Archive for the ‘Cyber Threats’ Category

Threats Grow as Digital Wallets Gain Popularity

The pandemic, as well as users’ personal preferences, have helped enable the rapid emergence of digital payment applications and digital wallets, which compete with credit cards and cash as preferred payment options. The growing popularity of digital wallets such as Google Pay, Samsung Pay and Apple Pay is making them a bigger target for malicious […]

Leave a Comment

Men, Executives Pose Higher Cybersecurity Risk

When it comes to online behaviors, women are far safer than men, according to a wide-ranging survey from SecurityAdvisor. Despite the fact that women made up 42% of the sample data, they account for 48% of the top safe users and only 26% of risky users. Men, on the other hand, account for 74% of risky […]

Leave a Comment

Samsung can remotely disable their TVs worldwide using TV Block

Samsung says that it can disable any of its Samsung TV sets remotely using TV Block, a feature built into all television products sold worldwide. This was revealed by the South Korean multinational in a press release issued earlier this month in response to the July South African riots that led to large-scale looting, which also impacted Samsung warehouses […]

Leave a Comment

Threat actors in January attempted to poison the water at a US facility

Threat actors in January attempted to poison the water at a US facility, a circumstance that highlights the importance of cybersecurity for water and wastewater utilities. The news that a threat actor in January attempted to poison the water at a facility… Cyber Threats and Nuclear Weapons “The technology controlling United States nuclear weapons predates […]

Leave a Comment

Alarming Cybersecurity Stats: What You Need To Know For 2021

The year 2020 broke all records when it came to data lost in breaches and sheer numbers of cyber-attacks on companies, government, and individuals. In addition, the sophistication of threats increased from the application of emerging technologies such as machine learning, artificial intelligence, and 5G,  and especially from greater tactical cooperation among hacker groups and […]

Leave a Comment

The FBI Is Now Securing Networks Without Their Owners’ Permission

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days when the Chinese probably realized that the vulnerabilities would soon be fixed, was to install a web shell in compromised networks that would give them subsequent remote access. Even if the vulnerabilities […]

Leave a Comment

FireEye: 650 new threat groups were tracked in 2020

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 […]

Leave a Comment

FCC Boots Chinese Telecom Companies, Citing Security

he Federal Communications Commission’s (FCC) Public Safety and Homeland Security Bureau on March 12 identified five Chinese companies they said posed a threat to U.S. national security. These companies are: Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co. The declaration, according to the FCC, is in accordance […]

Leave a Comment

How to stay ahead of the rise of synthetic fraud

There are a number of reasons why synthetic fraud is on the rise, but there are also actions banks and other financial institutions can take to prevent this growing trend from doing damage. Synthetic fraud on the rise Banks around the world have faced difficulty in recognizing this type of complex fraud. Synthetic identity fraudsters […]

Leave a Comment

Npower shuts down app after hackers steal customer bank info

Leave a Comment

Microsoft releases open-source CodeQL queries to assess Solorigate compromise

Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack In early 2021, the US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply chain attack. The four agencies were part of the task force Cyber Unified Coordination Group (UCG) […]

Leave a Comment

FBI: Hackers stole source code from US government agencies and private companies

FBI blames intrusions on improperly configured SonarQube source code management tools. FBI officials say that threat actors have abused these misconfigurations to access SonarQube instances, pivot to the connected source code repositories, and then access and steal proprietary or private/sensitive applications. Officials provided two examples of past incidents: “In August 2020, unknown threat actors leaked […]

Leave a Comment

Spotting a Common Scam

Spotting a Common Scam  These scams seek to collect personal information about you, often appearing to come from a real business or agency. Someone may pose as an official disaster aid worker, or send you a fraudulent COVID contact tracing email. If you receive a message with a link, you should not click it as it may download malware to your device to […]

Leave a Comment

Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found

The publication of ‘Vault 7’ cyber tools by WikiLeaks marked the largest data loss in agency history, a task force concluded. The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of […]

Leave a Comment

Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet

Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away. Source: Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet Download a Security Risk Assessment steps paper! Download a vCISO template Subscribe to DISC InfoSec blog by […]

Leave a Comment

Threat Simulation Overview and Setup – Active Countermeasures

Intro: No software project is complete without testing. In this blog series, we’ll cover how to test if your Threat Hunting platform can detect common threats.[…] Source: Threat Simulation Overview and Setup – Active Countermeasures Why You Need Threat Hunting! Cyber Threat Hunting: Identify and Hunt Down Intruders Real-Time Threat Hunting – SANS Threat Hunting […]

Leave a Comment

Global Threat Detection Report

2019 Global Threat Detection Report 2019 Global Threat Detection Report via CrowdStrike The best practice guide for an effective infoSec function Practice Guide Open a PDF file 2019 Global Threat Detection Report. 2019 Global Threat Report- The 1-10-60 Rule World Economic Forum Global Risks Report 2019 “Threat Detection & Prevention” appliances Subscribe to DISC InfoSec […]

Leave a Comment

What is Cyber Threat Intelligence

What is Cyber Threat Intelligence and How is it used?     Threat Intelligence At Microsoft: A Look Inside – Cyber Threat Intelligence Summit   Security Threat Tables Threat Table Threats List Security Alert Security Exploits Cyber Alert Security Risks Security Vulnerability WebApp Vulnerability Symantec Security Response Microsoft Security Response   Live Cyber Attack Threat Map World’s […]

Leave a Comment

Microsoft renewed its Attack Surface Analyzer, version 2.0 is online

Microsoft has renewed its Attack Surface Analyzer tool (version 2.0) to take advantage of modern, cross-platform technologies. Source: Microsoft renewed its Attack Surface Analyzer, version 2.0 is online  Subscribe in a reader

Leave a Comment

How to protect ourselves from Payment Fraud

Some basic advice has been issued by Apacs, and includes: * Don’t let your cards or your card details out of your sight when making a transaction * Do not keep your passwords, login details or Pins written down * Do not disclose Pins, login details or passwords in response to unsolicited emails * Only […]

Comments (1)