Security News

While online holiday shopping is nothing new, more of us will be avoiding the malls and brick-and-mortar stores this year - which opens up big opportunities for cybercriminals. We already know that COVID-19-related phishing scams skyrocketed 600 percent between February and March this year, shortly after the pandemic took hold across Europe and the U.S. This year, along with the usual garden-variety holiday scams, we're likely to see more phishing attacks both directly and indirectly related to the pandemic.

People say they've abandoned purchases at online retail stores because of the hassle of dealing with passwords, according to the FIDO Alliance. Based on a survey of 1,000 consumers in the US, a report published on Thursday by the FIDO Alliance pointed to passwords as the top cause of frustration among online buyers.

Group-IB's Threat Hunting and Intelligence conference, CyberCrimeCon, will for the first time dive online to literally remove the borders and bring together over 2,000 cybersecurity experts from all around the world. The eighth edition of the iconic event, held on November 25-26, will traditionally unite cybersecurity professionals from the financial and tech sectors, retail and industrial giants, as well as law enforcement agencies and will, in addition to two major streams - analytical and technological, contain a Threat Hunting Game.

If you are a regular Naked Security reader, you'll know that we generally steer clear of publishing content that deals specifically with Sophos products and services. That's not only because we want to make sure that Sophos customers know how to get the best out of our own products and services, but also because understanding how we organise our threat research, and why our products work the way they do, is more than just a fascinating story.

The Global Commission on the Stability of Cyberspace, a group that works to develop policy the world can follow to keep the internet stable and secure, late last week delivered a final report that outlines its vision for how the nations of the world should behave online. State and non-state actors should neither conduct nor knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace.

It's hard to be sure that the student isn't cheating, maybe by having reference materials at hand, or maybe by substituting someone else to take the exam for them. The remote proctoring industry offers a range of services, from basic video links that allow another human to observe students as they take exams to algorithmic tools that use artificial intelligence to detect cheating.

The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Twelve days ago, a repository was created on GitHub that contains what appears to be the source code for Cobalt Strike 4.0.

Did you know you can join us for a live cybersecurity lecture every Friday? Thanks for watching hope to see you online later this week!

Consumer anxiety regarding the election results had a muted impact on online shopping activities on Election Day, Nov. 3. Adobe's report noted that today, the day after the election, there will be an expected 13% drop in sales, versus the previous three days, in which online sales increased by 31%. "To be clear," said Taylor Schreiner, director at Adobe Digital Insights, "We're not basing our forecast on who wins the presidency, rather we're looking at people's propensity to shop online during an election cycle, based on historical context."

Last time, as it usually does, the Republican party lost the popular vote and won the presidency; it has spent much of the time since trying very hard to suppress the votes of people it doesn't like. If the US had a single electronic voting system across the country, with access for those without the right personal technology, and it was reliable, trustworthy, and efficient, then democracy would be much better served.