NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
Feb 08, 2023Ravie LakshmananEncryption / IoT Security The U.S. National Institute of Standards and Technology (NIST) has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography...
Unpatched Security Flaws Disclosed in Multiple Document Management Systems
Feb 08, 2023Ravie LakshmananVulnerability Management Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System (DMS) offerings from four vendors LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. Cybersecurity firm Rapid7...
Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach
Feb 08, 2023Ravie LakshmananCyber Crime / SMS Fraud A Sydney man has been sentenced to an 18-month Community Correction Order (CCO) and 100 hours of community service for attempting to take advantage of the Optus data breach last year to blackmail its customers. The...
How to Think Like a Hacker and Stay Ahead of Threats
Feb 08, 2023The Hacker NewsCyber Security / Cyber Threats To succeed as a cybersecurity analyst, you need to understand the traits, values, and thought processes of hackers, along with the tools they use to launch their attacks. During a webinar called The Hacker...
Russian Hackers Using Graphiron Malware to Steal Data from Ukraine
Feb 08, 2023Ravie LakshmananThreat Intelligence / Data Safety A Russia-linked threat actor has been observed deploying a new information-stealing malware in cyber attacks targeting Ukraine. Dubbed Graphiron by Broadcom-owned Symantec, the malware is the handiwork of...
Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware
Feb 08, 2023Ravie LakshmananCryptocurrency / Endpoint Security A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis...
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
Feb 08, 2023Ravie LakshmananThreat Intelligence / Cyber War The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos....
OpenSSL fixes High Severity data-stealing bug – patch now!
by Paul Ducklin OpenSSL, probably the best-known if not the most widely-used encryption library in the world, has just release a trifecta of security updates. These patches cover the two current open-source versions that the organisation supports for everyone, plus...
KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach
KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can’t predict what the producers will do with the video interviews we shot,...
VMWare user? Worried about “ESXi ransomware”? Check your patches now!
by Paul Ducklin Cybersecurity news, in Europe at least, is currently dominated by stories about “VMWare ESXi ransomware” that is doing the rounds, literally and (in a cryptographic sense at least) figuratively. CERT-FR, the French government’s computer emergency...