DeFi protocol Cream Finance suffered yet another hack this year after an exploit stole at least $130 million in what could be one of the largest thefts in decentralized finance. From a report: The attack on the Ethereum-based lending protocol was first…
A security bug in health app Docket exposed COVID-19 vaccine records
A security bug in the health app Docket exposed the private information of residents vaccinated against COVID-19 in New Jersey and Utah, where the app received endorsements from state officials. Docket lets residents download and carry a digital copy of their immunizations by pulling their vaccination records from their state’s health authority. The digital copy […]
Ransomware Gang Claims Attack on NRA
The operators of the Grief ransomware have listed today the US National Rifle Association (NRA) as a victim of one of their attacks. From a report: The organization’s name was listed on a dark web portal, often called a “leak site,” where the Grief gan…
Securing your digital life, part two: The bigger picture—and special circumstances
We did the basics—now let’s look at some more detailed steps to protect yourself.
Bridging the gap: What CISOs must do to get the C-suite on their side
Every CISO must face a cold, hard fact: You might not have a seat at the boardroom table or the executive leadership team meeting.
人気YouTubeチャンネルを次々に乗っ取り、ハッカーたちの「ありふれた手口」
人気のYouTubeチャンネルが乗っ取られる被害が、過去数年で数千件にも達するなど多発している。仮想通貨に関連した詐欺への悪用やアカウントの転売がハッカーたちの主な目的だが、その乗っ取りの手口はユーチューバーへの1本のメールから始まる単純なものだ。
…
Starting your journey to zero trust adoption
“Zero trust” is certainly a buzzword that gets freely thrown around in cybersecurity. But what does it actually mean?
Google Unmasks Two-year-old Phishing and Malware Campaign Targeting YouTube Users
Almost two years after a wave of complaints flooded Google’s support forums about YouTube accounts getting hijacked even if users had two-factor authentication enabled, Google’s security team has finally tracked down the root cause of these attacks. Fr…
Olympus US hack tied to sanctioned Russian ransomware group
An “ongoing” cyberattack against the Japanese technology giant Olympus was caused by a Russian ransomware group sanctioned by the U.S. government, according to two people with knowledge of the incident. A new malware variant known as Macaw was used in the attack that began on October 10, which encrypted Olympus’ systems in the U.S., Canada […]
A massive ‘stalkerware’ leak puts the phone data of thousands at risk
The private phone data of hundreds of thousands of people are at risk. Call records, text messages, photos, browsing history, precise geolocations and call recordings can all be pulled from a person’s phone because of a security issue in widely used consumer-grade spyware. But that’s about as much as we can tell you. TechCrunch repeatedly […]