You are here
Home > Be Aware

How to create a hidden admin account in macOS

I wouldn't suggest that everyone does this but I'd like to point out that it's best practise that your 'normal' user account should never have administrator privileges. Get used to having to login as an admin if you want to do admin-y stuff...: That's the essence of this pro tip—creating a hidden administrative account in macOS. It's not intended to single-handedly thwart anyone looking to gain access to or attempt to compromise the local admin account on your Macs. When use

Cybersecurity operations at most companies in India are inadequate: Ernst & Young

Why is this important? Because a significant amount of all of our data is processed by these companies. Time to review your supply chain security...: New Delhi: Cybersecurity operations at most companies in India are inadequate and do not meet the security needs, a report by Ernst & Young said, here on Thursday. The 'EY Global Information Security Survey 2018-19 - India Edition' suggested that companies should invest in analytical capabilities as they would enhance threa

Windows Executable Masks Mac Malware

Sneaky b*****ds. I use Little Snitch, so will check the latest installer for .EXE files... A new strain of MacOS malware disguises itself as a Windows executable file to evade detection and embed itself on a system. But the malware authors aren't exactly in the cross-platform avant-garde: the .EXE file that carries the MacOS malware will not, in fact, execute on a Windows machine. Welcome to the malware rabbit hole. Researchers from Trend Micro discovered the malware i...

Bomb Threat Hoaxer Exposed by Hacked Gaming Site

If you need a reminder to keep your private and public online personas separate...: Federal authorities this week arrested a North Carolina man who allegedly ran with a group of online hooligans that attacked Web sites (including this one), took requests on Twitter to call in bomb threats to thousands of schools, and tried to frame various online gaming sites as the culprits. In an ironic twist, the accused — who had fairly well separated his real life identity from his onli

Chubb: Significant Perception Gap in Cyber Awareness

One of my favourite concepts is 'conspiracy vs. cockup'. This survey of businesses in APAC dispels the belief that it's some mysterious elite hacker or nation state that is going to cause a cyber incident by targeting your business ('conspiracy'). It's much more likely to be a cockup by a supplier or employee...: [...] While many SMEs feel better prepared than larger companies to manage cyber incidents, smaller companies have a relatively larger exposure, as they face the sa

Patch Tuesday, February 2019 Edition

"Gentlemen, start your (patching) engines..." I had a raft of updates this morning, but it was worth doing as some of them are 'critical' as pointed out by Brian Krebs...: Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system. This month’s patch batch tackles some notable threats to enterprises — including multiple flaws that were publicl

Dunkin’ Donuts accounts compromised in second credential stuffing attack in three months

Good reasons not to use the same details for multiple sites...: Dunkin' Donuts announced today that it was the victim of a credential stuffing attack during which hackers gained access to customer accounts. This marks the second time in three months that the coffee shop chain notifies users of account breaches following credential stuffing attacks. Credentials stuffing is a cyber-security term that describes a type of cyber-attack where hackers take combinations of use

Cyber sex crimes against children have trebled in three years, NSPCC warns

There have bee a number of articles recently in the UK press about how easy it is for teenagers (and younger) to gain access to Tinder, Grindr etc. The flipside is how easy it is for paedophiles to contact them...: Cases of paedophiles using the internet to commit sex crimes against children have trebled in three years, figures show, prompting renewed demands for tougher regulation of social media companies. The number of cyber sex offences against children increased to 9

Russia to disconnect from the internet as part of a planned test

Cue memes about massive reductions in porn, spam and other nastiness and wailing and gnashing from those unable to get cheap video downloads for a while...: Russian authorities and major internet providers are planning to disconnect the country from the internet as part of a planned experiment, Russian news agency RosBiznesKonsalting (RBK) reported last week. The reason for the experiment is to gather insight and provide feedback and modifications to a proposed law introd

Don’t click that link! How criminals access your digital devices and what happens when they do

Thinking of sharing some snippet of your life on social media? [...] According to insurance claim data of businesses based in the UK, over 66% of cyber incidents are caused by employee error. Although the data attributes only 3% of these attacks to social engineering, our experience suggests the majority of these attacks would have started this way. For example, by employees not following dedicated IT and information security policies, not being informed of how much of th