Security News > 2023 > February

According to Kaspersky's new research, this tech job recruiting environment is only an illusion - legal jobs are rare on the dark web. Why are some IT pros looking for jobs on the dark web?

Indigo Books & Music, the largest bookstore chain in Canada, has been struck by a cyberattack yesterday, causing the company to make the website unavailable to customers and to only accept cash payments.The exact nature of the incident remains unclear but Indigo is not ruling out that hackers may have stolen customer data.

Windows 10 already has two flavours of encryption - BitLocker and Windows Device Encryption - and as of the 22H2 release, Windows 11 Enterprise and Education adds Personal Data Encryption. Personal Data Encryption doesn't replace either of them because it doesn't encrypt a whole drive; instead, it protects individual files and folders using 256-bit AES-CBC encryption keys that are protected by Windows Hello for Business, but only through applications that are built to use it.

Exactly the same when you try and use a password you say, "I want to copy that password and use it." You have to put in a master password to get access to your passwords, but you don't have to put in the master password to get access to the configuration file to get access to the passwords.

A new phishing campaign targeting Amazon Web Services logins is abusing Google ads to sneak phishing sites into Google Search to steal your login credentials. The malicious Google ads take the victim to a blogger website under the attackers' control, which is a copy of a legitimate vegan food blog.

A new threat actor tracked as TA886 targets organizations in the United States and Germany with new custom malware to perform surveillance and data theft on infected systems. The threat actor targets victims using phishing emails that include Microsoft Publisher attachments with malicious macros, URLs linking to.

The participants were asked about attacks targeting the financial and accounting data of their organizations. Looking ahead, almost half of the executives polled expect both the volume and size of cyberattacks targeting this type of data to increase in the coming year.

The United States and the United Kingdom have sanctioned seven Russian individuals for their involvement in the TrickBot cybercrime group, whose malware was used to support attacks by the Conti and Ryuk ransomware operation. TrickBot is a cybercrime gang responsible for developing numerous malware families, such as the eponymous TrickBot malware, BazarBackdoor, Anchor, and BumbleBee.

A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology environments."Threat actors can exploit vulnerabilities in Wireless IIoT devices to gain initial access to internal OT networks," Israeli industrial cybersecurity company Otorio said.

The Hacker News is thrilled to announce the launch of our new educational webinar series, in collaboration with the leading cybersecurity companies in the industry! Get ready to dive into the world of enterprise-level security with expert guests who will share their vast knowledge and provide you with valuable insights and information on various security topics. Skyrocketing claims in 2020 sent shockwaves through the insurance industry, forcing insurance providers to reinvent the criteria for acquiring or renewing cyber insurance.