Consider the economic downturn as part of a cyclical process. It puts everything in a better perspective. No longer is it something "happening" to us, but rather, an opportunity to expand and thrive in the aftermath of the slump. It's easy to apply this frame of mind to business operations, but why stop there? It is as applicable to cybersecurity. Wondering how? In this blog, we'll answer that - outlining specific ways to manage cybersecurity through the economic downturn. READ MORE...
The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company's popular League of Legends online game. The company has also confirmed that source code for TFT (Teamfight Tactics) and a legacy anti-cheat platform (Packman) were exfiltrated by the attackers, but said they won't be paying the ransom. READ MORE...
The advanced persistent threat (APT) tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated (that is, has had its infrastructure abused by other hackers). TA444 is a North Korean state-sponsored threat group tracked by Proofpoint as actively targeting cryptocurrencies since at least 2017. READ MORE...
Appliance makers like Whirlpool and LG just can't understand. They added Wi-Fi antennae to their latest dishwashers, ovens, and refrigerators and built apps for them-and yet only 50 percent or fewer of their owners have connected them. What gives? While the manufacturers blame technical constraints, some customers may simply not want to provide companies with vague privacy policies or bad histories with security access to their networks. READ MORE...
VMware released security patches on Tuesday to address vRealize Log Insight vulnerabilities that could enable attackers to gain remote execution on unpatched appliances. vRealize Log Insight (now known as VMware Aria Operations for Logs) is a log analysis and management tool that helps analyze terabytes of infrastructure and application logs in VMware environments. READ MORE...
A new Python-based malware has been spotted in the wild featuring remote access trojan (RAT) capabilities to give its operators control over the breached systems. Named PY#RATION by researchers at threat analytics company Securonix, the new RAT uses the WebSocket protocol to communicate with the command and control (C2) server and to exfiltrate data from the victim host. READ MORE...
Ticketmaster was hit with record bot traffic that crippled its systems when hordes of Taylor Swift fans attempted to buy tickets in November ahead of the singer's upcoming U.S. tour, the company's president told the Senate Judiciary Committee Tuesday. The company suffered "three times the amount of bot traffic than we had ever experienced," as well as the targeting of the company's "Verified Fan access code servers," said Joe Berchtold, chief financial officer and president of Live Nation Entertainment. READ MORE...
A security researcher has published technical details on an Arm Mali GPU vulnerability leading to arbitrary kernel code execution and root on Pixel 6 phones using a malicious app installed on the targeted device. Tracked as CVE-2022-38181 (CVSS score of 8.8), the issue is described as a use-after-free bug that impacts Arm Mali GPU driver versions prior to r40p0 (released on October 7, 2022). READ MORE...
Research conducted by Fujitsu suggests there is no need to panic about quantum computers being able to decode encrypted data - this is unlikely to happen in the near future, it claims. Fujitsu said it ran trials using its 39-qubit quantum simulator hardware to assess how difficult it would be for quantum computers to crack data encrypted with the RSA cipher, using a Shor's algorithm approach. READ MORE...