BBC tightens security after anti-vaxxer ‘death threats’ to staff | Journalist safety- Tempemail

The BBC has upgraded its security protocols after the targeting of a senior journalist and apparent death threats. A message from Fran Unsworth, director of news and current affairs, sent to staff on Friday morning, and seen by the Observer, revealed the corporation had set up a working group to Continue Reading

Black Kingdom ransomware | Securelist- Tempemail

Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware was used by an unknown adversary for exploiting a Microsoft Exchange vulnerability (CVE-2021-27065). The complexity and sophistication of the Black Kingdom family cannot bear a comparison with other Ransomware-as-a-Service (RaaS) Continue Reading

Citrix’s Hacker-Powered Security Growth Plan: Q&A with Abhijith Chandrashekar- Tempemail

With over 400,000 customers, Citrix is a recognized industry leader in both digital workspace technology and in its approach to hacker-powered security. Spearheaded by Abhijith Chandrashekar, PSIRT Manager, Citrix’s security organization is taking a multi-year approach to creating and expanding its hacker-powered security program. Citrix started its hacker-powered security journey Continue Reading

Ferocious Kitten: 6 years of covert surveillance in Iran- Tempemail

Ferocious Kitten is an APT group that since at least 2015 has been targeting Persian-speaking individuals who appear to be based in Iran. Although it has been active for a long time, the group has mostly operated under the radar and has not been covered by security researchers to the Continue Reading

Andariel evolves to target South Korea with ransomware- Tempemail

Executive summary In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. While we were doing our research into these findings, Malwarebytes published a nice report with technical details about the same series of Continue Reading

What It Means for Cloud and SaaS Security – Tempemail

In response to malicious actors targeting US federal IT systems and their supply chain, the President released the “Executive Order on Improving the Nation’s Cybersecurity (Executive Order).” Although directed at Federal departments and agencies, the Executive Order will likely have a ripple effect through the Federal technology supply stream. Private Continue Reading

EBook – Creating a Large Company Security Stack on a Lean Company Budget – Tempemail

The speed at which malicious actors have improved their attack tactics and continue to penetrate security systems has made going bigger the major trend in cybersecurity. Facing an evolving threat landscape, organizations have responded by building bigger security stacks, adding more tools and platforms, and making their defenses more complex—a Continue Reading

PuzzleMaker attacks with Chrome zero-day exploit chain- Tempemail

On April 14-15, 2021, Kaspersky technologies detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. While we were not able to retrieve the exploit used for remote code execution (RCE) in Continue Reading

Top 10 Privacy and Security Features Apple Announced at WWDC 2021 – Tempemail

Apple on Monday announced a number of privacy and security-centric features to its upcoming versions of iOS and macOS at its all-online Worldwide Developers Conference. Here is a quick look at some of the big-ticket changes that are expected to debut later this fall: 1 — Just Patches, Not Entire Continue Reading

Build a Resilient Security Posture with Vulnerability Intelligence and Cybersecurity Ratings- Tempemail

Reducing risk is the fundamental reason organizations invest in cybersecurity. The threat landscape grows and evolves, creating the need for a proactive, continual approach to building and protecting your security posture. Even with expanding budgets, the number of organizations reporting serious cyber incidents and data breaches is rising. Vulnerabilities Leave Continue Reading