Security News
The United States Cybersecurity and Infrastructure Security Agency has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies. To achieve this, attackers first identify high-value targets, perform extensive research on their social and professional networks, and then pose as recruiters to send malicious documents loaded with the malware, masquerading as job advertisements and offerings.
CISOs at Stanford University, the University of Chicago Medicine, and The Ohio State University list phishing as the top security threat to students, professors, and researchers. The group also agreed zero trust is the best security approach but a hard sell in an academic setting.
The United States Cybersecurity and Infrastructure Security Agency has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies. To achieve this, attackers first identify high-value targets, perform extensive research on their social and professional networks, and then pose as recruiters to send malicious documents loaded with the malware, masquerading as job advertisements and offerings.
The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation have shared details on a piece of malware North Korean threat actors likely used in attacks targeting employees of defense organizations in Israel and other countries. Dubbed BLINDINGCAN, the malware was apparently used in "Dream Job," a campaign active since the beginning of this year, which hit dozens of defense and governmental companies in Israel and globally by targeting specific employees with highly appealing job offerings.
TikTok has stepped up its defense against US accusations that the popular video app is a national security threat, denouncing what it called "Rumors and misinformation" about its links to the Chinese government. US user data is stored here, with a backup in Singapore, according to TikTok.
What's more, in most of the cases, an attacker did not need to do much, beyond gaining an initial foothold, to command full internal network access: in 68 per cent of the trials, the infiltrators only needed to take one or two steps to have the entire organization at their fingertips. Network compartmentalization, and access controls limiting who can see what, may have helped minimize intruders' reach.
KoolSpan and the National Geospatial-Intelligence Agency announced the availability of TrustCall, a secure mobile communications application, to all DoD and IC users for iOS and Android, via the GEOINT App Store. The threats are posed by systemic vulnerabilities in the global telecommunications infrastructure that readily enable interception and monitoring of mobile communications, both voice and data.
Instead of relying on customers to protect their vulnerable smart home devices from being used in cyberattacks, Ben-Gurion University of the Negev and National University of Singapore researchers have developed a new method that enables telecommunications and internet service providers to monitor these devices. The researchers developed a method to detect connected, vulnerable IoT models before they are compromised by monitoring the data traffic from each smart home device.
Avast launched Avast Business Small Office Protection, a solution for small businesses that provides robust, real-time cyber protection that's easy to install and cost-effective. Small Office Protection by Avast Business is an all-in-one security solution for small businesses that protects all types of devices, protecting a maximum of 10 separate devices on any platform.
Neal Krawetz, a computer forensics expert, has published details on how to detect Tor bridge network traffic that he characterizes as "Zero-day exploits"... which the Tor Project insists are nothing of the sort. Typically, users slide into the Tor network through a publicly listed entry relay, though they may choose to join via a bridge relay, or bridge for short, to avoid IP-based detection and censorship.