Cybersecurity researchers have disclosed multiple vulnerabilities in a third-party driver software developed by Eltima that have been “unwittingly inherited” by cloud desktop solutions like Amazon Workspaces, Accops, and NoMachine and could provide attackers a path to perform an array of malicious activities. “These vulnerabilities allow attackers to escalate privileges enabling them to disable security products,
Month: December 2021
The United States has imprisoned a woman for her role in a child sexual abuse material (CSAM) subscription service that produced millions of images and videos of sexualized minors. Patrice Eileen Wilowski-Mevorah of Tampa, Florida, was one of four people charged in August in connection with the Newstar Websites operated by Newstar Enterprise, out of Florida. Since then, two
Your Cybersecurity Comic Relief CVE-2021-20322: Of all the words of mice and men, the saddest are, “it was DNS again.” Why am I here? For all our newcomers, welcome to the Advanced Threat Research team’s monthly bug report – a digest of all the latest and greatest vulnerabilities from the last 30-ish days based on merits just
Ever since the Morris worm, buffer overflows have become notorious fare in the world of vulnerabilities The Morris worm of 1988 was one of those industry-shaking experiences that revealed how quickly a worm could spread using a vulnerability known as a buffer overflow or buffer overrun. Around 6,000 of the 60,000 computers connected to ARPANET,
Users looking to activate Windows without using a digital license or a product key are being targeted by tainted installers to deploy malware designed to plunder credentials and other information in cryptocurrency wallets. The malware, dubbed “CryptBot,” is an information stealer capable of obtaining credentials for browsers, cryptocurrency wallets, browser cookies, credit cards, and capturing
by Paul Ducklin Two weeks ago, after three software audits and three months of live testing, a cryptocurrency startup called MonoX introduced what it described as “the premier bootstrap decentralized exchange, Monoswap”. In an announcement on 23 November 2021, the company declared: MonoX will revolutionize the DeFi ecosystem by fixing the capital inefficiencies of current
Nearly all railroads and airlines in the United States have been ordered to report cybersecurity breaches to the federal government. Under the new Transportation Security Administration–issued mandate, rail operators, airport operators and airline operators will be required to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency within 24 hours of detection. All three
You consider yourself a responsible person when it comes to taking care of your physical possessions. You’ve never left your wallet in a taxi or lost an expensive ring down the drain. You never let your smartphone out of your sight, yet one day you notice it’s acting oddly. Did you know that your device can fall into cybercriminals’ hands without
Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. The issue, assigned the identifier CVE-2021-44515, is
by Paul Ducklin The UK legislature is currently interested in a law about what it calls PSTI, short for Product Security and Telecommunications Infrastructure. If you’ve seen that abbreviation before, it’s almost certainly in the context of the PSTI Bill. (A Bill is proposed new legislation that has not yet been agreed upon; if ultimately
The UK’s data watchdog has slapped the British government with a hefty fine for exposing the addresses of individuals chosen to receive honors. The Information Commissioner’s Office (ICO) said that the safety of hundreds of 2020 New Year Honors recipients had been placed in jeopardy after their personal data was published online. “On 27 December 2019 the Cabinet Office
You open up your laptop and check the daily news. You see a headline stating that one of your favorite online retailers was breached and that thousands of their customers’ passwords were exposed. Data breaches like this frequently appear in the news, but many consumers don’t realize the implications these breaches have on their personal privacy. When data breaches occur, oftentimes billions of these hacked login credentials become available on the dark
Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues
by Paul Ducklin Renowned bug-hunter Tavis Ormandy of Google’s Project Zero team recently found a critical security flaw in Mozilla’s cryptographic code. Many software vendors rely on third-party open source cryptographic tools, such as OpenSSL, or simply hook up with the cryptographic libraries built into the operating system itself, such as Microsoft’s Secure Channel (Schannel)
A man from Oregon has been charged with stealing confidential data from his employer and secretly extorting the company for a $2m ransom while purporting to be working on remediating the theft. Portland resident Nickolas Sharp allegedly stole gigabytes of data from Ubiquiti Inc., a technology company headquartered in New York, where Sharp was employed from August 2018 to
