Welcome to another Afternoon Dessert breakout:
Is Cybersecurity Awareness Month Anything More Than PR?
Cybersecurity Awareness Month has been going on since 2004. This year, Cybersecurity Awareness Month urged the public, professionals, and industry partners to "see themselves in cyber" in the following ways: The public, by taking action to stay safe online. Professionals, by joining the cyber workforce. Cyber industry partners, as part of the cybersecurity solution. CISA outlined four "things
Read more....
Researchers Uncover PyPI Package Hiding Malicious Code Behind Image File
A malicious package discovered on the Python Package Index (PyPI) has been found employing a steganographic trick to conceal malicious code within image files. The package in question, named "apicolor," was uploaded to the Python third-party repository on October 31, 2022, and described as a "Core lib for REST API," according to Israeli cybersecurity firm Check Point. It has since been taken
Read more....
Russian LockBit ransomware operator arrested in Canada
Europol has announced today the arrest of a Russian national linked to LockBit ransomware attacks targeting critical infrastructure organizations and high-profile companies worldwide. [...]
Read more....
Hacker Rewarded $70,000 for Finding Way to Bypass Google Pixel Phones' Lock Screens
Google has resolved a high-severity security issue affecting all Pixel smartphones that could be trivially exploited to unlock the devices. The vulnerability, tracked as CVE-2022-20465 and reported by security researcher David Schütz in June 2022, was remediated as part of the search giant's monthly Android update for November 2022. "The issue allowed an attacker with physical access to bypass
Read more....
Warning: New Massive Malicious Campaigns Targeting Top Indian Banks' Customers
Cybersecurity researchers are warning of "massive phishing campaigns" that distribute five different malware targeting banking users in India. "The bank customers targeted include account subscribers of seven banks, including some of the most well-known banks located in the country and potentially affecting millions of customers," Trend Micro said in a report published this week. Some of the
Read more....
Ukraine arrests fraud ring members who made €200 million per year
Ukraine's cyber police and Europol have identified and arrested five key members of an international investment fraud ring estimated to have caused losses of over €200 million per year. [...]
Read more....
FBI warns scammers now impersonate refund payment portals
The FBI warns that tech support scammers are now impersonating financial institutions' refund payment portals to harvest victims' sensitive information and add legitimacy. [...]
Read more....
Kaspersky to kill it's VPN service in Russia next week
Kaspersky is stopping the operation and sales of its VPN product, Kaspersky Secure Connection, in the Russian Federation, with the free version to be suspended as early as November 15, 2022. [...]
Read more....
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Read more....
Is Cybersecurity Awareness Month Anything More Than PR?
Cybersecurity Awareness Month has been going on since 2004. This year, Cybersecurity Awareness Month urged the public, professionals, and industry partners to "see themselves in cyber" in the following ways: The public, by taking action to stay safe online. Professionals, by joining the cyber workforce. Cyber industry partners, as part of the cybersecurity solution. CISA outlined four "things
Read more....
Researchers Uncover PyPI Package Hiding Malicious Code Behind Image File
A malicious package discovered on the Python Package Index (PyPI) has been found employing a steganographic trick to conceal malicious code within image files. The package in question, named "apicolor," was uploaded to the Python third-party repository on October 31, 2022, and described as a "Core lib for REST API," according to Israeli cybersecurity firm Check Point. It has since been taken
Read more....
Russian LockBit ransomware operator arrested in Canada
Europol has announced today the arrest of a Russian national linked to LockBit ransomware attacks targeting critical infrastructure organizations and high-profile companies worldwide. [...]
Read more....
Hacker Rewarded $70,000 for Finding Way to Bypass Google Pixel Phones' Lock Screens
Google has resolved a high-severity security issue affecting all Pixel smartphones that could be trivially exploited to unlock the devices. The vulnerability, tracked as CVE-2022-20465 and reported by security researcher David Schütz in June 2022, was remediated as part of the search giant's monthly Android update for November 2022. "The issue allowed an attacker with physical access to bypass
Read more....
Warning: New Massive Malicious Campaigns Targeting Top Indian Banks' Customers
Cybersecurity researchers are warning of "massive phishing campaigns" that distribute five different malware targeting banking users in India. "The bank customers targeted include account subscribers of seven banks, including some of the most well-known banks located in the country and potentially affecting millions of customers," Trend Micro said in a report published this week. Some of the
Read more....
Ukraine arrests fraud ring members who made €200 million per year
Ukraine's cyber police and Europol have identified and arrested five key members of an international investment fraud ring estimated to have caused losses of over €200 million per year. [...]
Read more....
FBI warns scammers now impersonate refund payment portals
The FBI warns that tech support scammers are now impersonating financial institutions' refund payment portals to harvest victims' sensitive information and add legitimacy. [...]
Read more....
Kaspersky to kill it's VPN service in Russia next week
Kaspersky is stopping the operation and sales of its VPN product, Kaspersky Secure Connection, in the Russian Federation, with the free version to be suspended as early as November 15, 2022. [...]
Read more....
S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Read more....