Lockbit locked out, and funeral Facebook scams • Graham Cluley
Heaven’s above! Scammers are exploiting online funerals, and Lockbit – the “Walmart of Ransomware” – is dismantled in style by cyber cops. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult themes, and rude […]
Joomla fixes XSS flaws that could expose sites to RCE attacks
Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on vulnerable websites. The vendor has addressed the security issues, which impact multiple versions of Joomla, and fixes are present in versions 5.0.3 and also 4.4.3 of the CMS. CVE-2024-21722: The MFA management features did not properly […]
U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders
The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. “Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, […]
‘Lucifer’ Botnet Turns Up the Heat on Apache Hadoop Servers
A threat actor is targeting organizations running Apache Hadoop and Apache Druid big data technologies with a new version of the Lucifer botnet, a known malware tool that combines cryptojacking and distributed denial of service (DDoS) capabilities. The campaign is a departure for the botnet, and an analysis this week from Aqua Nautilus suggests that […]
Ping Identity (ForgeRock) vs Okta (2024): Compare IAM software
Ping Identity and Okta are among the top IAM tools on the market today and provide many of the functions large and small companies need when initiating identity and access management systems for their networks. PingOne and Okta offer cloud-based technology solutions for businesses in need of security upgrades while still ensuring seamless sign-on experiences. […]
Help! I Think My Phone’s Been Hacked
“My phone’s been hacked!” Words you probably don’t want to hear or say. Ever. Yes, a smartphone can get hacked just like any other device. And they make prize targets as well. Loaded as they are with personal and financial information, access to payment apps, files, photos, and contacts, bad actors have plenty to gain […]
How sponsorship is a catalyst for change
Here’s an (un)fun fact: Almost 90 percent of companies had sponsorship programs in 2021, yet only 33 percent of Black employees actually had sponsors, and even fewer Black employees (23 percent) felt support to advance in their careers¹. More shocking? The number of Black employees with sponsors dropped as low as five percent² a year later. […]