Security News

If you are a regular Naked Security reader, you'll know that we generally steer clear of publishing content that deals specifically with Sophos products and services. That's not only because we want to make sure that Sophos customers know how to get the best out of our own products and services, but also because understanding how we organise our threat research, and why our products work the way they do, is more than just a fascinating story.

The Global Commission on the Stability of Cyberspace, a group that works to develop policy the world can follow to keep the internet stable and secure, late last week delivered a final report that outlines its vision for how the nations of the world should behave online. State and non-state actors should neither conduct nor knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace.

It's hard to be sure that the student isn't cheating, maybe by having reference materials at hand, or maybe by substituting someone else to take the exam for them. The remote proctoring industry offers a range of services, from basic video links that allow another human to observe students as they take exams to algorithmic tools that use artificial intelligence to detect cheating.

The source code for the widely-used Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Twelve days ago, a repository was created on GitHub that contains what appears to be the source code for Cobalt Strike 4.0.

Did you know you can join us for a live cybersecurity lecture every Friday? Thanks for watching hope to see you online later this week!

Consumer anxiety regarding the election results had a muted impact on online shopping activities on Election Day, Nov. 3. Adobe's report noted that today, the day after the election, there will be an expected 13% drop in sales, versus the previous three days, in which online sales increased by 31%. "To be clear," said Taylor Schreiner, director at Adobe Digital Insights, "We're not basing our forecast on who wins the presidency, rather we're looking at people's propensity to shop online during an election cycle, based on historical context."

Last time, as it usually does, the Republican party lost the popular vote and won the presidency; it has spent much of the time since trying very hard to suppress the votes of people it doesn't like. If the US had a single electronic voting system across the country, with access for those without the right personal technology, and it was reliable, trustworthy, and efficient, then democracy would be much better served.

Singapore's largest online grocery store Lazada Redmart has suffered a data breach after 1.1 million user accounts were put up for sale on a hacker forum. Hackers selling the illicit data dumps told BleepingComputer they had obtained Lazada's MongoDB-based data set with data from over 1.1 million RedMart accounts.

Microsoft says that Office 365 customers can use unlimited disposable recipient email addresses after the Plus Addressing feature rolled out to all Exchange Online users. Plus addressing allows users to create an indefinite number of custom and unique email addresses by adding suffix text strings to their standard address using a '+' delimiter.

Source Defense announced its new offering of Website in Page Protection, as well as product enhancements and performance improvements to the VICE sandboxing technology within the Source Defense Platform. The Source Defense Platform protects online businesses and their customers from automated attacks and client-side threats, and improves operational efficiency.