The notorious Emotet malware has turned to deploy a new module designed to siphon credit card information stored in the Chrome web browser. The credit card stealer, which exclusively singles out Chrome, has the ability to exfiltrate the collected information to different remote command-and-control (C2) servers, according to enterprise security company Proofpoint, which observed the component on June 6. The development comes amid a spike in Emotet...
Read More
What is SSO? Single sign-on (SSO) is a centralized session and user authentication service in which one set of login credentials can be used to access multiple applications. Its beauty is in its simplicity; the service authenticates you on one designated platform, enabling you to then use a variety of services without having to log in and out each time. In the most common arrangement, the identity...
Read More
Sourcing and keeping appropriate staff may be critical to improving cybersecurity capabilities, but as economic uncertainty and difficult labour markets buffet businesses this year experts warn that businesses must make “systemic changes” to meet their staffing requirements. The economic uncertainty was highlighted by a recent Australian Information Industry Association (AIIA) member survey that found 47% of businesses expressed confidence in the economy this year, compared with...
Read More
Cybersecurity researchers have disclosed a new ransomware strain called GoodWill that compels victims into donating for social causes and provide financial assistance to people in need. "The ransomware group propagates very unusual demands in exchange for the decryption key," researchers from CloudSEK said in a report published last week. "The Robin Hood-like group claims to be interested in helping the less fortunate, rather than extorting victims...
Read More
A pair of critical flaws in industrial Internet of Things data platform vendor Open Automation Software (OAS) are threatening industrial control systems (ICS), according to Cisco Talos. They're part of a group of eight vulnerabilities in OAS software that the vendor patched this week. Among the flaws is one (CVE-2022-26082) that gives attackers the ability to remotely execute malicious code on a targeted machine to disrupt or alter its...
Read More
Intel revealed a string of security advancements at its inaugural Intel Vision event this week, including Project Amber — a security as a service initiative for confidential computing — as well as increased collaboration for secure and responsible developments in AI, and a phased approach to quantum-safe cryptography. Project Amber is aimed at providing organizations with remote verification of security in cloud, edge, and on-premises environments. "As...
Read More