Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta

As Apple Inc. was revealing its newest line of iPads and flashy new iMacs on Tuesday, one of its primary suppliers was enduring a ransomware attack from a Russian operator claiming to have stolen blueprints of the U.S. company’s latest products. The ransomware group REvil, also known as Sodinokibi, published a blog on its darkweb site early onContinue reading “Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta”

Brace yourselves. Facebook has a new mega-leak on its hands.

Still smarting from last month’s dump of phone numbers belonging to 500 million Facebook users, the social media giant has a new privacy crisis to contend with: a tool that, on a massive scale, links Facebook accounts with their associated email addresses, even when users choose settings to keep them from being public. A videoContinue reading “Brace yourselves. Facebook has a new mega-leak on its hands.”

Malvertisers hacked 120 ad servers to load malicious ads

A malvertising operation known under the codename of Tag Barnakle has breached more than 120 ad servers over the past year and inserted malicious code into legitimate ads that redirected website visitors to sites promoting scams and malware. Security firm Confiant first reported on this campaign last year, in April 2020, when it said it found 60 adContinue reading “Malvertisers hacked 120 ad servers to load malicious ads”

20 security secrets hackers don’t want you to know

Hackers are the bane of our existence. What started as the occasional data breach has turned into thousands, if not hundreds of thousands, of scams, ransomware and heinous attacks. Nobody is safe. While anyone could be a victim to hackers, that doesn’t mean you can’t protect yourself. There is an entirely separate market out thereContinue reading “20 security secrets hackers don’t want you to know”

Zero trust, basic cyber hygiene best defense against third-party attacks

Adopting a zero trust security strategy can better safeguard organisations against third-party attacks, where suppliers should not simply be entrusted to do the right thing. In this second piece of a two-part feature, ZDNet looks at how businesses in Asia-Pacific can establish basic cyber hygiene as well as better data management to combat attacks from acrossContinue reading “Zero trust, basic cyber hygiene best defense against third-party attacks”

A Casino Gets Hacked Through a Fish-Tank Thermometer

Secure your laptop. Secure your smart phone. Secure your tablet. And, before I forget, secure your fish tank. Yes, you heard me. Your fish tank. That was the lessoned learned a few years ago from the operators of a North American casino. According to a 2018 Business Insider report, cybersecurity executive Nicole Eagan of security firm Darktrace told the story while addressing aContinue reading “A Casino Gets Hacked Through a Fish-Tank Thermometer”

Chrome and Edge hacked by new zero-day flaw — what to do

Not much sooner after Google patched one publicly disclosed zero-day exploit in Chrome did another one pop up.  “Just here to drop a chrome 0day. Yes you read that right,” announced Twitter user “frust” earlier today (April 14).  The tweet included a link to a GitHub page containing JavaScript for a proof-of-concept web page that will exploit the flaw. Continue reading “Chrome and Edge hacked by new zero-day flaw — what to do”

The FBI is remotely hacking hundreds of computers to protect them from Hafnium

In what’s believed to be an unprecedented move, the FBI is trying to protect hundreds of computers infected by the Hafnium hack by hacking them itself, using the original hackers’ own tools (via TechCrunch). The hack, which affected tens of thousands of Microsoft Exchange Server customers around the world and triggered a “whole of government response” from the WhiteContinue reading “The FBI is remotely hacking hundreds of computers to protect them from Hafnium”

Microsoft launches cyberattack simulator to help you check your defenses

Microsoft has released a cyberattack simulator that’s designed to enable security researchers to create simulated network environments in order to observe the interactions between automated Artificial Intelligence (AI)-driven attackers and defenders. The simulator called CyberBattleSim, is available under an open source license and relies on the Python-based Open AI Gym toolkit to train the automated agents based on reinforcement learningContinue reading “Microsoft launches cyberattack simulator to help you check your defenses”

Hackers Targeting professionals With ‘more_eggs’ Malware via LinkedIn Job Offers

A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called “more_eggs.” To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the same name as that of the victims’ job titles takenContinue reading “Hackers Targeting professionals With ‘more_eggs’ Malware via LinkedIn Job Offers”