Week in security with Tony Anscombe
New watering hole attack in Southeast Asia uncovered. The latest on Sednit. Plus some tips for Black Friday shopping
Latest Articles
New Yorker accused of stealing $1m from Silicon Valley executive via SIM swap
The suspect is believed to have carried out the scam on no fewer than six executives in the Bay Area, albeit ultimately with varying success
Black Friday and Cyber Monday by Emotet: Filling inboxes with infected XML macros
Emotet starts another massive spam campaign just as the shopping season picks up steam
Good deal hunting: Staying safe on Black Friday
As the unofficial beginning of the holiday shopping season catches us up in the frenetic hunt for all those fantastic bargains, the shopping bonanza presents a host of risks to your online safety. Here are a few tips for going on a shopping spree and staying safe
Who needs passwords? Microsoft now lets you in with your face or security key
The software giant takes passwords one step closer to obsolescence as it now enables users to log into their Microsoft accounts with more modern forms of authentication
Two Brits jailed for TalkTalk hack
The breach exposed the personal data of 160,000 people and cost the telecom company £77 million
Sednit: What’s going on with Zebrocy?
In August 2018, Sednit’s operators deployed two new Zebrocy components, and since then we have seen an uptick in Zebrocy deployments, with targets in Central Asia, as well as countries in Central and Eastern Europe, notably embassies, ministries of foreign affairs, and diplomats
OceanLotus: New watering hole attack in Southeast Asia
ESET researchers identified 21 distinct websites that had been compromised including some particularly notable government and media sites
Cybersecurity a big concern in Canada as cybercrime’s impact grows
90% of Canadians surveyed agreed that cybercrime was an important "challenge to the internal security of Canada"
Week in security with Tony Anscombe
GDPR-themed WordPress plugin flaw exploited. Google’s data charts path to avoiding malware on Android. Plus security researchers bypass encryption on self-encrypting drives
Security researchers bypass encryption on self‑encrypting drives
Industry standard specification does not guarantee the safety of the self-encrypting drives despite verification
Employees’ cybersecurity habits worsen, survey finds
Almost all young people recycle their passwords, often doing so across work and personal accounts
Attackers exploit flaw in GDPR‑themed WordPress plugin to hijack websites
The campaign’s goals aren’t immediately clear, as the malefactors don’t appear to be leveraging the hijacked websites for further nefarious purposes
Malware of the 90s: Remembering the Michelangelo and Melissa viruses
Our trip down the malware memory lane takes us all the way back to the 1990s
Google’s data charts path to avoiding malware on Android
How much higher are the odds that your device will be exposed to malware if you download apps from outside Google Play or if you use one of Android’s older versions? Google has the numbers
Emotet launches major new spam campaign
The recent spike in Emotet activity shows that it remains an active threat
Week in security with Tony Anscombe
Latest ESET research shows just how far attackers will go in order to steal bitcoin from customers of one specific virtual currency exchange. We take a look back at some 1980s malware and also check out what Chrome 71 has in store for users.
US Air Force invites white hats to find hackable flaws, again
This is the third time that the Air Force asks ethical hackers to uncover chinks in its digital armor
The cyber insurance question
Prevention is the best option but people continue to search for the easiest way out
New Chrome version aims to remove all ads from abusive sites
The move is part of Google’s continued clampdown on adverts that are intended to hoodwink users