And just like that, the holidays are here! That means it’s time to grab your devices and credit cards for some online holiday shopping. But while you plan to share the merry and shop for gifts, criminals are preparing some not-so-festive tricks of their own. Let’s unwrap the top four phishing scams that users should beware
Fraudsters take advantage of the emergence of the new variant to dupe unsuspecting victims out of their sensitive data Sensing another opportunity to take advantage of fears surrounding the COVID-19 pandemic, scammers are deploying a phishing campaign where they attempt to exploit the emergence of the Omicron coronavirus variant in order to line their pockets,
A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes’ latest findings go into detail about the new tactics and tools adopted by the APT group
by Paul Ducklin [00’23”] Fun Fact: Ebooks reach their half-century. [00’58”] Call scammers and cryptocoin treachery. [07’34”] Cloud insecurity and yet more cryptocoin treachery. [16’15”] Tech History: The interwoven story of Mary Shelley, Ada Lovelace and AI ethics. [18’26”] Facial recognition creepiness. [25’23”] Oh! No! The wannabe wizard that went to school with a trainee
A cyber-attack on Planned Parenthood Los Angeles (PPLA) has resulted in the exposure of patients’ personally identifying information (PII). The agency said in a notice posted to its website on Wednesday that suspicious activity was detected on its computer network on October 17. An investigation into the activity remains ongoing; however, it has been determined that an
I think it’s fair to say that come to next Australia Day, there needs to be a special award category for parents of young children who survived home learning during the lockdowns. Let’s be honest – it’s been brutal! So many parents had to juggle their own full-time work, running a household, AND supervising a
Press play for the first episode as host Aryeh Goretsky is joined by Zuzana Hromcová to discuss native IIS malware Did you ever wonder why researchers behind a cybersecurity discovery chose to go down that particular rabbit hole? What made them curious about that specific malware family, variant, or campaign? Did they come up with
Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. “These people are at the center of critical communities for public debate,”
The United States has sent a fourth member of the international hacking group known as The Community to prison. Garrett Endicott, of Warrensburg, Missouri, was the last of six defendants to be sentenced in connection with a multi-million-dollar SIM-swapping conspiracy that claimed victims across the country, including in California, Missouri, Michigan, Utah, Texas, New York and Illinois.
Online is a little different for everyone How do you connect online these days? I’ll give you an example from my own life: From my 15-year old son to my 80-year-old mother, not one of us leaves the house without our phone. And today, there isn’t a single thing you can’t do on your phone. It’s the minicomputer that goes where you go. This
ESET researchers studied all the malicious frameworks ever reported publicly that have been used to attack air-gapped networks and are releasing a side-by-side comparison of their most important TTPs Air-gapping is used to protect the most sensitive of networks. In the first half of 2020 alone, four previously unknown malicious frameworks designed to breach air-gapped
A newly discovered botnet capable of staging distributed denial-of-service (DDoS) attacks targeted unpatched Ribbon Communications (formerly Edgewater Networks) EdgeMarc appliances belonging to telecom service provider AT&T by exploiting a four-year-old flaw in the network appliances. Chinese tech giant Qihoo 360’s Netlab network security division, which detected the botnet first on October 27, 2021, called it
The former dean of a business school in Philadelphia has been found guilty of involvement in a fraudulent scheme to doctor program rankings using false data. Moshe Porat, of Bala Cynwyd, Pennsylvania, was dean of Temple University’s Richard J. Fox School of Business and Management for more than two decades, from 1996 until 2018. On
Relying on the kindness of strangers is not an ideal strategy for CISOs and CIOs. And yet that is the precise position where most find themselves today while trying to battle cybersecurity issues across their supply chain. While these supply chains have plenty of their own challenges, such as global disruptions of distribution, our recent
One of the harsh realities of cybersecurity today is that malicious actors and attackers don’t distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting the challenges in the current security landscape requires constant attention, and sometimes a little support. XDR provider Cynet has