Cybersecurity

The “Pact for the Future”: A Bold Vision for Global Cooperation with Lingering Doubts on SDGs Progress

Global leaders gathered in New York at the Summit of the Future and adopted the "Pact for the Future" on Sunday 22nd September. This is a historic milestone as the Pact is the first international agreement aimed at securing a better digital future for all, grounded in human rights. The recent adoption of the "Pact for the Future" at the United Nations General Assembly marks a significant step toward revitalizing multilateral cooperation in an increasingly fragmented world. more

UN Cyberdiplomcy I: PoC, Cybercrime and the Global Digital Compact

Despite global polarization, recent UN cyber diplomacy has achieved three significant agreements in 2024: a cyber attack reporting system, a convention against cybercrime, and a "Global Digital Compact." These successes show that consensus on global issues is possible, though the vague wording of agreements raises concerns about their long-term effectiveness in ensuring security and peace. more

FBI Takes Down China-Backed Botnet, Facilitates Ransomware Negotiations

The FBI and international partners dismantled a China-backed botnet run by the Integrity Technology Group, a company linked to Chinese government espionage. more

Internet Domain Shutdowns: Ineffective and Risky, Experts Warn

Efforts to curb illegal online content through domain shutdowns are proving ineffective and carry significant risks, according to a new report by eco and its topDNS initiative. more

Cybercrime Costs German Companies €267 Billion, Organised Crime and Foreign Nations Blamed

German companies have suffered substantial financial losses due to cybercrime and sabotage, totaling approximately €267 billion ($298 billion) over the past year. This represents a 29% increase compared to the previous year, according to a survey released on Wednesday by the industry association Bitkom. more

Rising Ransomware Threats and a Record-Breaking $75M Payout

A recent report has revealed an alarming trend in ransomware attacks and a staggering $75 million ransom payout. The report by Zscaler ThreatLabz team indicates a 17.8% increase in ransomware attacks. more

Phishers Exploit the Cybercrime Supply Chain Despite the Availability of Effective Countermeasures

Interisle Consulting Group today released its fourth annual Phishing Landscape report investigating where and how cybercriminals acquire naming and hosting resources for phishing. Our study shows that cybercriminals evolved their tactics for obtaining attack resources, including sharply increasing their exploitation of subdomain and gateway providers. more

An Unnatural .Bond: A Study of a ‘Megacluster’ of Malware Domains

A recent news story, following research from security provider Infoblox, highlighted the case of the 'Revolver Rabbit' cybercriminal gang, who have registered more than half-a-million domains to be used for the distribution of information-stealing malware. The gang make use of automated algorithms to register their domains, but unlike the long, pseudo-random ('high entropy') domain names frequently associated with such tools, the Revolver Rabbit domains instead tend to consist of hyphen-separated dictionary words (presumably so as to obfuscate their true purpose), with a string of digits at the end. more

Analysis of the Global IT Breakdown Caused by Microsoft-CrowdStrike

The Optus outage in Australia from last year was immediately on my mind when on Friday afternoon a similar event swept, this time, across the world. Also, in this case it was a software update that caused the problem. This time from global security software provider CrowdStrike. The culprit appears to be an update to the CrowdStrike Falcon platform, a security monitoring tool widely deployed by businesses and organisations on Microsoft desktop computers and notebooks. more

Kaspersky Lab to Shut Down U.S. Operations Amid Federal Ban

Russian cybersecurity firm Kaspersky Lab has announced the closure of its U.S. division, resulting in layoffs for its U.S.-based employees. The decision follows a recent U.S. Commerce Department ban on the sale of Kaspersky software, effective from July 20, due to national security concerns. more

Security Lapses Lead to Squarespace Domain Hijacks

At least a dozen organizations experienced domain hijacks through the domain registrar Squarespace last week. The incidents, occurring between July 9 and July 12, primarily affected cryptocurrency businesses such as Celer Network, Compound Finance, Pendle Finance, and Unstoppable Domains. more

Biden Administration Probes Chinese Telecom Firms Over U.S. Data Security Concerns

The Biden administration is investigating China Mobile, China Telecom, and China Unicom over concerns that these companies could potentially exploit their access to U.S. data through their cloud and internet services, potentially sharing this data with the Chinese government. more

Biden Administration Bans Kaspersky Software Over National Security Concerns

The Biden administration is set to prohibit the sale of Kaspersky Lab's antivirus software in the U.S., citing national security risks due to the company's ties to the Russian government. more

Researchers Expose Privacy Risks in Apple and Starlink’s Geo-Location Data, Uncovering Military and Civilian Tracking

Researchers from the University of Maryland have revealed significant privacy and security concerns related to the way Apple and Starlink geo-locate devices. Their study found that Apple's Wi-Fi Positioning System (WPS) collects and publicly shares precise locations of Wi-Fi access points. more

UK First Country to Implement Cybersecurity Laws for Smart Devices, Including Banning Easily Guessable Default Passwords

Today UK's new consumer protection laws against hacking and cyber-attacks officially take effect. This legislation, a global first, mandates that all internet-connected smart devices - from smartphones and game consoles to connected refrigerators - meet stringent security standards. more