threat
-
Blog
Macs under threat from new info-stealing malware spread through fake browser updates — how to stay safe
When it comes to staying safe online, one thing I always recommend is to keep your computer updated along with the software you use everyday. The problem now though, is that hackers are capitalizing on this advice and as you might have guessed, are using it to spread dangerous info-stealing malware targeting Macs, PCs and even Android phones. As reported…
Read More » -
Blog
Threat actors are leaning on trusted services more than ever
Cyber threats are increasingly incorporating legitimate services in their attack chain, researchers warn. In its latest threat intelligence report, email security platform Mimecast said it flagged more than 5 billion threats in the second half of 2024. Mimecast identified the growing trend of living off trusted services (LOTS) attacks as its most significant finding over the period, as attackers increasingly…
Read More » -
Blog
How Elon Musk’s Department of Energy access could pose a nuclear threat
What was once ridiculous is now possible. Elon Musk, the richest person in the history of the world, has become President Donald Trump’s attack dog. Musk and his Department of Government Efficiency (DOGE) have unprecedented access to the government’s data and computer system. Earlier this week, that came to include systems in the Department of Energy (DOE), which oversees America’s…
Read More » -
Blog
Trump’s 100% tariff threat on Taiwan chips raises cost, supply chain fears
“I don’t think we will see a near-term impact, as it takes years to build fabs, but by the end of the decade, the US share could rise by a few percentage points,” Gupta said. “It’s hard to give an exact number, but if I were to estimate, I’d say 14-15%. That isn’t a lot, but for the US to…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/25829976/STK051_TIKTOKBAN_B_CVirginia_B.jpg)
The Biden White House says TikTok’s threat to go dark is a ‘stunt’
White House Press Secretary Karine Jean-Pierre called TikTok’s threat to “go dark” tomorrow a “stunt,” and said there is no reason that TikTok or any other companies should take any actions under the ban before the Trump administration is sworn in Monday morning, several news outlets are reporting. “It is a stunt, and we see no reason for TikTok or…
Read More » -
Blog
Microsoft files suit against threat actors abusing AI services
Microsoft has filed a lawsuit against 10 foreign threat actors, accusing the group of stealing API keys for its Azure OpenAI service and using it to run a hacking as a service operation. According to the complaint, filed in December 2024, Microsoft discovered the customer API keys were being used to generate illicit content in late July that year. After…
Read More » -
Blog
China-Linked Cyber Threat Group Hacks US Treasury Department
A Chinese-state-sponsored cyberattack compromised the U.S. Treasury, gaining access to classified documents through a vulnerability through third-party cybersecurity provider BeyondTrust. The breach, revealed on Dec. 31, underscores the growing sophistication of state-backed cyber espionage efforts. “Treasury takes very seriously all threats against our systems, and the data it holds,” a department spokesperson said in a statement. “Over the last four…
Read More » -
Blog
Chinese threat actors breached the US Treasury in ‘major incident’ – here’s what you need to know
Chinese threat actors were able to access highly sensitive information held by the US Treasury Department after compromising a third party service used for remote IT support. On 8 December, cybersecurity firm BeyondTrust warned users it had discovered an API key for its remote support SaaS solution had been compromised. The stolen key could allow threat actors to trigger password…
Read More » -
Blog
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. Chinese security firm QAX’s XLab discovered the new PHP malware in late April 2024, but evidence of its deployment, along with other files, dates back to December 2023. XLab comments that,…
Read More » -
Blog
Threat of personal liability has CISOs sweating
CISOs are feeling the pressure over stories of their peers being held personally liable for cybersecurity incidents. In the most notorious example, the US Securities and Exchange Commission (SEC) last year announced that it was filing charges against both SolarWinds and its CISO, Tim Brown, amid allegations of “fraud and internal control failures relating to allegedly known cybersecurity risks and…
Read More »