You’d be surprised to know what devices are still using Windows CE
The Arid Viper threat actor is actively trying to install spyware on targeted devices in the Middle East, using fake dating apps as lures.
How helpful are estimates about how much cyber attacks cost?
New YoroTrooper research, the latest on the Cisco IOS vulnerability, and more.
More helpful resources for users of all skill levels to help you Take a Security Action
Taking a “Security Action” of any kind — whether it be simply enabling multi-factor authentication for your online banking login or marking that weird email as spam — can go a long way toward you and any organizations you’re a part of be more security resilient.
Top resources for Cybersecurity Awareness Month
Plus, many of the world’s largest cloud providers are warning of a vulnerability that attackers exploited in August to launch the largest distributed denial-of-service attack on record.
Is it bad to have a major security incident on your résumé? (Seriously I don’t know)
Plus, Qakbot appears to be still active, despite efforts from the FBI and other international law enforcement agencies to disrupt the massive botnet.
The security pitfalls of social media sites offering ID-based authentication
Two notable vulnerabilities in Google Chrome should be patched asap, and an allegedly new ransomware-as-a-service group.
What’s the point of press releases from threat actors?
It reads as if ALPHV really wants to come across as the “good guys” in this case, but I’m not sure who outside of dark web circles would be willing to feel sorry for them.
Turns out even the NFL is worried about deepfakes
With the popularity of pay-for-shoutout services like Cameo, it’d be fairly easy for someone to develop a convincing enough deepfake of a player and try to steal someone’s money by saying they could prank their fantasy football league for $50.
A secondhand account of the worst possible timing for a scammer to strike
Cybercriminals are abusing Advanced Installer, a legitimate Windows tool used for creating software packages, to drop cryptocurrency-mining malware on infected machines, new Cisco Talos research shows.