Security News

The murder of 16-year-old schoolgirl Brianna Ghey has kickstarted a debate around limiting children's access to the dark web in the UK, with experts highlighting the difficulty in achieving this. Ciaran Martin, the National Cyber Security Centre's first CEO and current Oxford University professor, weighed into the discussion on Thursday, saying that there is no single technology-based solution and that there should be a greater focus on the dark web in the country's schools.

TL;DR: Learn how to stop cyber criminals with the Cyber Security Specialist Workshop, featuring 16 live training sessions, now just $499.99 for a limited time. Want a career that offers longevity as well as a great salary to boot? Then start preparing now for the opportunities that come with the Cyber Security Specialist Workshop, offered at half price for a limited time.

White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. Intermittent encryption occurs when ransomware chooses not to encrypt every part of each file but instead encrypts sections, frequently in blocks of a set size or just the start of the targeted files.

After the recent incident involving Orange España and the leakage of credentials from the RIPE NCC portal, which led to a major outage, the cybersecurity community needs to reconsider the digital identity protection for staff engaged in network engineering and IT infrastructure management. Cybersecurity experts outlined the risks originating from Dark Web actors leveraging compromised credentials belonging to ISP/Telcom engineers, Data-Center Technicians, Network Engineers, IT Infrastructure Managers and Outsourcing companies.

Asia In Brief Indian infosec firm CloudSEK last week claimed it found records describing 750 million Indian mobile network subscribers on the dark web, with two crime gangs offering the trove of data for just $3,000. CloudSEK named CYBO CREW affiliates CyboDevil and UNIT8200 as the vendors of a 1.8TB trove, which contains mobile subscribers' names, phone numbers, addresses, and Aadhaar details.

Security researchers looking at more than 10,000 scripts used by the Parrot traffic direction system noticed an evolution marked by optimizations that make malicious code stealthier against security mechanisms. The operators behind Parrot sell the traffic to threat actors, who use it on users visiting infected sites for profiling and redirecting relevant targets to malicious destinations such as phishing pages or locations that deliver malware.

Bad bots are automated programs designed with malicious intent to perform various activities on the internet, often causing harm to individuals, organizations, and online ecosystems. By masquerading as authentic users, bad bots empower bot operators, attackers, unscrupulous competitors, and fraudsters to execute a diverse range of malicious activities.

Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised...

Leaked credentials from traditional sources are still a prominent and substantial risk to organizations. We monitor more than 14 billion leaked credentials found from dumps across the dark web.

The open-source Bitwarden password manager has announced that all users can now log into their web vaults using a passkey instead of the standard username and password pairs. "This technology sources an encryption key from a passkey in relation to a particular site, which can then be used to reliably encrypt and decrypt data" - Bitwarden.