iPhones Can Run Malware When Powered Off? That’s A Surprise

Researchers have found that Apple phones may allow the execution of malware even when they’re not turned on. The “Find My” function on iOS has an attack surface that allows firmware tampering, with the ability to load and execute malware via a Bluetooth chip. These types of wireless chips, which also include Near-field communication (NFC) […]

150-Year Old College Taken Down By Ransomware And Covid

Lincoln College in Illinois is shutting down on Friday, in part due to a combination of pandemic related issues as well as a ransomware attack. The college is one of the rural few that qualify as a predominantly Black institution according to the Department of Education. The college was named after President Abraham Lincoln and […]

Is Your Audible Content Secure? Is There A Security Risk?

When you’re spending time talking with colleagues, are you aware of who may be listening? Maybe your office or conference room is separated from another company by only a thin wall, or perhaps a public restroom is located on the other side of your work space. If you often have private, company-related discussions with coworkers […]

North Korean Crypto Hack And The Global Security Implications

Massive cryptocurrency hacks may signal a new and upcoming type of national security threat. United States authorities have recently tied the Axie Infinity hack, in which a threat actor stole roughly $625 million worth of crypto, back to North Korean hackers. Last Thursday, groups Lazarus and APT38, which are both linked to North Korea, were […]

Central Bank of Russia Secrets To Be Released By Anonymous Group

An account on Twitter claiming to be affiliated with the hacking group says they’ll release 35,000 stolen files exposing secret agreements pertaining to Russia’s central bank. Anonymous has launched multiple cyber-attacks against Russian backed entities after the invasion of Ukraine on February 24th. The group has targeted state-run media, energy firms as well as Russian […]

Legal Firm Fined A Whopping ~100k Due To Cybersecurity Incident

A legal practice in the UK has been fined £98,000 after a security incident lead to hackers stealing sensitive court case information. The group in question, Tuckers Solicitors, had a cybersecurity policy that failed to comply with GDPR requirements. Because of this, criminals were able to breach the business’ network and encrypt 24,711 “court bundled” […]

The Average Vulnerability Remediation Time For Organizations? 2 Months

A report from cybersecurity company Edgescan notes that it takes businesses nearly two months, or a mean time to remediate (MTTR) of 60 days, to fix critical risk vulnerabilities. The company’s findings go over known and currently exploited vulnerabilities, as well as industry trends involving vulnerability management. Remote access attacks accounted for roughly 5% of […]

Alert! Windows Defender Security Warning: Don’t Fall For It

The current scam of the week? Technical support scams. Cybercriminals are tricking users into believing that their computers are infected with ransomware or other types of errors via pop-up messages. You may find yourself at one of these fraudulent web pages after clicking on advertisements, when browsing online as usual, or when an installed PUA […]

Microsoft Teams Targeted By Criminals For Sneaky Trojan Attacks

Cybercriminals are targeting Microsoft Teams users with the goal of executing Trojans on their machines. Researchers at Avanan started tracking the campaign in January. Malicious documents are dropped into Teams conversations and, when clicked on, will take over a user’s computer. A report from the company states that criminals are using an executable file to […]

LinkedIn Phishing Scams Up A Whopping 232% Since Feb. 1st

According to cybersecurity group Egress, these types of attacks have been on the rise since the beginning of February. Reports from the company show that criminals are using stylized HTML templates and display name spoofing in order to get victims to click on phishing links and add their credentials into a fraudulent webpage. For example, […]