The largest theft of Bitcoin from a single individual was allegedly perpetrated by a Canadian teenager. An unnamed youth was arrested last week on suspicion of stealing crypto-currency worth approximately $36.5m from an unnamed victim who is located in the United States. It is alleged that the defendant used a SIM swapping attack to gain access to
Month: November 2021
With the acceleration of cloud migration initiatives—partly arising the need to support a remote workforce during the pandemic and beyond—enterprises are finding that this transformation has introduced new operational complexities and security vulnerabilities. Among these are potential misconfigurations, poorly secured interfaces, Shadow IT (access to unauthorized applications), and an increasing number of connected devices and
Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that’s capable of stealing payment information from compromised websites. “The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms,” researchers from Sansec Threat Research said in an analysis.
by Paul Ducklin As we’ve explained before, the opposite (or perhaps we mean the inverse) of Black Friday wouldn’t be White Friday, it would be Red Friday. The word “black” in the context of the big retail surge that typically follows US Thanksgiving, which is always on a Thursday, refers to ink, from the time
The United States has charged two Iranian computer hackers in connection with a cyber-campaign intended to influence the outcome of America’s 2020 presidential election. An indictment unsealed in New York on Thursday alleges that 24-year-old Seyyed Mohammad Hosein Musa Kazemi and 27-year-old Sajjad Kashian conspired with others to intimidate and influence American voters, undermine voter confidence, and
In this career-journey series, Marketing Director Trevor shares why patient listening is the most helpful skill he’s acquired, the top career advice he’s received, and how his career at McAfee has taken him across four countries and five roles in 11 years. Learn more about the steps they took to find success and their advice
A victim of identity theft tells us how criminals used his identity to commit fraud and what it took to put his life back in order When a former neighbor contacted Martin Kaul (not his real name) in August 2020 to tell him that he’d received a letter at his old address, Martin thought nothing
A threat actor with ties to North Korea has been linked to a prolific wave of credential theft campaigns targeting research, education, government, media and other organizations, with two of the attacks also attempting to distribute malware that could be used for intelligence gathering. Enterprise security firm Proofpoint attributed the infiltrations to a group it
A British man has admitted being a member of an international video piracy ring that illegally distributed “nearly every movie released by major production studios.” On Thursday, before United States District Judge Richard M. Berman, George Bridi pleaded guilty to conspiracy to commit copyright infringement, which carries a maximum sentence of five years in prison. Bridi, who
With the widespread adoption of hybrid work models across enterprises for promoting flexible work culture in a post pandemic world, ensuring critical services are highly available in the cloud is no longer an option, but a necessity. McAfee Enterprise’s MVISION Unified Cloud Edge (UCE) is designed to maximize performance, minimize latency, and deliver 99.999% SLA
Not long ago, disinformation campaigns were rather unsophisticated. These days, however, threat actors put serious time and effort into crafting their attacks. From the Chris Krebs keynote to highlighting third-string, nation-state entrants into the cyber-arms race, the art of targeted disinformation is heating up here at CYBERWARCON. Two years ago (the last time the conference
A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis. “In every attack, the threat actor demonstrates extensive red teaming skills and the
by Paul Ducklin [00’52”] Fun Fact: The dawn of the transistor [01’37”] Emotet malware: “The report of my death was an exaggeration” [08’26”] FBI email hack spreads fake security alerts [15’19”] Tech history: Why tubes are valves, and valves are tubes [16’44”] Samba update patches plaintext password plundering [22’24”] The hijackable self-driving robot suitcase [30’22”]
Entertainment company Sky took more than 17 months to fix a security flaw that impacted roughly six million routers belonging to its customers. The DNS rebinding vulnerability was discovered in May 2020 by Raf Fini, a researcher at British cybersecurity company Pen Test Partners. Six router models were affected by the flaw: Sky Hub 3, Sky Hub 3.5,
In life, regret tends to take on many shapes and forms. We often do not heed the guidance of the common anecdotes we hear throughout our days and years. From “look before you leap” to “an apple a day keeps the doctor away” – we take these sayings in stride, especially when we cannot necessarily
