PayPal files patent for new method to detect stolen cookies
PayPal has filed a patent application for a novel method that can identify when “super-cookie” is stolen, which could improve the cookie-based authentication mechanism and limit account takeover attacks. The risk that PayPal wants to address is that of hackers stealing cookies containing authentication tokens to log into victim accounts without the need for valid credentials […]
Russian Government Software Backdoored to Deploy Konni RAT Malware
Feb 22, 2024NewsroomMalware / Cyber Espionage An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the […]
Avast to Pay $16.5M Fine For Selling Consumer Browsing Data
The Federal Trade Commission (FTC) is requiring Avast, a antivirus security provider, to pay a $16.5 million fine to settle charges that the company and its subsidiaries have been selling and licensing Web browsing data to third parties, after claiming that its products protect consumers from such online tracking. The FTC said that Avast collected […]
Make Your Smart Home a Secure Home Too: Securing Your IoT Smart Home Devices
It’s only a smart lightbulb. Why would anyone want to hack that? Great question. Because it gets to the heart of security matters for your IoT smart home devices. Internet of Things (IoT) devices have certainly made themselves at home in recent years. Once a novelty, they’ve become far more commonplace. The numbers bear that […]
LockBit ransomware returns, restores servers after police disruption
The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector. In a message under a mock-up FBI leak – specifically to draw attention, the gang published a lengthy message about […]
A New Age of Hacktivism
In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives. We understand hacktivism as a […]
Orgs Face Major SEC Penalties for Failing to Disclose Breaches
Companies and their CISOs could be facing anywhere from hundreds of thousands to millions of dollars in fines and other penalties from the US Securities and Exchange Commission (SEC), if they don’t get their cybersecurity and data-breach disclosure processes in order to comply with the new rules that have now gone into effect. For those […]