Everything you always wanted to know about NFTs (but were too afraid to ask): Lock and Code S02E24
In August, the NFT for a cartoon rock sold for $1.3 million, and ever since then, much of the world has been asking: What the heck is going on? NFTs, or non-fungible tokens, have skyrocketed in popularity this year, with the NFTs for several artworks selling for more than $2 million each; the most....
0.5AI Score
Why Macs are the best, according to Mac expert Thomas Reed: Lock and Code S02E23
In the year 2021, the war for computer superiority has a clear winner, and it is the Macintosh, by Apple. The company's Pro model laptops are finally, belatedly equipped with ports that have been standard in other computers for years. The company's beleaguered "butterfly" keyboard has seemingly...
-0.2AI Score
Decades ago, the promise of the Internet was clear: No one, depending on their age, gender, race, income, or place of birth, would be unwelcome from expressing their thoughts and ideas. Today, that promise has been largely unfulfilled. As Malwarebytes discovered earlier this year, the Internet is.....
7AI Score
Patch now! FatPipe VPN zero-day actively exploited
According to its marketing team, a FatPipe MPVPN can make your VPN "900% more secure." Well, I don't know about that, but I do know a way to make your MPVPN admin console 100% more secure, and that you should do so right away, by installing the latest version of its software. Why? Because older...
7.7AI Score
What does backing up something mean? Backing up is the act of making a copy or copies of a file. These files are stored somewhere other than where the originals are located. You may only need to back up a few files, or it might be a much bigger effort. Requirements may differ greatly depending on.....
6.9AI Score
Why we fail at getting the cybersecurity basics right, with Jess Dodson: Lock and Code S02E21
The cybersecurity basics should be just that—basic. Easy to do, agreed-upon, and adopted at a near 100 percent rate by companies and organizations everywhere, right? You'd hope. But the reality is that basic cybersecurity blunders continue to affect businesses of all sizes, which has led to...
7.1AI Score
Lessons from a real-life ransomware attack
Ransomware attacks, despite dramatically increasing in frequency this summer, remain opaque for many potential victims. It isn’t anyone’s fault, necessarily, since news articles about ransomware attacks often focus on the attack, the suspected threat actors, the ransomware type, and, well, not...
6.9AI Score
"What does online privacy mean to you?" This beguilingly simply question can produce dozens of overlapping and distinct answers, all depending on who you ask. A VPN service might tell you that online privacy means obscuring your IP address and hiding your Internet activity from your Internet...
0.2AI Score
Ransomware: Why do backups fail when you need them most?
It's widely known, and endlessly repeated, that the last, best line of defence against the potentially devastating effects of a ransomware attack is your backups. So why do we keep hearing things like this: We're also feeling relatively confident, we have a very good backup system … and then we...
6.4AI Score
“Killware”: Is it just as bad as it sounds?
On October 12, after interviewing US Secretary of Homeland Security Alejandro Mayorkas, USA TODAY’s editorial board warned its readers about a dangerous new form of cyberattack under this eye-catching headline: “The next big cyberthreat isn't ransomware. It's killware. And it's just as bad as it...
-0.1AI Score
Ransom Disclosure Act would mandate ransomware payment reporting
In an effort to better understand and clamp down on the ransomware economy and its related use of cryptocurrencies, US Senator and past presidential hopeful Elizabeth Warren and US House Representative Deborah Ross introduced a new bill last week that would require companies and organizations to...
6.5AI Score
ExpressVPN made a choice, and so did I: Lock and Code S02E19
On September 14, the US Department of Justice announced that it had resolved an earlier investigation into an international cyber hacking campaign coming from the United Arab Emirates that has reportedly impacted hundreds of journalists, activists, and human rights defenders in Yemen, Iran,...
0.5AI Score
Firefox reveals sponsored ad “suggestions” in search and address bar
Mozilla is trying a novel experiment into striking a balance between ad revenue generation and privacy protection by implementing a new way to deliver ads in its Firefox web browser—presenting them as “suggestions” whenever users type into the dual-use search and URL address bar. The advertising...
