Man impersonates Apple support, steals 620,000 photos from iCloud accounts
The man was after sexually explicit photos and videos that he would then share online or store in his own collection
Latest Articles
Microsoft Power Apps misconfiguration exposes millions of records
The caches of data that were publicly accessible included names, email addresses and social security numbers
The SideWalk may be as dangerous as the CROSSWALK
Meet SparklingGoblin, a member of the Winnti family
Week in security with Tony Anscombe
Who is actually paying the ransom demand? – Be careful about what you throw away – Records from a terrorist watchlist exposed online
Hackers swipe almost $100 million from major cryptocurrency exchange
Japanese cryptocurrency exchange Liquid suspends cryptocurrency deposits and withdrawals and moves its assets into cold storage
Are you, the customer, the one paying the ransomware demand?
Ransomware payments may have greater implications than you thought – and not just for the companies that paid up
Health authorities in 40 countries targeted by COVID‑19 vaccine scammers
Fraudsters impersonate vaccine manufacturers and authorities overseeing vaccine distribution efforts, INTERPOL warns
Nearly 2 million records from terrorist watchlist exposed online
The secret list was exposed online for three weeks, allowing anyone to access it without any kind of authentication
Dumpster diving is a filthy business
One man’s trash is another man’s treasure – here’s why you should think twice about what you toss in the recycling bin
Week in security with Tony Anscombe
How IISpy spies on its victims and stays under the radar – IISerpent tampers with search engine results – How to avoid falling prey to ransomware
Examining threats to device security in the hybrid workplace
As employees split their time between office and off-site work, there’s a greater potential for company devices and data to fall into the wrong hands
IISerpent: Malware‑driven SEO fraud as a service
The last in our series on IIS threats introduces a malicious IIS extension used to manipulate page rankings for third-party websites
Deepfakes – the bot made me do it
As deepfakes become indistinguishable from reality and the potential for the misuse of synthetic content is virtually endless, what can you do to avoid falling victim to deepfake fraud?
Ransomware runs rampant, so how can you combat this threat?
A new paper explains how ransomware has become one of the top cyberthreats of the day and how your organization can avoid becoming the next victim
DEF CON 29: Satellite hacking 101
How poking at the innards of satellites can make the future of cybersecurity in space more palatable
IISpy: A complex server‑side backdoor with anti‑forensic features
The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers
Week in security with Tony Anscombe
ESET research dissects IIS web server threats – How IIStealer steals credit card data – The flood of spam in your inbox
Black Hat 2021: Lessons from a lawyer
Why companies and their security teams need to engage with a lawyer before an incident occurs
Black Hat 2021: Wanted posters for ransomware slingers
Is the net closing in on cyber-extortionists and can bounties on their collective heads ultimately help stem the ransomware scourge?
IIStealer: A server‑side threat to e‑commerce transactions
The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information