New Bill Targeting ‘Warrant-Proof’ Encryption Draws Ire
The Lawful Access to Encrypted Data Act is being decried as “an awful idea” by security experts.
Experts Denounce Racial Bias of Crime-Predictive Facial-Recognition AI
An open letter signed by experts in the field from MIT, Microsoft and Google aim to stop the ‘tech to prison’ pipeline.
Magnitude exploit kit – evolution
Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Flash because it’s just…
Sodinokibi Ransomware Now Scans Networks For PoS Systems
Attackers are compromising large companies with the Cobalt Strike malware, and then deploying the Sodinokibi ransomware.
Work From Home Opens New Remote Insider Threats
Remote work is opening up new insider threats – whether it’s negligence or malicious employees – and companies are scrambling to stay on top of these unprecedented risks.
Hackbit Ransomware Attack Uses GuLoader, Malicious Microsoft Excel Attachments
Recent spearphishing emails spread the Hackbit ransomware using malicious Microsoft Excel attachments and the GuLoader dropper.
The Evolution of DevSecOps
A recent DivvyCloud survey found that in 2019, a majority of respondents reported being in the final optimization stages of their cloud journey, with 59% indicating they are in the DevOps Optimization stage (an 11% increase from 2018).
Remote Workers Pose New Security Risks
Organizations sent workers home during COVID-19 lockdown without adequate security preparation.
Oh, what a boot-iful mornin’
In mid-April, our threat monitoring systems detected malicious files being distributed under the name “on the new initiative of the World Bank in connection with the coronavirus pandemic” (in Russian) with the extension EXE or RAR. Inside the files was the well-known Rovnix bootkit. There is nothing new about cybercriminals exploiting the coronavirus topic; the…
Report: ‘BlueLeaks’ Exposes Sensitive Data From Police Departments
DDoSecrets has published data from over 200 police departments, law enforcement training and support resources and fusion centers.