-0.3AI Score
Making better cybersecurity training: Q&A with Malwarebytes expert Kelsey Prichard
If you hadn’t noticed by now, we are in the first week of National Cybersecurity Awareness Month, which, according to the Cybersecurity Infrastructure and Security Agency in the United States, means that we should all consider how people, organizations, and businesses can “be cyber smart” this...
-0.4AI Score
What special needs kids need to stay safe online
Online safety is hard enough for most adults. We reuse weak passwords, we click on suspicious links, and we love to share sensitive information that should be kept private and secure. (Just go back a few months to watch adults gleefully sharing photos of their vaccine cards.) The consequences of...
6.9AI Score
Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18
School is fully back in session for kids all across the world, and for many students, that means logging back online to learn, do homework, submit assignments, and maybe even continue some distance learning, depending on their school's pandemic precautions. But with more Internet activity comes...
0.8AI Score
3 security lessons from an MSP that survived the Kaseya VSA attack
Jay Tipton, chief executive for the Managed Service Provider (MSP) Technology Specialists, remembers his Fourth of July weekend this year like many MSP employees likely remember theirs: As a bit of a nightmare. “That’s like the worst feeling you’ll ever have,” Tipton said about his initial...
7.3AI Score
AI Score
0.109EPSS
-0.4AI Score
Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload Vulnerability
Zenitel AlphaCom XE Audio Server versions up to 11.2.3.10 have a web interface called AlphaWeb XE that allows for a remote shell...
8.8CVSS
0.1AI Score
0.109EPSS
8.8CVSS
9AI Score
0.109EPSS
8.8CVSS
-0.1AI Score
0.109EPSS
0.2AI Score
0.109EPSS
Why backups aren’t a “silver bullet” against ransomware, with Matt Crape: Lock and Code S02E17
A recent spate of ransomware attacks in the US and abroad have derailed major corporations, spurring a fuel shortage on the US East Coast, shuttering grocery stores in Sweden, and sending students home from grade schools. The solution, so many cybersecurity experts say, is to implement backups,...
6.9AI Score
FBI warns of ransomware threat to food and agriculture
The FBI has issued a Private Industry Notification (PIN) about cybercriminal actors targeting the food and agriculture sector with ransomware attacks. Farms are literally the first step in one of the most important, if not _the _most important, supply chain in our economy: The food supply chain....
7.5AI Score
WhatsApp hit with €225 million fine for GDPR violations
WhatsApp was hit with a €225 million fine for violating the General Data Protection Regulation (GDPR), the European Union’s sweeping data protection law that has been in effect for more than three years. The fine represents the highest ever penalty levied by the Irish Data Protection Commission,...
AI Score
FTC bans SpyFone and its CEO from continuing to sell stalkerware
Nearly two years after the US Federal Trade Commission first took aim against mobile apps that can non-consensually track people’s locations and pry into their emails, photos, and videos, the government agency placed restrictions Wednesday on the developers of SpyFone—which the FTC called a...
0.6AI Score
No one ever wants a group of hackers to say about their company: "We had the keys to the kingdom." But that's exactly what the hacker Sick Codes said on this week's episode of Lock and Code, in speaking with host David Ruiz, when talking about his and fellow hackers' efforts to peer into John...
0.3AI Score
Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks: Lock and Code S02E15
Nearly one year after the exclusive app Clubhouse launched on the iOS store, its popularity skyrocketed. The app, which is now out of beta, lets users drop into spontaneous audio conversations that, once they are over, are over. With COVID lockdown procedures separating many people around the...
-0.1AI Score
Twitter says it out loud: Removing anonymity will not stop online abuse
An investigation by Twitter into racist tweets levied against three Black players on the English football team following the national hopefuls’ loss against Italy last month revealed that anonymity played almost no role in whether users posted abusive comments from their accounts. The analysis,...
7AI Score
COVID-19 vaccine appointment system attacked in Italy
In another cyberattack on a healthcare system, threat-actors have tried to throw a wrench into the ongoing COVID-19 vaccine roll-out in the region of Lazio, Italy. The large and densely populated region is the country's second most populous and includes the country's capital, Rome. On Sunday the...
