By Rick McElroy, Principal Cybersecurity Strategist, VMware We have reached a pivotal point in the history of cybersecurity. Catalyzed by the shift to an anywhere-work environment during COVID-19, attack surfaces expanded and cybercriminals became more sophisticated, creating looming threats for security teams. As a result, stress and burnout within the security industry is rising in lockstep. Defenders are stretched thin countering complex attacks, gaining visibility into new environments and constantly being on alert. Expanding threat…

SEC warns of investment scams related to Hurricane Ida The US Securities and Exchange Commission warns investors of potential investment scams that leverages Hurricane Ida as a bait. The US Securities and Exchange Commission (SEC)’s Office of Investor Education and Advocacy is warning investors of potential investment scams related to Hurricane Ida. Scammers will likely target individuals and organizations that are eligible to receive large payouts from insurance companies to compensate for the damages caused by Hurricane Ida. In…

Ireland’s national police service, Gardai, has carried out a significant operation targeting the gang behind the ransomware attack on Ireland’s Health Service Executive (HSE) in May, which it believes has prevented other such attacks taking place globally.  On Sunday, a spokesperson said: “A significant disruption operation which targeted the IT infrastructure of a cyber crime group has been conducted by the Garda National Cyber Crime Bureau (GNCCB). “The Garda National Cyber Crime Bureau have seized several…

Western media channels are being systematically manipulated to spread pro-Russian government propaganda and disinformation, according to a new report by the Crime and Security Research Institute at Cardiff University. The researchers said they uncovered evidence that “provocative” pro-Russian or anti-Western statements were being systematically posted in reader comments sections in articles relating to Russia in 32 prominent media outlets across 16 countries. Russian-language media outlets subsequently used these comments as the basis of stories about politically controversial…

Online fraud is getting sneakier and stealthier as mischievous operatives evolve their techniques. Learn some of the unique tricks afoot today and how to spot them. Image: Disney My family and I enjoyed the TV show “Loki,” which portrays the god of mischief entailed in various shenanigans. I thought how many “variants” of Loki are online—albeit less charismatic—trying to pull off fraudulent tricks to bilk victims out of money or identity information. The tricks are…

To remain competitive in the digital age, organizations frequently introduce new hardware devices and software installations to their IT environments. The problem is that these assets might suffer from vulnerabilities that attackers could misuse, if unpatched, to change a device’s configuration or make unauthorized modifications to some of the organization’s important files. Either of these scenarios could help threat actors to establish an initial foothold on the network, access which they could then leverage to…

US government security experts have urged system administrators to patch two critical flaws in widely used Cisco and Atlassian products, exposing them to compromise. In a rare move, US Cyber Command took to Twitter before the Labor Day holiday weekend on Friday to address the Atlassian bug. “Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate. Please patch immediately if you haven’t already—this cannot wait until after the weekend,” it warned. Atlassian issued…

The US Securities and Exchange Commission (SEC) has warned investors not to fall for scams capitalizing on the Hurricane Ida recovery and clean-up operation. The regulator’s Office of Investor Education and Advocacy claimed that disasters including hurricanes, floods and oil spills often attract opportunistic fraudsters, who use email and social media to promote their scams. “These scams can take many forms, including promoters touting companies purportedly involved in clean-up and repair efforts, trading programs that falsely guarantee…

One of America’s largest school districts has informed students, alumni, parents and employees that personal data from the past 11 years was exposed after a third-party gained unauthorized access to it. The Dallas Independent School District (ISD) claims to serve 145,000 students in 230 schools across the region and boasts 22,000 employees. However, it revealed last Friday that it was notified about a data security incident on August 8. Although the district is still working out which…