On September 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables an unprivileged local process to gain root access to the system. CVE-2020-14386 is a result of a bug found in the packet socket facility in the Linux kernel. It allows a bad actor to trigger a memory corruption that can be

Author: Jelle Vergeer The first part of this blog will be the story of how this tool found its way into existence, the problems we faced and the thought process followed. The second part will be a more technical deep dive into the tool itself, how to use it, and how it works. Storytime About 1½ half years ago I did an awesome Red Team like project.

bySean GallagherInternet scammers are always looking for a better way to separate unwitting device users from their money. And as with all other endeavors, they’ve learned that it pays to advertise.At SophosLabs we recently researched a collection of scams that exploit web advertising networks to pop up fake system alerts on both computers and mobile devices

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The malware has been active since at least December 2018, it targets cryptocurrency user

Detecting both ‘offensive’ and obfuscated PowerShell scripts in Splunk using Windows Event Log 4104 Author: Joost Jansen This blog provides a ‘look behind the scenes’ at the RIFT Data Science team and describes the process of moving from the need or an idea for research towards models that can be used in practice. More specifically, how known a

A former Cisco employee has pleaded guilty to hacking charges and intentionally causing damage to the systems of his company. The former Cisco employee Sudhish Kasaba Ramesh (30) pleaded guilty in federal court in San Jose today to intentionally accessing a protected computer of his company without authorization and causing damage. The news was announc

Stalkerware is technically software with malicious intent, but security professionals should treat it as a different beast from other malware. Stalkerware is an app or apps that someone else can install on your device to intercept text messages and phone calls, send call logs, record web browsing activity and keystrokes and even access your location. And st

Expanding employees’ access to the company’s data, known as data democratization, can be controversial. A more open attitude to data within the enterprise can give people the tools to fuel innovation and improve their bottom lines. However, it also can pose problems with security if not properly rolled out. As businesses work towards unleashing

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. The malware has been active at le

Can My Webcam Be Accessed Remotely? July 28th, 2020 No Comments antivirus, Data Privacy, Data Protection, Online Privacy, Uncategorized With the huge increase of people working from home due to Covid-19, millions of home laptops and desktops are lay

Sextortion: All You Need to Know July 14th, 2020 No Comments anti-phishing, Data Privacy, Data Protection, Mobile Security, Online Privacy, Online Safety, Ransomware, Uncategorized Sextortion – a portmanteau of the words sex and extortion – is a bro

A step by step cookbook on best practices for alerting on Kubernetes platform and orchestration, including PromQL alerts examples. If you are new to Kubernetes and monitoring, we recommend that you first read Monitoring Kubernetes in production, in which we cover monitoring fundamentals and open-source tools. Interested in Kubernetes monitoring

byLisa VaasGoogle announced on Tuesday that it’s purchased a smart-glasses company called North and, notwithstanding its failure to bring Google Glass wearables to the masses, still plans to caress our vision with the vast tentacles of its helpfulness. From the announcement, which was posted by Rick Osterloh, Senior Vice President, Devices & Servi

Authors: Rich Warren of NCC Group FSAS & Yun Zheng Hu of Fox-IT, in close collaboration with NCC’s RIFT. About the Research and Intelligence Fusion Team (RIFT): RIFT leverages our strategic analysis, data science, and threat hunting capabilities to create actionable threat intelligence, ranging from IOCs and detection capabilities to strategic reports o

byPaul DucklinIf you run a website or a blog, you probably use a cloud provider or a dedicated hosting company to manage your server and deliver the content to your readers, viewers and listeners.We certainly do – both Naked Security and our sister site Sophos News are hosted by WordPress VIP.That’s not a secret (nor is it meant to be), not least