Security News > 2022 > August

In this interview for Help Net Security, Devin Redmond, CEO at Theta Lake, talks about the risk of internal communications and what companies can do to keep themselves safe. The pandemic has greatly changed internal communications within organizations which, paired with the Great Resignation, caused a higher risk for insider threats.

Abnormal Security released a which report explores the current email threat landscape and provides insight into the latest advanced email attack trends, including increases in business email compromise, the evolution of financial supply chain compromise and the rise of brand impersonation in credential phishing attacks. The research found a 48% increase in email attacks over the previous six months, and 68.5% of those attacks included a credential phishing link.

In Q2 2022, Kroll observed a 90% increase in the number of healthcare organizations targeted in comparison with Q1 2022, dropping the final nail in the coffin for the "Truce" some criminal groups instituted earlier in the COVID-19 pandemic. Ransomware helped to fuel this uptick against healthcare as attacks increased this quarter to once again became the top threat, followed closely by email compromise.

Elon Musk has written an article for the Cyberspace Administration of China's flagship magazine. "Chinese companies will be a force to be reckoned with in the cause of energy innovation," Musk opined in the article.

This is a current list of where and when I am scheduled to speak: I’m speaking as part of a Geneva Centre for Security Policy course on Cyber Security in the Context of International Security,...

Researchers have discovered at least 9,000 exposed VNC endpoints that can be accessed and used without authentication, allowing threat actors easy access to internal networks. Security weakness hunters at Cyble scanned the web for internet-facing VNC instances with no password and found over 9,000 accessible servers.

Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord serverOffensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Cisco has been hacked by a ransomware gangU.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site.

Dutch authorities on Friday announced the arrest of a software developer in Amsterdam who is alleged to be working for Tornado Cash, days after the U.S. sanctioned the decentralized crypto mixing service. Although FIOD didn't reveal the name of the Tornado Cash engineer, The Block identified him as Alexey Pertsev, citing confirmation from his wife.

The Australian Competition and Consumer Commission announced that Google was fined $60 million for misleading Australian Android users regarding the collection and use of their location data for almost two years, between January 2017 and December 2018. "Google, one of the world's largest companies, was able to keep the location data collected through the 'Web & App Activity' setting and that retained data could be used by Google to target ads to some consumers, even if those consumers had the"Location History" setting turned off," said ACCC Chair Gina Cass-Gottlieb.

The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. With the latest release, the SOVA malware now targets over 200 banking, cryptocurrency exchange, and digital wallet applications, attempting to steal sensitive user data and cookies from them.