September 2021 – My Blog

Friday, January 21, 2022

My WordPress Blog

Cyber Security

Experts show how to make fraudulent payments using Apple Pay with VISA on locked iPhones

September 30, 20214 min read

https://securityaffairs.co/wordpress/122781/hacking/apple-pay-visa-iphone-attack.html?utm_source=rss&utm_medium=rss&utm_campaign=apple-pay-visa-iphone-attack

Cyber Security

Popular Android apps with 142.5 million collective installs leak user data

September 30, 20218 min read

https://securityaffairs.co/wordpress/122777/mobile-2/android-apps-data-leak.html?utm_source=rss&utm_medium=rss&utm_campaign=android-apps-data-leak

Cyber Security

Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence

September 30, 20213 min read

https://securityaffairs.co/wordpress/122769/hacking/cve-2021-26084-atlassian-confluence-vulnerability.html?utm_source=rss&utm_medium=rss&utm_campaign=cve-2021-26084-atlassian-confluence-vulnerability

Cyber Security

GriftHorse malware infected more than 10 million Android phones from 70 countries

September 29, 20213 min read

https://securityaffairs.co/wordpress/122730/malware/grifthorse-malware-campaign.html?utm_source=rss&utm_medium=rss&utm_campaign=grifthorse-malware-campaign

Cyber Security

The Rise of One-Time Password Interception Bots

September 29, 20216 min read

https://krebsonsecurity.com/2021/09/the-rise-of-one-time-password-interception-bots/

Cyber Security

Experts observed for the first time FinFisher infections involving usage of a UEFI bootkit

September 29, 20213 min read

https://securityaffairs.co/wordpress/122698/malware/finfisher-uefi-bootkit.html?utm_source=rss&utm_medium=rss&utm_campaign=finfisher-uefi-bootkit

Cyber Security

How secrets (mis)management is the next big cybersecurity threat – download the 1Password report

September 28, 20212 min read

https://grahamcluley.com/feed-sponsor-1password-10/

Cyber Security

Apple Airtag Bug Enables ‘Good Samaritan’ Attack

September 28, 20216 min read

https://krebsonsecurity.com/2021/09/apple-airtag-bug-enables-good-samaritan-attack/

Cyber Security

Serious Security: Let’s Encrypt gets ready to go it alone (in a good way!)

September 28, 202111 min read

https://nakedsecurity.sophos.com/2021/09/28/serious-security-lets-encrypt-gets-ready-to-go-it-alone-in-a-good-way/

Cyber Security

Assume Nothing: The story of the TalkTalk hack

September 28, 20212 min read

https://grahamcluley.com/assume-nothing-the-story-of-the-talktalk-hack/

1 2 3 … 10 Next »

Cyber Security

New DDoS IRC Bot distributed through Korean webHard platforms

January 19, 20222 min read

Researchers spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks…

Cyber Security

IRS Will Soon Require Selfies for Online Access

January 19, 202210 min read

If you created an online account to manage your tax records with the U.S. Internal…

Cyber Security

Box flaw allowed to bypass MFA and takeover accounts

January 19, 20224 min read

A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to…

Cyber Security

Is White Rabbit ransomware linked to FIN8 financially motivated group?

January 19, 20223 min read

A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it…

Cyber Security

AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler

January 18, 20223 min read

Luxury fashion giant Moncler confirmed a data breach after a ransomware attack carried out by the…

Cyber Security

Financially motivated Earth Lusca threat actors targets organizations worldwide

January 18, 20223 min read

A sophisticated threat actor, tracked as Earth Lusca, is targeting government and private organizations worldwide as…

Cyber Security

Serious Security: Apple Safari leaks private data via database API – what you need to know

January 18, 202210 min read

Researchers at browser identification company FingerprintJS recently found and disclosed a fascinating data leakage bug…

Cyber Security

Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack

January 17, 20223 min read

Ukrainian government attributes the recent attacks against tens of Ukrainian government websites to Belarusian APT…

Cyber Security

Data-wiping malware hitting Ukrainian computers displays fake ransom demand

January 16, 20223 min read

Someone is targeting Windows computers in Ukraine with malware, and for some reason they want…

Cyber Security

A bad day in the office for the REvil ransomware gang, as Russia arrests 14 members

January 16, 20223 min read

While data-wiping malware is hitting the PCs of multiple Ukrainian organisations, Russia has taken the…

Cyber Security

Threat actors stole $18.7M from the Lympo NTF platform

January 16, 20222 min read

Threat actors hacked the hot wallet of the NFT platform Lympo and managed to steal…

Cyber Security

Prominent Carding Marketplace UniCC announced it’s shutting down

January 15, 20223 min read

One of the biggest underground carding marketplaces, UniCC, announced it’s shutting down its operations. UniCC,…

Cyber Security

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

January 14, 20225 min read

The Russian government said today it arrested 14 people accused of working for “REvil,” a…

Cyber Security

Lorenz ransomware gang stolen files from defense contractor Hensoldt

January 14, 20222 min read

German multinational defense contractor Hensoldt confirmed to that some of its systems were infected by…

Cyber Security

Talking cyber on the ManageEngine Insights podcast

January 14, 20222 min read

I was delighted to appear on the “ManageEngine Insights” podcast this week, hosted by enterprise…