How To Protect Your Company With Cybersecurity Awareness

These days, companies spend significant sums of money to protect themselves from cyber criminals.  The threat matrix is vast, and attacks can come from almost any quarter. That is why many companies not only spend heavily on antivirus software, but also on a wide range of tools that IT security professionals can leverage to intercept attacks “at the gates” and …

Simple Ways To Hire The Perfect Candidate The First Time

Top quality talent can be difficult to find in any field, if you have spent any time looking for and hiring people, you know the challenge can be an especially daunting one.  There’s tremendous competition for talented folks. Given the cost of hiring and training new people, it’s something you want to get right the first time as often as …

Researchers Warn About Symbiote Malware Which Attacks Linux Machines

Are you a Linux user?  If so, be aware that there is a new kind of malware to be concerned about. The BlackBerry Threat Research and Intelligence team, in concert with Joakim Kennedy (an Intezer Analyze security researcher), have announced the discovery of a new strain of malware. They’ve dubbed it Symbiote, and it was named because of its parasitic …

Emotet Malware Will Include Credit Card Theft In Attacks

If you’re involved in information security in any capacity, you’re probably quite familiar with the infamous Emotet botnet.  It’s one of the most dangerous and prolific botnets out there and it is a dire threat to organizations of all sizes. The bad news is that the botnet is still being actively enhanced and is gaining new capabilities at regular intervals. …

Beware New Windows Vulnerability With Remote Search Window Access

You may not know the name Matthew Hickey, but you should thank him for a recent discovery that could save you a lot of grief. Hickey is the co-founder of a company called Hacker House.  He recently discovered a flaw that could allow for the opening of a remote search window simply by opening a Word or RTF document. This …

Some Carrier Embedded Android Apps May Have Security Vulnerabilities

Recently, Microsoft reported high severity security vulnerabilities in multiple apps offered by large international mobile service providers.  What makes this especially noteworthy is the fact that these vulnerabilities aren’t app specific, but framework specific.  Many carriers use the same basic framework to construct their apps and now all have been found to contain vulnerabilities. The vulnerabilities discovered to this point …

Intel Users Should Update Firmware To Avoid This Ransomware

Not long ago, researchers at Eclypsium got a lucky break.  An unknown and unidentified individual began leaking communications from inside the Conti ransomware organization. These leaked communications seemed to confirm what has long been suspected:  That there are strong ties between the Conti gang and Russia’s FSB (military intelligence). This sounds like something right out of a spy movie, but …

Enemybot Malware May Go Beyond DDOS Attacks

Unless you’re an IT Security Professional, you may never have heard of EnemyBot.  It is a bit like the Frankenstein of malware threats, a botnet that has borrowed code from multiple different sources. While that’s not terribly original, it does make it dangerous. The hackers behind the code are actively adding new exploits as newly disclosed critical vulnerabilities come to …

Screencastify Issue Could Allow Someone To Steal Recorded Videos

Are you one of the legions of users making use of the Screencastify Chrome extension?  It’s a fantastic Chrome extension that allows you to almost effortlessly create screencasts for a variety of purposes. Unfortunately, the web extension also suffers from a critical security vulnerability that allows attackers to take control of a user’s webcam and steal recorded videos. The cross-site …

 New Phishing Attacks Use HTML Email Attachments

HTML attachments as an attack vector may seem a little old school. However, according to statistics compiled by Kaspersky Lab indicates that in 2022, that form of attack is not just simply still being employed, but hackers are making surprisingly regular use of it.  The security company detected more than two million emails of this kind targeting Kaspersky customers in …