Security News > 2021

Beyond just an initial understanding of each of these types of fraud, I'd also like to examine what enterprises can do to mitigate risk and limit losses for each type. Of course, looking for these signs requires enterprises to have both mature controls and a robust fraud monitoring capability - neither of which is a given.

The Dutch Police have begun posting warnings on Russian and English-speaking hacker forums not to commit cybercrime as law enforcement is watching their activity. Since the conclusion of Operation LadyBird, law enforcement's disruption of the Emotet botnet, the Dutch Police state that they are creating forum accounts on hacker forums to warn hackers that they are watching them publicly.

It requires a special quality of CISO, and in this installment of SecurityWeek's CISO Conversations series, we talk to three of the best: David Sherry, Ed Hudson and Helen Patton. "I've met female CISOs that I hugely respect, and I've met female CISOs I don't; and I think that's true for men as well. So, I'm hesitant to stereotype a class of people, male or female, as being more of this or less of that. I still look at the individual and the circumstance in which they work as being more important."

DevSecOps company Spectral on Wednesday emerged from stealth mode with $6.2 million in seed funding from Israeli venture capital firms Amiti and MizMaa. Spectral is based in Tel Aviv, Israel, and it was founded in mid-2020 by Dotan Nahum, who will serve as the company's CEO, Lior Reuven, Uri Shamay and Idan Didi.

QNAP has addressed a critical security vulnerability in the Surveillance Station app that allows attackers to execute malicious code remotely on network-attached storage devices running the vulnerable software. Surveillance Station is QNAP's network surveillance Video Management System, a software solution that can help users manage and monitor up to 12 IP cameras.

An investigation into a ransomware attack on a North Carolina county's computer network showed personal information posted for sale on the "Dark web," the county said. The Chatham County network was hit on Oct. 28 with ransomware that originated in a phishing email with a malicious attachment, The News & Observer of Raleigh reported Tuesday.

A Soviet equivalent of Nazi Germany's Enigma cipher machine has sold for more than double its auction asking price - while a secret camera disguised as a pack of cigarettes went for nearly $20,000. A Fialka M-125-3M 10-rotor cipher code machine complete with accessories sold for $22,400 at a US auction held over the weekend, trumping the device's $8,000-$12,000 estimated sale price.

Microsoft has released the KB4601380 non-security update for all editions of Windows 10, version 1909, and Windows 10, version 1809, with fixes for screen rendering and Microsoft Defender for Endpoint high resource usage issues. After installing this preview cumulative update you may experience issues with system and user certificates getting lost if updating with outdated update media from Windows 10 1809 or later versions.

A group of cybercriminals known for ransomware attacks has started leaking files allegedly stolen from Jones Day, a major U.S.-based law firm that has represented former president Donald Trump, including in his attempts to overturn the results of the recent election. The cybercriminals behind the ransomware operation known as Clop have been known to encrypt files on compromised systems, as well as stealing files from the victim and threatening to leak them unless a ransom is paid.

Interesting research on persistent web tracking using favicons. In this paper we introduce a novel tracking mechanism that misuses a simple yet ubiquitous browser feature: favicons.