The developer of HildaCrypt has released the master decryption keys that would allow potential victims of the ransomware to recover their data for free.On October 4, a security researcher who goes by the name “GrujaRS” posted about the discovery of a new variant of STOP, a well–known ransomware family.New #Stop (Djvu) #Ransomware extension

Instagram announced the release of a new feature that’s designed to help its users identify phishing emails impersonating the social media platform.On October 7, Instagram tweeted out about the new capability and said that users can leverage it to verify whether an email claiming to originate from the social network is legitimate.Heads up: Today, we’re

A new sextortion scam variant is using a wallet for a cryptocurrency other than bitcoin in an attempt to evade detection.On October 8, Cofense revealed it had detected a modified sextortion scam that was using a wallet address for Litecoin instead of bitcoin.The variant thereby differentiated itself from earlier sextortion campaigns detected by the anti-phis

Normally it works like this.Someone gets infected by ransomware, and then they pay the ransom. The victim then licks their wounds and hopefully learns something from the experience.And that’s what happened to Tobias Frömel, a German developer and web designer who found himself paying a Bitcoin ransom of 670 Euros (US $735) after his QNAP NAS drive was

The Methodist Hospitals, Inc. revealed that a phishing attack potentially affected the information of approximately 68,000 patients.According to its Notice of Data Incident, the non-profit healthcare system located in Gary, Indiana detected unusual activity involving an employee’s email account back in June 2019. The Methodist Hospitals (‘Methodi

Digital fraudsters are using compromised servers and bogus links in an ongoing effort to target LinkedIn members with scams.The scam began when a Sophos employee received what it appeared to be an unexceptional email from someone they know in real life and with whom they keep in touch on LinkedIn. The body of the LinkedIn message informed the recipient that

Researchers discovered a new cryptojacking worm called “Graboid” that has spread to more than 2,000 unsecured Docker hosts.In its research, Palo Alto Networks’ Unit 42 team noted that it’s the first time it’s discovered a cryptojacking worm specifically using containers in the Docker Engine for distribution. (It’s not the

Researchers have detected a new phishing campaign that uses some clever tricks in order to steal users’ Stripe credentials.Cofense discovered the campaign when it came across an attack email that pretended to originate from “Stripe Support.” The message informed recipients that their account contained invalid details and that it was therefo

In my last post, I briefly summarized the evolution of network security. I will now discuss how network security strategies are no longer meeting the needs of organizations’ increasingly complex IT environments.A Different StrategyTechnological innovation has changed the nature of the network itself. No longer are employees limited to their workstation

You probably remember the massive iCloud breach in 2014 that resulted in compromised celebrity photos spreading through the internet like wildfire. That egregious invasion of privacy caused great embarrassment and damage to the reputations of nearly 100 A-list stars.Fortunately, these bad deeds did not go unpunished. In 2016, two men were brought to justice

Data privacy is a concern for many Americans, but the U.S. Senate is on its way to putting your data at even higher risk of privacy issues. Current laws have broadband privacy rules in place that require Internet Service Providers to receive explicit consent from consumers before they can share or sell private information, such as web browsing data, to adver

Otherwise known as the measuring stick by which your GDPR compliance will be assessed, the six core principles of the GDPR are the basic foundations upon which the regulation was constructed.Unquestionable and pure in nature, they are rarely acknowledged for one simple reason: five of the six have no real application in helping you in peddling products and s

Network security has been around almost as long as we’ve had networks, and it is easy to trace the various elements of network security to the components of networking that they try to mitigate. Over the past 30-35 years or so, the expansion of networking, especially the increased reliance on the Internet both as an avenue for commerce and as the corporate b

If there’s one day of the year when everyone has their guard up, it’s April Fool’s Day.After all, who can put their hand up and say that they have never been duped by an April Fool’s trick?Some of the classic April Fool’s stunts have gone down in history, such as the BBC’s news report from 1957 showing the annual spaghetti

The private IP space defined by RFC 1918 contains almost 18 million IP addresses. A customer was interested in having me do host discovery on this entire space for their private IP space. This is interesting data for network owners because it:Increases awareness to the size of the network attack surface, such as the number of accessible hosts and servicesCan