A former Yahoo! employee who hacked into the accounts of thousands of users was sentenced to five years of probation. In September the former Yahoo software engineer Reyes Daniel Ruiz has admitted in court to hacking into 6,000 Yahoo! accounts back in 2018. Last week Ruis (35), of Tracy, California, was sentenced to five years of probation after he adm

A former Yahoo! employee who admitted to hacking into the accounts of thousands of users was sentenced last week to five years of probation.The man, Reyes Daniel Ruiz, 35, of Tracy, California, pleaded guilty in September 2019 to hacking roughly 6,000 Yahoo! accounts, looking for sexual photos and videos.To access the victim accounts, he used cracked user pa

G Data security researchers have identified a new ransomware family that attempts to spread using infected USB drives.Dubbed Try2Cry, the new piece of ransomware borrows functionality from Spora, which first emerged three years ago. Written in .NET, Try2Cry features a USB worm component similar to that previously observed in the njRAT remote access Trojan.Th

Adware on inexpensive Android smartphone can carry additional malware and be undeletable.Researchers have found more than a dozen critical files associated with preinstalled adware on Android devices that carry loaders, Trojans, and other malware on top of their annoying "legitimate" payload.Igor Golovin and Anton Kivva, researchers at Kaspersky, began looki

Cybercriminals typically focus on targets that can get them the highest return with the least amount of effort. This is often determined by their ability to scale attacks, and therefore on how prevalent a vulnerability or target system is. Enter: the credit card skimmer. In the world of digital skimming, we’ve seen the most activity on e-commerce co

The number and value of fines for data breaches is predicted to increase between now and 2025, according to a new study by DSA Connect. Interviews with 1000 workers between 24 and 27 April 2020 revealed that 37% think there will be an increase and 6% believe the rise will be dramatic. Just 3% expect a reduction.In regard to fines linked to the inadequate del

System partition infections as a method of installing adware are on the rise in mobile devices, according to new research from Kaspersky. It found that 14.8% of Kaspersky users who were targeted by malware or adware in 2019 had this type of infection, which means the malicious files cannot be deleted.A system partition infection is particularly dangerous as

Introduction: IT consultants for cybersecurity mattersCybersecurity consultants are the go-to professionals to devise best ways to protect an organization’s critical assets. Their role entails helping clients lower their risk by accurately interpreting and analyzing security risks to implement best practices that can increase protection from cyber thre

IntroductionIn this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by an author named “0xmzfr.” As per the description given by the author, this is an intermediate-level CTF. The target of this CTF is to capture two flags, which are present in user.txt and root.txt respectively.You can check my previous

Phishing is easy. Let’s just get that out of the way. It’s easy for an attacker, and, if you have the right tools (such as InfoSec Institute’s PhishSim), it is easy for a cybersecurity professional who wants to test the company employees using simulated phishing campaigns. With an average of 90 messages being delivered to a business email address per d

A Nigerian national appeared in federal court in Chicago Friday accused of orchestrating an international cyber fraud scheme that federal prosecutors say defrauded U.S. businesses in six states out of tens of millions of dollars.Olalekan Jacob Ponle, 29, originally of Lagos, Nigeria, was arrested last month in the United Arab Emirates, where he was living, a

Hackers linked to the North Korean government appear to be behind the Magecart attacks on fashion retailer Claire’s and other online stores, Netherlands-based e-commerce security company Sansec reported on Monday.Threat actors linked to North Korea have been known to launch — in addition to espionage and destructive campaigns — financially-motivated attacks,

The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).Used within organizations of all sizes for remote connection to assets and for telework, VPNs can deliver the expected level of security if strong cryptography is employed and if admins perform regular

Securing the Internet of Things requires diligence in secure development and hardware design throughout the product life cycle, as well as resilience testing and system component analysis. As devices and technologies connecting us to the world evolve, cybercriminals are evolving their methods to attack and compromise critical systems across the Internet of T

There's a new ransomware for the Mac called ThiefQuest or EvilQuest. It's hard to get infected: For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it. It's a good reminder to get your software from trustworthy sources, like developers whose code is "signed" by A