US Government declassifies cybersecurity subjects they want you to learn about, and is hoping to pay you to learn them Recent initiatives, in response to a scathing study highlighting the lack of workforce pools capable of helping the country’s digital defenses, see the government releasing information about the areas on its wish list to prime
Cybersecurity researchers have uncovered as many as 11 malicious Python packages that have been cumulatively downloaded more than 41,000 times from the Python Package Index (PyPI) repository, and could be exploited to steal Discord access tokens, passwords, and even stage dependency confusion attacks. The Python packages have since been removed from the repository following responsible
by Paul Ducklin Remember when people used to upload their SSH keys onto Github and similar code sharing sites by mistake? Two years ago, we wrote about the fact that incautious software developers had uploaded hundreds of thousands of private access control keys, entirely unintentionally, along with source code files that they did intend to
A threat actor believed to be associated with the Democratic People’s Republic of Korea (DPRK) has a certain fondness for repetition, according to new research published today. In the report Triple Threat: North Korea–Aligned TA406 Scams, Spies, and Steals, researchers at Proofpoint shine a light on the nefarious activity of the threat actor TA406, whose campaigns they have
In the October 2021 Threat Report, McAfee Enterprise ATR provides a global view of the top threats, especially those ransomware attacks that affected most countries and sectors in Q2 2021, especially in the Public Sector (Government). In June 2021 the G7 economies urged countries that may harbor criminal ransomware groups to take accountability for tracking
Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Tracked as CVE-2021-34991 (CVSS score: 8.8), the pre-authentication buffer overflow flaw in small office and home office (SOHO) routers
by Paul Ducklin Tommy Mysk and Talal Haj Bakry describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not taking application or operating system security features for granted, but keeping their own eyes
The United States has announced plans to sell tens of millions of dollars’ worth of seized crypto-currency to compensate victims of fraud. On Friday, US District Judge Todd Robinson granted a request from the US Department of Justice and the US Attorney’s Office for the Southern District of California for authority to liquidate BitConnect crypto-currency
Can thieves steal identities with only a name and address? In short, the answer is “no.” Which is a good thing, as your name and address are in fact part of the public record. Anyone can get a hold of them. However, because they are public information, they are still tools that identity thieves can use. If you think of
ESET researchers have discovered strategic web compromise (aka watering hole) attacks against high‑profile websites in the Middle East Back in 2018, ESET researchers developed a custom in-house system to uncover watering hole attacks (aka strategic web compromises) on high-profile websites. On July 11th, 2020 it notified us that the website of the Iranian embassy in
Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities, including data exfiltration and ransomware. The threat actor is believed to have leveraged multiple Fortinet
by Paul Ducklin The Internet of Things (IoT) has become infamous for providing us, in a worrying number of cases, with three outcomes: Connected products that we didn’t know we needed. Connected products that we purchased anyway. Connected products that ended up disconnected in a cupboard. To be fair, not all IoT products fall into
Cybersecurity professionals are unsurprised by the apparent return of Emotet malware. First discovered as a banking trojan in 2014, the malware evolved into a powerful tool deployed by cyber-criminals around the world to illegally access computer systems. The malware’s creators — APT group TA542 — hired Emotet out to other cyber-criminals, who used it to
The malware landscape is growing more complex by the minute, which means that no device under your family’s roof—be it Android, iPhone, PC, or Mac—is immune to an outside attack. This reality makes it possible that one or more of your devices may have already been infected. But would you know it? Ho Ho Ho, Merry Hackmas According
Hackers break into the Bureau’s email systems to send out at least 100,000 emails warning recipients of imminent cyberattacks The Federal Bureau of Investigation (FBI) has had its email servers compromised, with the hackers then sending out tens of thousands of bogus spam emails impersonating the agency and the Department of Homeland Security and claiming