Security News > 2021

A U.S.-funded center in Cyprus will help train officials from countries in the eastern Mediterranean region and the Middle East on the latest techniques in border, customs, maritime and cyber security, the acting head of the U.S. Department of Homeland Security said on Monday. Chad Wolf said the $5 million Cyprus Center for Land, Open-Seas, and Port Security will incorporate a mobile facility to instruct officials on how to best protect their key infrastructure and take part in cross-border cyber investigations.

The Australian government warns of an ongoing campaign impersonating the Australian Cyber Security Centre to infect targets with malware. "The Australian Cyber Security Centre warns some Australians are receiving phone calls or emails from scammers claiming to be ACSC employees and that the receiving person's computer has been compromised," the cybersecurity agency warned.

North Korean hacking group Thallium has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week. Attackers alter the installer of a stock investment app.

Fines issued for violations of the EU's General Data Protection Regulation in 2020 exceeded €170 million, or roughly $200 million. The GDPR, which requires organizations to protect the personal data and privacy of EU citizens, came into force in May 2018, and, based on publicly available information, it since resulted in fines totaling more than €250 million.

The Scottish government is sizing up the market for suppliers to develop on its low-code technology platform and support its social security overhaul. Having selected low-code platform OutSystems to help modernise IT services from its executive agency Social Security Scotland, the Scottish government is now looking for a "Strategic partner" to help develop solutions on the platform.

Security researchers have discovered a new remote access trojan used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. Named ElectroRAT after being discovered in December, the cross-platform RAT malware is written in Golang and it was used as part of a campaign that has been targeting cryptocurrency users since the start of 2020.

A threat actor has posted data of 10,000 American Express credit card holders on a hacker forum for free. In the same forum post, the actor claims to sell even more data of Mexican banking customers of American Express, Santander, and Banamex.

Healthcare organizations continue to be a prime target for cyberattacks of all kinds, with ransomware incidents, Ryuk in particular, being more prevalent. The advisory aimed to prepare organizations for ransomware attacks with Ryuk and Conti by providing tactics, techniques, and procedures specific to incidents with these malware strains.

Cybersecurity researchers today revealed a wide-ranging scam targeting cryptocurrency users that began as early as January last year to distribute trojanized applications to install a previously undetected remote access tool on target systems. Called ElectroRAT by Intezer, the RAT is written from ground-up in Golang and designed to target multiple operating systems such as Windows, Linux, and macOS. The apps are developed using the open-source Electron cross-platform desktop app framework.

When it comes to cybersec certifications, GIAC is the gold standard. The organisation takes pride in certifications that "Rather than skimming the surface of different skillsetsare a mile deep for specialised job-focused tasks." And GIAC exams with Cyberlive don't just test you on the theory, but show you've proven your skills in lab-based situations.