Latest analysis into the wiper malware that targeted dozens of Ukrainian agencies earlier this month has revealed “strategic similarities” to NotPetya malware that was unleashed against the country’s infrastructure and elsewhere in 2017. The malware, dubbed WhisperGate, was discovered by Microsoft last week, which said it observed the destructive cyber campaign targeting government, non-profit, and
Month: January 2022
A man from Connecticut has been arrested on suspicion of using digital devices to record his neighbors. Waterford resident Keith Hancock allegedly recorded 10 victims from outside their homes, two of whom were juveniles. Six of the individuals were filmed while undressing. Hancock is also suspected of recording more victims while inside his home on Overlook Drive.
In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer’s website were backdoored with malicious code in the first half of September 2021 with the goal of infecting further sites. The backdoor gave the attackers full administrative control over websites that used 40 themes and 53
by Paul Ducklin Maltese cryptocoin broker Foris DAX MT Ltd, better known by its domain name Crypto.com, experienced a multi-million dollar “bank robbery” earlier this month. According to a brief security report published yesterday, 483 customers experienced ghost withdrawals totalling just over 4800 Ether tokens, just over 440 Bitcoin tokens, and just over $66,000 in
Most parents may find it difficult to relate to today’s form of cyberbullying. That’s because, for many of us, bullying might have come in a series of isolated, fleeting moments such as an overheard rumor, a nasty note passed in class, or a few brief hallway confrontations. Fast forward a few dozen decades, and the
Merck has won a long-running legal battle to force its insurer to cover the costs of damages caused by the NotPetya ‘ransomware’ attacks. The pharma giant was one of many big-name multinationals hit by the destructive malware, disguised as ransomware by Russian attackers targeting Ukrainian organizations back in 2017, as they are again today. However, the
Think your email may have been hacked? Here are the signs to look for, how account takeover attacks commonly occur, and how to recover your account and avoid falling victim again Email has been with us for decades. And while social media and mobile messaging apps are increasingly popular, it remains the mainstay of our
Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager (RCM) for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 (CVSS score: 9.0), the vulnerability stems from the fact that the debug mode has
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.
You can feel even more confident that you’ll enjoy life online with us at your side. AV-Comparatives has awarded McAfee as its 2021 Product of the Year. McAfee makes staying safe simple, and now this endorsement by an independent lab says we protect you best. Over the course of 2021, AV-Comparatives subjected 17 different online
Cybersecurity researchers in Canada have found a “devastating flaw” in the MY2022 app, designed for use by attendees of this year’s Winter Olympic Games in Beijing. The vulnerability was discovered by the Citizen Lab – an academic research laboratory based at the Munk School of Global Affairs at the University of Toronto. In findings published Tuesday, researchers said that the flaw
A threat actor with potential links to an Indian cybersecurity company has been nothing if remarkably persistent in its attacks against military organizations based in South Asia, including Bangladesh, Nepal, and Sri Lanka, since at least September 2020 by deploying different variants of its bespoke malware framework. Slovak cybersecurity firm ESET attributed the highly targeted
Social media is part of our social fabric. So much so that nearly 50% of the global population are social media users to some degree or other. With all that sharing, conversing, and information passing between family and friends, social media can be a distinct digital extension of ourselves—making it important to know how you
The UK government has announced plans to crack down on the advertising of cryptocurrency products to prevent consumers from being misled into purchases. The Treasury claimed that around 2.3 million people in the country now own some form of “cryptoasset,” but that understanding of these financial products is declining. That could lead to them being
ESET researchers take a deep look into recent attacks carried out by Donot Team throughout 2020 and 2021, targeting government and military entities in several South Asian countries Donot Team (also known as APT-C-35 and SectorE02) is a threat actor operating since at least 2016 and known for targeting organizations and individuals in South Asia