0.6AI Score
The 2021 attacks on two water treatment facilities in the US—combined with ransomware attacks on an oil and gas supplier and a meat and poultry distributor—could lead most people to believe that a critical infrastructure “big one” is coming. But, as Lesley Carhart, principal threat hunter with...
1AI Score
CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack
Two months after fully restoring its systems, CNA Financial, the leading US insurance company that was attacked by a group using Phoenix CryptoLocker ransomware, issued a legal notice of an information security incident to the Consumer Protection Bureau in New Hampshire. You may recall that...
7.4AI Score
Pegasus spyware has been here for years. We must stop ignoring it
On July 18, a group of 17 newspaper and media organizations—aided by Amnesty International’s Security Lab and the research group Citizen Lab—revealed that one of the world’s most advanced and viciously invasive spyware tools had been used to hack, or attempt to hack, into 37 mobile phones owned by....
7.6AI Score
Kaseya VSA included at least “seven or eight” privately known zero-day vulnerabilities before it suffered a widespread ransomware attack that impacted hundreds of businesses, said Victor Gevers, chair of the Dutch Institute for Vulnerability Disclosure, or DIVD, a volunteer-run organization that...
-0.1AI Score
3 things the Kaseya attack can teach us about ransomware recovery
Only rarely do companies allow us a look inside their organization while they are recovering from a ransomware attack. Many find it more convenient to keep a low profile or to be secretive. A positive exception to this is found in the Dutch managed service provider (MSP) VelzArt, one of the many...
6.7AI Score
Racing against a real-life ransomware attack, with Ski Kacoroski: Lock and Code S02E12
At 11:37 pm on the night of September 20, 2019, cybercriminals launched a ransomware attack against Northshore School District in Washington state. Early the next morning, Northshore systems administrator Ski Kacoroski arrived on scene. As Kacoroski soon found out, he and his team were on a race...
7AI Score
Microsoft exec reveals “routine” secrecy orders from government investigators
Microsoft executive Tom Burt told Congressional lawmakers Wednesday that Federal law enforcement agencies send “routine” secret orders for customer information from the Seattle-based company, numbering anywhere from 2,400 to 3,500 such requests a year. “While the recent news about secret...
-0.6AI Score
Police seize DoubleVPN data, servers, and domain
A coordinated effort between global law enforcement agencies—led by the Dutch National Police—shut down a VPN service that was advertised on cybercrime forums. The VPN company promised users the ability to double- and triple-encrypt their web traffic to obscure their location and identity. The...
-0.6AI Score
Brave takes aim at Google with privacy-first search engine
The privacy-forward web browser Brave launched its new search engine in beta on Wednesday, promising a more private experience that does not track user searches, build user profiles, or require the use of an external, pre-existing search index to deliver results. Clear from the company’s early...
-0.1AI Score
City of Liège hit by ransomware, Ryuk suspected
Liège, the third largest city in Belgium, and a major educational hub, has been hit by a ransomware attack, disrupting its IT services and network. The municipality of Liege's official website, which was translated from the French. According to its official website (pictures above): The City of...
6.9AI Score
Ransomware attacks are on a different scale this year, with major attacks not just dismantling the business and management of Colonial Pipeline in the US, the Health Service Executive in Ireland, and the meatpacker JBS in Australia, but also disrupting people's access to gasoline, healthcare,...
6.9AI Score
AI Score
0.065EPSS
5.3CVSS
AI Score
0.065EPSS
5.3CVSS
5.7AI Score
EPSS
Clop stopped? Ransomware gang loses Tesla and other treasures in police raid
Ukrainian law enforcement officials announced Wednesday that they had arrested several individuals involved in criminal activity committed by the Clop ransomware gang, a cybercriminal gang that helped popularize the “double extortion” model of not only threatening to encrypt a victim’s files, but.....
6.7AI Score
Working from home? You’re probably being spied on
One year ago, as countless employees settled into new routines for working from home (WFH), a Reddit user shared a video online of a strange contraption: A wire coat hanger bent out of shape, one side gripping an external USB mouse, the other side latched onto an oscillating fan. As the fan...
6.7AI Score
0.1AI Score
7.4AI Score
7.4AI Score