FinFisher malware hijacks Windows Boot Manager with UEFI bootkit

Commercially developed FinFisher malware now can infect Windows devices using a UEFI bootkit that it injects in the Windows Boot Manager. FinFisher (also known as FinSpy and Wingbird) is a surveillance solution developed by Gamma Group that also comes with malware-like capabilities often found in spyware strains. …

FinFisher malware hijacks Windows Boot Manager with UEFI bootkit Read More »

FBI warns of ransomware attacks targeting food and agriculture sector as White House pushes for proactive measures

The FBI sent out a notice warning companies in the the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains. The FBI note said ransomware groups are seeking to disrupt operations, cause financial loss, and negatively impact the food …

FBI warns of ransomware attacks targeting food and agriculture sector as White House pushes for proactive measures Read More »

SEC fines eight investment firms for cybersecurity breaches that leaked client info

The SEC handed down sanctions against eight firms this week for a slate of cybersecurity failures that resulted in the leakage of personal data for thousands of people.  Cetera Advisor Networks, Cetera Investment Services, Cetera Financial Specialists, Cetera Advisors and Cetera Investment Advisers (collectively, the …

SEC fines eight investment firms for cybersecurity breaches that leaked client info Read More »

Bluetooth BrakTooth bugs could affect billions of devices

Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors. The set of issues impact a wide variety of devices, from consumer electronics to industrial equipment. The associated risk ranges from denial-of-service, deadlock condition of …

Bluetooth BrakTooth bugs could affect billions of devices Read More »

Translated Conti ransomware playbook gives insight into attacks

Almost a month after a disgruntled Conti affiliate leaked the gang’s attack playbook, security researchers shared a translated variant that clarifies any misinterpretation caused by automated translation. Apart from providing information about the gang’s attack methods and the thoroughness of the instructions, which allow for less-skilled actors …

Translated Conti ransomware playbook gives insight into attacks Read More »

Atlassian Confluence flaw actively exploited to install cryptominers

Hackers are actively scanning for and exploiting a recently disclosed Atlassian Confluence remote code execution vulnerability to install cryptominers after a PoC exploit was publicly released. Atlassian Confluence is a very popular web-based corporate team workspace that allows employees to collaborate on projects. On August …

Atlassian Confluence flaw actively exploited to install cryptominers Read More »

WhatsApp to appeal $266 million fine for violating EU privacy laws

Ireland’s Data Privacy Commissioner (DPC) has hit Facebook-owned messaging platform WhatsApp with a €225 million ($266 million) administrative fine for violating the EU’s GDPR privacy regulation after failing to inform users and non-users on what it does with their data. EU data regulators can impose …

WhatsApp to appeal $266 million fine for violating EU privacy laws Read More »

Don’t want to get hacked? Then avoid these three ‘exceptionally dangerous’ cybersecurity mistakes

Using unsupported software, allowing the use of default usernames and passwords and using single-factor authentication for remote or administrative access to systems are all dangerous behaviours when it comes to cybersecurity and should be avoided by all organisations – but particularly those supporting critical infrastructure. …

Don’t want to get hacked? Then avoid these three ‘exceptionally dangerous’ cybersecurity mistakes Read More »

Scroll to Top