Davey Winder

Halifax

Journalist at Freelance

Senior Contributor at Forbes

Contributing Editor at PC Pro

Senior Contributor @Forbes Contributing Editor @pcpro - he/him - [email protected] - "All My Opinions Are Belong To Me"

Featured in: Favicon

forbes.com Favicon

pcpro.co.uk Favicon

uol.com.br Favicon

theguardian.com Favicon

flipboard.com Favicon

theregister.com Favicon

pocket-lint.com Favicon

itpro.com

forbes.com.br Favicon

alphr.com + 38 more

Articles

Forbes JAPAN 公式サイト（フォーブスジャパン）

4 days ago | forbesjapan.com | Davey Winder

筆者は犯罪者たちを「ソーシャルエンジニア」と呼ぶつもりはない。そう呼ぶと、ある程度のプロフェッショナリズムがあるように聞こえてしまうからだ。しかし、犯罪者は人々を詐欺やサイバー攻撃に引っかけるために、注目度の高いニュースを利用することを好む。最近では、政府効率化省（DOGE）を絡めた1兆ドル（約144兆円）規模のランサムウェア攻撃者による手口や、ローマ教皇フランシスコの死去を悪用するひどい事件が起きたばかりだ。トランプ大統領の関税政策をめぐる世界的な騒動をサイバー犯罪のフィッシング集団が利用するのは、時間の問題にすぎなかったが、その時はまさに今来ている。以下に示すのが、CoGUIと呼ばれるフィッシングキットによる攻撃について知るべきことだ。 CoGUIサイバー攻撃の解説...
Microsoft Confirms Critical 10/10 Cloud Security Vulnerability

5 days ago | forbes.com | Davey Winder

It’s not often that a truly critical security vulnerability emerges that hits the maximum Common Vulnerability Scoring System severity rating of 10. This is one of those times. Microsoft has confirmed multiple vulnerabilities rated as critical and impacting core cloud services, one of which has reached the unwelcome heights of that 10/10 criticality rating.
New $1 Trillion DOGE-Trolling Ransomware Attacks Confirmed

5 days ago | forbes.com | Davey Winder

Just as you were hoping the ransomware threat might have started to ebb, the bad news keeps flowing in. From government warnings as hackers target passwords and 2FA codes to use in their extortion attacks, one ransomware campaign dropping zero-days, and researchers indicating a 5,365 ransomware attack rampage. There has been some good news, such as the notorious LockBit group being hacked and details of their crypto wallets being leaked.
Forbes JAPAN 公式サイト（フォーブスジャパン）

6 days ago | forbesjapan.com | Davey Winder

最近のサイバーセキュリティに関するニュースの見出しをふたつの脅威が席巻している。フィッシング詐欺と2要素認証（2FA）回避攻撃だ。もちろん前者は後者の前段階として用いられることが多い。では、もしこれらふたつを組み合わせた致命的な攻撃があったらどうなるだろうか。ようこそ、Darcula（ダーキュラ）とMagic Cat（マジックキャット）が繰り広げる非常に危険な世界へ。ここでは、もしあなたが十分な回数クリックしてしまえば、ほぼ90万件近いクレジットカードが盗まれる可能性があることが証明されている。ダーキュラの猛威：32カ国、1300万クリック、88万4000枚分のクレジットカード情報が盗難サイバーセキュリティ企業Mnemonic（ニーモニック）のハリソン・サンドとエルレンド・ライクネスの調査によると、ダーキュラグループと呼ばれるサイバー犯罪者たちはマジックキャットと呼ばれるカスタムマルウェアを使い、主に北米と欧州の消費者を標的にクレジットカード情報を盗んでいるという。...
FBI Warns Of Router Attacks — Is Yours On The List Of 13? | Flipboard

6 days ago | flipboard.com | Davey Winder

Cyber sexual assault is about nonconsensual access to the most intimate parts of someone's life. And unlike traditional sexual violence, it doesn't require physical contact. We’ve spent our careers representing survivors of sexual violence − young women and men who were failed by institutions that …
Google Confirms Android Attack Warnings - Powered By AI

6 days ago | forbes.com | Davey Winder

When it comes to the attention of cybercriminals, you can bet that Google holds it. Whether it’s the latest confirmed attack targeting Gmail users, password security threats, or zero-day vulnerabilities, Google is right there in tight focus.
FBI Warns Of Router Attacks - Is Yours On The List Of 13?

6 days ago | forbes.com | Davey Winder

You might be used to the Federal Bureau of Investigation issuing warnings about critical ransomware attacks, or advising do not click on anything as new phishing threats emerge, maybe even the danger from armed response units posed by a rise in internet swatting attacks. But that doesn’t mean the more mundane alerts from the FBI shouldn’t be taken just as seriously. Take, for example, the latest FBI Flash from its cyber division that warns users of end-of-life routers that they are under attack.
60,000 Bitcoin Wallets Leaked As LockBit Ransomware Hackers Get Hacked

6 days ago | forbes.com | Davey Winder

Scammers who prey on the fears of individuals are high on my list of “most hated” cybercriminals, if I’m being honest, but they are not number one. That honour belongs to the organized ransomware gangs that have absolutely no qualms about attacking hospitals and blood banks, literally putting lives at risk in the pursuit of illicit profit.
Play Ransomware Zero-Day Attacks - US, Saudi Arabia Have Been Targeted

6 days ago | forbes.com | Davey Winder

Update, May 8, 2025: This article has been updated with comments from a cybersecurity expert regarding the use of zero-day exploits in the Play ransomware attacks. The ransomware threat is far from over, despite the internal private communications of some of the cybercriminal gangs being leaked, snitches being offered big bucks for information on gang members, and the childishness of DOGE-trolling attackers demanding $1 trillion payments.
DDoS denied: law enforcement takes down attacks for hire platforms in major bust

6 days ago | techfinitive.com | Davey Winder

It’s all too easy to think of cybersecurity in terms of defending against headline-generating risks: ransomware, zero-day vulnerabilities, credential-stealing malware and socially-engineered hack attacks. But, in my best Morpheus from the Matrix voice, what if I were to tell you that one of the oldest threats to your organisation remains as active as ever? That it has evolved to incredible new heights and can cost you dearly in terms of both reputation and bottom line?