An IRC (Internet Relay Chat) bot strain programmed in GoLang is being used to launch distributed denial-of-service (DDoS) attacks targeting users in Korea. “The malware is being distributed under the guise of adult games,” researchers from AhnLab’s Security Emergency-response Center (ASEC) said in a new report published on Wednesday. “Additionally, the DDoS malware was installed
by Paul Ducklin Researchers at browser identification company FingerprintJS recently found and disclosed a fascinating data leakage bug in Apple’s web browser software. Technically, the bug exists in Apple’s open source WebKit browser engine, which means it affects any browser that relies on WebKit. As you might expect, this includes all versions of Apple’s own
A Tennessee-based healthcare technology services company is facing legal action over a cyber-attack that occurred in August 2021. The class action lawsuit was filed against QRS Healthcare Solutions (QRS, Inc), an electric health record (EHR) vendor and provider of integrated practice management and clinical services, including electronic patient portals. On August 26 2021, QRS discovered
Do you often take to social media to broadcast details about your job, employer or coworkers? Think before you share – less may be more. For many of us, showcasing parts of our day-to-day on social media has become a staple of our everyday lives, and that includes our working lives. On one hand, it
An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. “The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations in
by Paul Ducklin A UK-based scammer who preyed on nearly 700 women and conned nine of them out of £20,000 (about $27,000), has been sent to prison. London resident Osagie Aigbonohan, 41, pleaded guilty to charges of fraud and money laundering, including scamming £9500 out of one victim in the course of a fake 10-month
Microsoft has detected a major malware wiper campaign targeting government, IT and non-profit organizations across Ukraine. Dubbed “WhisperGate,” the attacks were first spotted on January 13, at around the same time that over a dozen government websites were forced offline in what was described as a “massive” cyber-attack. Although Microsoft said it had not noticed any links
UniCC, the biggest dark web marketplace of stolen credit and debit cards, has announced that it’s shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. “Don’t build any conspiracy theories about us leaving,” the anonymous operators of UniCC said in a farewell posted on
by Paul Ducklin You’ve probably seen the news, even if you’re not sure what happened. Unless you’re a JavaScript programmer and you relied on either or both of a pair of modules called faker.js and colors.js. If you were a user of either of those projects, and if you are (or were!) inclined to accept
American technology company DigiCert has announced the acquisition of Mocana, a cybersecurity firm based in California. Mocana was founded in 2002 and is headquartered in Sunnyvale. The company’s focus is on embedded system security for industrial control systems and the internet of things (IoT). DigiCert said the acquisition would allow it to offer an end-to-end IoT platform and provide customers
Cybersecurity teams from Microsoft on Saturday disclosed they identified evidence of a new destructive malware operation targeting government, non-profit, and information technology entities in Ukraine amid brewing geopolitical tensions between the country and Russia. “The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable,” Tom Burt,
by Naked Security writer According to the FSB, Russia’s Federal Security Bureau (ФСБ), the ransomware gang known in both Russian and English by the nickname “REvil” has been taken down: ФСБ России установлен полный состав преступного сообщества «REvil» The Russian FSB has identified the entire criminal enterprise known as “REvil” In our zest to tell
Russia says it has ended the criminal activities of the REvil ransomware gang and placed its members under arrest. In an action coordinated by the Federal Security Service of the Russian Federation (FSB) in cooperation with the Investigation Department of the Ministry of Internal Affairs of Russia in the cities of Moscow, St. Petersburg, and Lipetsk, searches
People have made it clear. They’re feeling more exposed to online threats and want stronger protection. Our 2022 Trends Study puts figures to these feelings, saying that they believe the risks to their online privacy have increased over the past year. Moreover, 42% believe the risks to their personal and financial information have increased as
ESET researchers look at malware that abuses vulnerabilities in kernel drivers and outline mitigation techniques against this type of exploitation There are various types of kernel drivers; the first that come to mind are device drivers that provide a software interface to hardware devices like plug and play interfaces or filter drivers. These low-level system