Guest blog

bitdefender.com

IT services giant Cognizant hit by Maze ransomware attack

The Maze group’s attacks see corporate victims not only infected with file-encrypting ransomware, but also threatened with the publication of stolen data if extortion demands are not met.

Read more in my article on the Hot for Security blog.

tripwire.com

A Zoom zero-day exploit is up for sale for $500,000

There are reportedly two zero-day vulnerabilities present in the latest versions of Zoom for Windows and macOS – and exploits for the unpatched flaws are being actively hawked to anyone who might be prepared to pay.

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

49 crypto-wallet pickpocketing browser extensions booted from the Chrome web store

Hackers have been using Google Ads to target unsuspecting cryptocurrency investors into installing malicious browser extensions, with the aim of stealing passphrases and private keys and draining funds from their wallets.

Read more in my article on the Hot for Security blog.

bitdefender.com

Zoom takes action after meeting IDs leak in careless screenshots

The video-conferencing app Zoom has been updated to remove the display of meeting IDs from its title bar, after a series of high profile privacy blunders by those sharing screenshots of their online meetings.

Read more in my article on the Hot for Security blog.

bitdefender.com

Hacking the iOS/macOS webcam – Apple pays out $75,000 to bug hunter

A vulnerability researcher has received a bug bounty after discovering security holes in Apple’s software that could allow malicious parties to hijack an iPhone or Mac user’s camera and spy upon them.

Read more in my article on the Hot for Security blog.

tripwire.com

Zoom promises to improve its security and privacy as usage (and concern) soars

Having suddenly found itself with a gigantic increase in usage, Zoom was facing a crisis. It risked losing a large amount of the goodwill it had received because of revelations about its less-than-perfect attitude towards security and privacy.

Lets hope it keeps to its word and begins to threat the safety of its users as a priority.

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Cybersecurity insurance firm Chubb investigates its own ransomware attack

A notorious ransomware gang claims to have successfully compromised the infrastructure… of a company selling cyberinsurance.

Read more in my article on the Hot for Security blog.

tripwire.com

Third-party data breach exposes GE employees’ personal information

Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider.

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Have you patched your IoT devices against the KrØØk Wi-Fi chip flaw?

Unpatched IoT gadgets, smartphones, tablets, laptops, Wi-Fi access points and routers with Broadcom chips are all at risk from the KrØØk vulnerability.

Read more in my article on the Bitdefender BOX blog.

tripwire.com

Whatever happened to cryptojacking?

A couple of years ago it felt like you couldn’t turn your head in any direction without seeing another headline about cryptomining and – its more evil sibling – cryptojacking.

So, what happened?

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

More business websites hit by credit-card skimming malware

In the last few days it has come to light that blender manufacturer NutriBullet and guitar tuition website Truefire fell foul of hackers who planted Magecart-style malicious code on their sites which went undetected for months, stealing the credit card details and personal information from users.

Read more in my article on the Bitdefender Business Insights blog.

bitdefender.com

UK intelligence agency warns of cybercriminals exploiting the Coronavirus outbreak

A division of GCHQ (Britain’s equivalent to the NSA) has warned the public to be on their guard against cybercriminals exploiting the Coronavirus outbreak.

Read more in my article on the Hot for Security blog.

tripwire.com

Phishing attacks exploit YouTube redirects to catch the unwary

Attackers are increasingly exploiting the fact that email gateways turn a blind eye to links to popular sites such as YouTube, in order to phish passwords from unsuspecting computer users.

Read more in my article on the Tripwire State of Security blog.

bitdefender.com

Secret-sharing app Whisper failed to keep users’ fetishes and locations private

Security researchers raised the alarm after discovering that hundreds of millions of Whisper users’ intimate messages, tied to their locations, had been left publicly available since the app’s launch in 2012.

Read more in my article on the Hot for Security blog.

bitdefender.com

Over one billion Android devices at risk as they no longer receive security updates

More than one billion Android devices are at risk of being hacked or infected by malware, because they are no longer supported by security updates and built-in protection.

That’s the conclusion of an investigation which found that at-risk smartphones are still being sold, despite the range of malware and other threats to which they are vulnerable.

Read more in my article on the Hot for Security blog.

bitdefender.com

Cathay Pacific slammed for security failures following hack which exposed 9.4 million people worldwide

The UK’s Information Commissioner’s Office (ICO) has fined Cathay Pacific for “a number of basic security inadequacies” which resulted in hackers stealing the data of 9.4 million people worldwide – including 111,578 from the UK.

Read more in my article on the Hot for Security blog.