Operation Disruptor has led to a wave of arrests and seizures, but the dark web drug market has bounced back before. It’s one of the largest global dark web takedowns to date: 179 arrests spread across six countries; 500 kilograms of drugs seized; $6.5 million in cash and cryptocurrency confiscated. And while it was announced… Read More


The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. US officials talk about all the methods the Chinese government and its agents have been using to target US companies and… Read More


Companies House has forced a company to change its name after it belatedly realised it could pose a security risk. The company now legally known as “THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD” was set up by a British software engineer, who says he did it purely because he thought it… Read More


Tesla’s Autopilot system relies on vision rather than LIDAR, which means it can be tricked by messages on billboards and projections created by hackers. Security researchers have demonstrated how Tesla’s Autopilot driver-assistance systems can be tricked into changing speed, swerving or stopping abruptly, simply by projecting fake road signs or virtual objects in front of… Read More


Guardicore has discovered FritzFrog, a sophisticated peer-to-peer (P2P) botnet which has been actively breaching SSH servers since January 2020. Golang-Based Malware: FritzFrog executes a worm malware which is written in Golang, and is modular, multi-threaded and fileless, leaving no trace on the infected machine’s disk. Actively Targeting Government, Education, Finance and more: FritzFrog has attempted… Read More


I haven’t written an “attack of the week” post in a while, and it’s been bumming me out. This is not because there’s been a lack of attacks, but mostly because there hasn’t been an attack on something sufficiently widely-used that it can rouse me out of my blogging torpor. But today brings a beautiful… Read More


Gangs of cybercriminals forced British companies to pay out more than £200 million in ransoms last year, experts have revealed. The extortionists, many from Russia or Eastern European countries, are targeting well-known businesses with malicious software and then charging them tens of millions of pounds to regain access to networks. Companies fearful of public embarrassment,… Read More


Cybercrime rewards innovative organizations. These can innovate at the tactical level (e.g. new or updated tactics, techniques, and procedures (TTP)), the strategic level (e.g. new monetisation methods), or at the operational level—the management of resources and personnel to achieve strategic objectives. This is operational art. Source: okta… Read More


A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk inRFC791— a standard that describes the Internet Protocol (IP). Among the various technical details, RFC791 is also the standard that describes… Read More