A former China liaison at Zoom has been indicted by the US for interfering in meetings, monitoring users and fabricating evidence against them as per Beijing’s instructions. Xinjiang (“Julien”) Jin, faces a maximum 10 years in prison if found guilty of conspiracy to commit interstate harassment and unlawful conspiracy to transfer a means of identification. However, Jin is unlikely to face trial given that he’s based in China. The former Zoom man was originally hired…

It’s been a little while since we last reviewed a book, but a lot of my team has been spending time with Ghidra this year. Craig Young taught a course on the subject, and I’ve used it with my students at Fanshawe College in their Malware Analysis course. Given our fascination with Ghidra, reviewing The Ghidra Book: The Definitive Guide by Chris Eagle and Kara Nance from No Starch Press made sense. I have a…

Every website on the Internet is somewhat vulnerable to security attacks. The threats range from human errors to sophisticated attacks by coordinated cyber criminals. According to the Data Breach Investigations Report by Verizon, the primary motivation for cyber attackers is financial. Whether you run an eCommerce project or a simple small business website, the risk of a potential attack is there. It’s more important than ever to know what you’re up against. Each malicious attack…

By Bar Block, Threat Intelligence Researcher at Deep Instinct Since the outbreak of COVID-19, plenty of COVID-19 themed malware attacks have surfaced around the globe. Attackers take every chance they get to spread their malware, and the pandemic has given them ripe opportunities. Based on data from D-Cloud, Deep Instinct’s Threat intelligence and telemetry cloud environment, the number of attacks has overall risen. This is particularly seen in the number of malicious executables and Office…

By Ben Hartwig, Web Operations Executive, InfoTracer Online retail fraud continues to rise year on year. Fraudsters are becoming more sophisticated and although we can put more and more consumer protection laws in place for protection, there is always a risk when providing your personal information online. Even if apps and stores that have access to your credit card or other details take measures to keep data safe, there is always the chance that hackers…

Vulnerability Description The United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software [1]. The attacks have been ongoing since at least March 2020 and CISA has warned that many high-value targets within government, critical infrastructure, and the private sector have been compromised. Private security firm FireEye has also disclosed…

Enterprise Management Associates and Pulse Secure report that 60% of organizations have accelerated their zero trust projects during the pandemic, while only 15% have slowed down. Image: iStock/vadimrysev Zero trust is a network security model that minimizes risk by applying granular policies and controls to network access and network communications. Zero trust operates via constantly verifying the legitimacy of network communications even inside the network perimeter. Changes in location, device state, security state, behavior, and…