Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities. “Candiru is a secretive Israel-based company that sells spyware exclusively to governments,” Citizen Lab explained in a report published today. “Reportedly, their spyware can infect and monitor iPhones,…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Fraud Risk Management Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools Dan Gunderman (dangun127) • July 16, 2021 Illustration: Palo Alto Networks The gang behind ransomware known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly…
Breach Notification , Fraud Management & Cybercrime , Incident & Breach Response DarkSide Ransomware Operation Had Claimed Clothing Retailer Was Victim of Its Attack Mathew J. Schwartz (euroinfosec) • July 13, 2021 Guess store in Miami (Photo: Phillip Pessar via Flickr/CC) Clothing retailer Guess suffered a ransomware attack and data breach earlier this…
If you’re a member of the US military who’s gotten friendly Facebook messages from private-sector recruiters for months on end, suggesting a lucrative future in the aerospace or defense contractor industry, Facebook may have some bad news. On Thursday, the social media giant revealed that it has tracked and at least partially disrupted a long-running…
At least 120 people have died and hundreds are unaccounted for after some of the worst flooding in western Europe in decades. The acting mayor of Liege in Belgium, Christine Defraigne, told BBC World News that while the river level was now dropping, the city was now facing a “terrible aftermath”. “I think our population…
Microsoft Windows July 2021 Patch Tuesday just rolled out, patching 12 critical security vulnerabilities in a total of 116 issues. It is noteworthy that three of the issues addressed this month were actively exploited in the wild. These bugs include a critical scripting engine memory corruption issue known as CVE-2021-34448, and two Windows kernel elevation-of-privilege…
Blockchain & Cryptocurrency , Critical Infrastructure Security , Cryptocurrency Fraud If Ransomware Should Decline as a Viable Criminal Business Model, What Comes Next? Mathew J. Schwartz (euroinfosec) • July 16, 2021 Source: Cisco Talos The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Social Media ‘Tortoiseshell’ Group Used the Social Network to Contact Targets Doug Olenick (DougOlenick) • July 15, 2021 Facebook’s threat intelligence team says it has disrupted an Iranian advanced persistent threat group that was using the social network as part of an effort…
Softpedia News / Security 15. July 2021 This article has been indexed from Softpedia News / Security Researchers from Kaspersky Lab have discovered a large-scale superior persistent risk (APT) marketing campaign that involved multiple victims from Southeast Asia, as well as government agencies in Myanmar and the Philippines. According to Kaspersky, there is a moderate…
BBC Click’s Romana Kreider looks at the best technology news stories of the week including: Google is fined €500m (£427m) by France’s competition authority for not negotiating “in good faith” with news organisations over their use of content. Google has told the BBC the decision “ignores our efforts to reach an agreement” One of the…
