Cybersecurity researchers have demonstrated yet another variation of the Rowhammer attack affecting all DRAM (dynamic random-access memory) chips that bypasses currently deployed mitigations, thereby effectively compromising the security of the devices. The new technique — dubbed “Blacksmith” (CVE-2021-42114, CVSS score: 9.0) — is designed to trigger bit flips on target refresh rate-enabled DRAM chips with
Month: November 2021
by Paul Ducklin You’ve probably seem the breathless media headlines everwhere: “Emotet’s back!” One cybersecurity article we saw – and we knew what it was about right away – didn’t even give a name, announcing simply, “Guess who’s back?” As you almost certainly know, and may sadly have experienced first hand, Emotet is a blanket
A cyber-safety platform has found a humorous way to warn the American public how to spot a gift card scam ahead of the holiday season. ScamSpotter.org has made a series of amusing videos in which some of the ridiculous storylines deployed by gift card scammers are played out by actors. In one Hollywood blockbuster–style dramatization, a
McAfee Enterprise and FireEye recently teamed to release their 2022 Threat Predictions. In this blog, we take a deeper dive into cloud security topics from these predictions focusing on the targeting of API services and apps exploitation of containers in 2022. 5G and IoT Traffic Between API Services and Apps Will Make Them Increasingly Lucrative
A new analysis of website fingerprinting (WF) attacks aimed at the Tor web browser has revealed that it’s possible for an adversary to glean a website frequented by a victim, but only in scenarios where the threat actor is interested in a specific subset of the websites visited by users. “While attacks can exceed 95%
Spain’s second-biggest brewery says it expects to fully recover from a “highly complex” cyber-attack “in the coming days.” Sociedad Anónima Damm, which has been making the world-renowned Estrella Damm lager since 1876, was targeted by cyber-criminals on Tuesday. The attack on the company’s computer systems temporarily halted production at all of Damm’s breweries. However, the main brewery
Becoming a cloud first company is an exciting and rewarding journey, but it’s also fraught with difficulties when it comes to securing an entire cloud estate. Many forwarding-thinking companies that have made massive investments in migrating their infrastructure to the cloud are facing challenges with respect to their cloud-native applications. These range from inconsistent security
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. “Based on our findings, we believe
by Naked Security writer Well-known email tracking organisation Spamhaus, which maintains lists of known senders of spams and scams, is warning of a fraudulent “FBI/Homeland Security” alert that has apparently been widely circulated to network administrators and other IT staff in North America. Indeed, some of our own colleagues have reported receiving messages like this:
A Russian cyber-criminal has been sent to prison in the United States for defrauding American companies out of millions of dollars. Aleksandr Zhukov ran a sophisticated digital advertising scam through purported advertising network Media Methane. In June, he was convicted of wire fraud conspiracy, wire fraud, money laundering conspiracy, and money laundering. Zhukov, the self-styled “king of
November 11 marks Veterans Day in the United States and Remembrance Day across Europe and beyond. Wherever you may be on this 11th day of the 11th month, on the 11th hour, please be thankful to all our Veterans for their service and sacrifice. We would like to take a moment to reflect and honor
Researchers from Qihoo 360’s Netlab security team have released details of a new evolving botnet called “Abcbot” that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service (DDoS) attacks against targets. While the earliest version of the botnet dates back to July 2021, new variants observed
by Paul Ducklin If you use the venerable Samba open source tool anywhere on your network, you’ll want to read up on the latest update, version 4.15.2. Samba is the closest pronounceable word to SMB that Andrew Tridgell, who created the project back in the 1990s, could come up with. SMB, short for Server Message
A program set up to teach cybersecurity skills to autistic and neurodiverse young people in the United Kingdom has received a sizable injection of cash. The UK chancellor of the exchequer, Rishi Sunak, has awarded £100,000 (approximately $135K) to the Cybersecurity Neurodiversity Skills Development Program, described by Native Newspost as “ground-breaking.” The program, which is based in
It would be impossible nowadays to separate our everyday lives from technology. We travel well-worn, comfortable paths online and engage in digital activities that work for us. But could those seemingly harmless habits be putting out the welcome to cyber criminals out to steal our data? It’s a given that our “digital-first mindset” comes with inherent risks. With
It’s often said that data breaches are no longer a matter of ‘if’, but ‘when’ – here’s what your organization should do, and avoid doing, in the case of a breach Globally, data breaches are estimated to cost in excess of $4.2m per incident today. And they’re happening on an unprecedented scale as organizations build
Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy an array of threats, including banking malware, remote administration trojans (RATs), and ransomware payloads. Microsoft 365 Defender Threat Intelligence Team, in a new report published Thursday, disclosed that it identified infiltrations distributing
by Paul Ducklin [00’21”] We enjoy the Sophos 2022 Threat Report. [02’10”] The world’s {oldest, coolest} continously maintained browser. [03’39”] Facebook folds up its Face Recognition feature. [08’24”] Crooks combine a new social engineering scam with a new way of packaging malware. [23’11”] Kaseya ransomware suspect busted in Poland. [28’00”] Oh! No! How to block
The skills-to-job consortium CyberVetsUSA is launching a new pilot program in Nebraska that aims to fast-track military veterans into new cybersecurity careers. CyberVetsUSA exists as a public-private partnership between non-profit and Veteran Service Organizations (VSOs), tech employers, institutions of higher education, and local government agencies. It was launched in 2017 with the mission to increase the available
Spyware is tricky. Some types notify users that they’re monitoring activity. Others function in stealth mode and use the information they collect for nefarious purposes. Spyware is a type of software that collects data about online users and reports it to a company or an individual. What just about everyone can agree on is that anonymous browsing is looking more and more appealing
The tech giant wins an appeal against a claim that it unlawfully collected personal data of millions of iPhone users Google has just scored a major court win after the United Kingdom’s Supreme Court has thrown out a mass action lawsuit where the company could have ended up paying billions in compensation to millions of
A new cyber mercenary hacker-for-hire group dubbed “Void Balaur” has been linked to a string of cyberespionage and data theft activities targeting thousands of entities as well as human rights activists, politicians, and government officials around the world at least since 2015 for financial gain while lurking in the shadows. Named after a many-headed dragon
by Paul Ducklin The November 2021 Patch Tuesday updates from Microsoft and Adobe are out. Microsoft documented 34 different bugs that were worrisome enough to get CVE numbers, while Adobe listed three (the Adobe products with bugs of CVE-level seriousness are RoboHelp Server, InCopy and Creative Cloud, in case you were wondering). You can read
Visitors to the website of Britain’s biggest angling outfitter were redirected to an adult website based in Canada in a recent cyber-attack. Angling Direct PLC discovered that something fishy was going on with their website late on Friday when unauthorized activity was detected. On Monday, it was determined that attackers had hacked into the Angling
Authored By Kiran Raj Due to their widespread use, Office Documents are commonly used by Malicious actors as a way to distribute their malware. McAfee Labs have observed a new threat “Squirrelwaffle” which is one such emerging malware that was observed using office documents in mid-September that infects systems with CobaltStrike. In this Blog, we
An attacker gained access to some of Robinhood’s customer support systems and stole the personal data of around a third of the app’s userbase Robinhood, the highly popular trading platform, has revealed that it suffered a cybersecurity breach on November 3rd that affected some 7 million of its users. “An unauthorized third party obtained access
An ongoing mobile spyware campaign has been uncovered snooping on South Korean residents using a family of 23 malicious Android apps to siphon sensitive information and gain remote control of the devices. “With more than a thousand South Korean victims, the malicious group behind this invasive campaign has had access to all the data, communications,
by Naked Security writer The name “Kaseya” has become one of the biggest words in ransomware infamy. Cybercriminals penetrated the IT management business Kaseya earlier this year and used the company’s own remote management tools to wreak simultaneous ransomware havoc across its customer base. Unfortunately for the many victims of the attack, Kaseya’s software required
Small and mid-sized businesses (SMBs) were today granted free access to a virtual security awareness training program. The program was put together by six-year-old security awareness training company Curricula, which is based in Atlanta, Georgia. In a statement released Tuesday, Curricula said: “Our team at Curricula is proud to announce a free security awareness training program designed to
The Robinhood trading platform recently disclosed a data breach that exposed the information of millions of its customers. News of the attack was released on Monday, November 8th along with word the hackers behind it had demanded an extortion payment from the company. According to Robinhood’s disclosure, the attack occurred on November 3rd, which allowed an unauthorized party to obtain the following: Email addresses for some 5 million people. Full names