Recent Security News
-
SpectralBlur: New macOS Backdoor Threat from North Korean Hackers
January 5, 2024 at 11:15AM Cybersecurity researchers have identified a new Apple macOS backdoor called SpectralBlur, attributed to North Korean threat actors. It has capabilities such as uploading/downloading files and running shell commands. The malware shares similarities with KANDYKORN, showcasing the growing focus of North Korean threat actors on macOS, particularly in cryptocurrency and blockchain…
-
Memorial University recovers from cyberattack, delays semester start
January 5, 2024 at 10:37AM The Memorial University of Newfoundland (MUN) is managing repercussions of a cyberattack, affecting the Grenfell campus and impacting IT services at the Marine Institute. The university is diligently restoring services, with support from additional IT personnel. Although internet and WiFi are still down for resident students, there is no indication…
-
Why Red Teams Can’t Answer Defenders’ Most Important Questions
January 5, 2024 at 10:06AM In 1931, Alfred Korzybski emphasized the limitations of models, likening them to maps that cannot fully represent reality. Red-team assessments often fail to test enough attack variants to accurately gauge defense strength, leaving defenders uncertain about their security posture. To address this, organizations can explore alternatives like Atomic Testing and…
-
In Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking Attempt
January 5, 2024 at 10:06AM SecurityWeek publishes a concise weekly cybersecurity roundup, highlighting significant stories that may have gone unnoticed. This week features Russian hack of Ukraine’s telecoms giant, cyberattack on a Pennsylvania water facility, Pegasus spyware targeting Indian journalists, vulnerabilities in various systems, Let’s Encrypt’s annual report, and cybercrime developments. Other stories cover ransomware…
-
BreachForums boss busted for bond blunders – including using a VPN
January 5, 2024 at 09:44AM Cybercriminal Pompompurin, aka Conor Brian Fitzpatrick, was arrested for violating pretrial release conditions, leading to custody until sentencing. Facing charges for access device fraud, child sex abuse material possession, and operating BreachForums. October’s sentencing postponed to January due to a pending evaluation. Fitzpatrick’s site sparked numerous cybercrimes and continues under…