achieved on December 4,
2020, when President Trump signed an IoT security bill into law. The
Internet of Things Cybersecurity Improvement Act of 2020 has been in the
works since 2017 and was passed by the U...
Posted on Wed, 09 Dec 2020 17:53:34 +0000
HACKING 101 Humble Bundle
Now that Black Friday and Cyber Monday are over, you may still be searching
for some great deals. If so, you’ll hardly find a better deal than this
one. Humble Bundle has teamed up with the great tech publisher, No Starch
Press, to offer deeply discounted hacking e-books for as little as one
Posted on Tue, 01 Dec 2020 14:57:33 +0000
HAPPY THANKSGIVING 2020
Between The Hacks would like to thank all of those who read, share, and
make this blog possible. Please have a safe and happy Thanksgiving and be
secure when shopping this holiday season.
Posted on Thu, 26 Nov 2020 17:44:18 +0000
Cyber Security Operation Center Guidelines for best practices SOC Design
Cyber Security is become most needed services for all business and industries in 2024. Every business is concerned about Cyber Security. Security operations (SecOps) leaders face a multifaceted challenge:...
Posted on Tue, 30 Jan 2024 16:32:57 +0000
HOW TO BECOME CERTIFIED LEAD IMPLEMENTER – ISO 27001
ABOUT CERTIFIED LEAD IMPLEMENTER TRAINING AND EXAMINATION FOR INFORMATION SECURITY MANAGEMENT SYSTEM ISO / IEC 27001 Learn and get certified as a professional in implementation of ISO 27001 standard through our self-paced E-learning interactive course which comprises of 4 modules...
Posted on Thu, 26 Jan 2023 11:21:59 +0000
YouTube disrupted in Pakistan as former PM Imran Khan streams speech
NetBlocks metrics confirm the disruption of YouTube on multiple internet providers in Pakistan on Sunday 21 August 2022. The disruption comes as former Prime Minister Imran Khan makes a live broadcast to the public, despite a ban issued by the Pakistan Electronic Media Regulatory Authority (PEMRA)...
Posted on Mon, 22 Aug 2022 05:04:16 +0000
Recommendations for Parents about Cyber Bullying
Here are some dedicated tips for keeping younger children safe online. One of these training tips goes into the risks of young children on the Internet, covers cyber bullying and other risky Internet behavior...
Posted on Wed, 20 Oct 2021 06:36:27 +0000
WhatsApp, Facebook, Instagram server down in Pakistan?
Facebook-owned social media platforms, WhatsApp, Facebook, and Instagram are facing a worldwide outage, according to Downdetector, which offers real-time status and outage information for all kinds of services...
Posted on Mon, 04 Oct 2021 17:32:57 +0000
Cloudflare reports record-breaking HTTP-request DDoS attack
Cloudflare reports thwarting the largest known HTTP-request distributed denial of service attack in history, approximately three times larger than any other previously reported. The attack in July reached 17...
Posted on Sun, 22 Aug 2021 19:26:02 +0000
Microsoft announces recipients of academic grants for AI research on combating phishing
Every day in the ever-changing technology landscape, we see boundaries shift as new ideas challenge the old status quo. This constant shift is observed in the increasingly sophisticated and connected tools,...
Posted on Sat, 19 Jun 2021 15:34:29 +0000
SOC as a Service Market by Component, Service Type (Prevention, Detection, & Incident Response),
The SOC as a Service market place is actually projected to grow from USD 471 million in 2020 to USD 1,656 million by 2025, at a Compound Annual Growth Rate (CAGR) of 28.6 % throughout the forecast period...
Posted on Fri, 12 Mar 2021 11:45:16 +0000
Twitter Maliciously Violates Russian Law, State Censor Says
Russia’s state communications regulator on Monday has accused Twitter of maliciously violating Russian law by failing to draw down thousands of tweets containing banned info. Based on Roskomnadzor, Twitter hasn’t deleted 2,862 posts out of the over 28,000 requests for removal the agency has sent after 2017...
Posted on Wed, 10 Mar 2021 08:31:15 +0000
5 Important Concepts of Cyber Security
Cyber Security Concepts Computer security, cyber security or any other related terminology is the protection of computers from any harm or damage, either physical or otherwise, by unauthorized users. These...
Posted on Wed, 30 Sep 2020 10:56:40 +0000