A pressing cybersecurity risk has emerged just a year following the notorious Mirai botnet attack, which disrupted numerous Internet services through extensive DDoS attacks. Security researchers are now raising alarms about a new IoT botnet known as “IoT_reaper,” first identified by experts from Qihoo 360. This malware has distinct characteristics,…
Recent Findings on BlackPOS Malware Developer In a significant update from cybersecurity firm IntelCrawler, details have emerged about the individual behind the notorious BlackPOS malware. This malware previously played a crucial role in the data breaches that affected well-known retailers such as Target and Neiman Marcus. Reports indicate that the…
Transcript This transcript has been streamlined for clarity. Mathew Schwartz: Hello. I’m Mathew Schwartz from Information Security Media Group, and today I’m joined by Candid Wüest, a prominent security advocate at Xorlab. Candid, it’s a pleasure to have you here. Candid Wüest: Thank you for having me. Mathew Schwartz: You…
Indian Hotels Reassess Contracts Amid New Data Protection Law In the wake of the Digital Personal Data Protection (DPDP) Act’s implementation last year, numerous hotel operators across India are undertaking a significant review of their existing contracts with international partners and online booking platforms. This new privacy legislation imposes stringent…
On Friday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) catalog, identifying three flaws currently being actively exploited. This addition underscores the persistent threat landscape faced by organizations, especially those in critical sectors. Among the newly acknowledged vulnerabilities is CVE-2022-24990, which affects TerraMaster network-attached…
New Cryptographic Vulnerability: DUHK A recent cryptographic vulnerability known as DUHK, which stands for “Don’t Use Hard-coded Keys,” has emerged as a significant concern for VPN and web browsing security. This non-trivial flaw could enable attackers to extract encryption keys, potentially compromising sensitive data. The DUHK vulnerability follows closely on…
Recent developments surrounding the notorious BlackPOS malware have revealed critical details about its origin. Initially attributed to a 17-year-old known as “ree[4]“, investigations by cybersecurity firm IntelCrawler have identified a 23-year-old hacker named Rinat Shabayev as its original developer. BlackPOS, also referred to as “reedum” or ‘Kaptoxa’, has been implicated…
Webinar Announcement: Bridging the Gap from Compliance to Cyber Readiness In today’s rapidly evolving digital landscape, businesses face increasing challenges when securing their data against cyber threats. A significant upcoming webinar, titled “From Compliant to Cyber Ready: Closing the Gap,” aims to address these very concerns. This session focuses on…
Hackers Breach Data of Over 620,000 Customers at Dutch Telecom Provider Odido In a significant cybersecurity incident, hackers have unauthorized access to sensitive customer data linked to approximately 620,000 accounts at Odido, a Dutch telecommunications operator. This event marks one of the largest data breaches reported in the Netherlands in…