Month: March 2022

0 Comments
The US military knows it needs to speed up technology adoption through optimization, something at the heart of Silicon Valley culture The U.S. military won’t soon be adopting open-plan work environments, flexible PTO, free ubiquitous food, and lean manufacturing processes, although Silicon Valley wants it to. At the recent Rocky Mountain Cyberspace Symposium, both were
0 Comments
In what’s yet another act of sabotage, the developer behind the popular “node-ipc” NPM package shipped a new version to protest Russia’s invasion of Ukraine, raising concerns about security in the open-source and the software supply chain. Affecting versions 10.1.1 and 10.1.2 of the library, the changes introduced undesirable behavior by its maintainer RIAEvangelist, targeting
0 Comments
Sioux Falls City Council has approved a $10m appropriation toward a Dakota State University (DSU) cybersecurity lab. The funding for the project, which could bring 650 jobs to the Sioux Falls and Madison areas, was approved by a unanimous vote on Tuesday night.  Dakota State University announced its $90m Applied Research Lab (ARL) project on January 26 2022. The
0 Comments
by Paul Ducklin Last year, we wrote about a research paper from SophosLabs that investigated malware known as CryptoRom, an intriguing, albeit disheartening, nexus in the cybercrime underworld. This “confluence of criminality” saw cybercrooks adopting the same techniques as romance scammers to peddle fake cryptocurrency apps instead of false love, and fleece victims out of
0 Comments
The highest court in the United Kingdom has refused to hear an appeal by WikiLeaks founder Julian Assange against his extradition to the United States to face espionage charges. Australian citizen Assange was indicted by the US Department of Justice in 2019 over his alleged involvement in the acquisition and publication of thousands of classified US diplomatic and
0 Comments
by Paul Ducklin The latest raft of non-emergency Apple security updates are out, patching a total of 87 different CVE-rated software bugs across all Apple products and plaforms. There are 10 security bulletins for this bunch of updates, as follows: APPLE-SA-2022-03-14-1: iOS 15.4 and iPadOS 15.4 (HT213182) APPLE-SA-2022-03-14-2: watchOS 8.5 (HT213193) APPLE-SA-2022-03-14-3: tvOS 15.4 (HT213186)
0 Comments
This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malware taking aim at Ukrainian organizations ESET researchers have uncovered yet another destructive data wiper that was used in attacks against organizations in Ukraine. Dubbed CaddyWiper by ESET analysts, the malware was first detected at 11.38 a.m.
0 Comments
Police in Manitoba, Canada, have arrested an 18-year-old man on suspicion of carrying out cyber-attacks on victims across North America.  Dayne Parrott-Jones, of Brandon, was taken into custody on March 8 by members of the Brandon Police Service Crime Suppression Unit following an 11-month investigation by the Federal Bureau of Investigation (FBI) and police forces
0 Comments
A former employee of the Canadian government has been extradited to the United States to face charges pertaining to a slew of ransomware attacks.  Sebastien Vachon-Desjardins, 34, of Gatineau, Quebec, is accused of using NetWalker ransomware to target dozens of victims all over the world, including hospitals and school districts.  The United States launched a global action against the
0 Comments
French bank BNP Paribas has reportedly blocked its Russian-based employees from accessing its internal computer systems. According to a Reuters source, the bank rescinded the access privileges of its Russian workforce over fears that connections to the local network could leave BNP Paribas vulnerable to cyber-attacks by Russian threat actors.  The restriction is reportedly part of the French lender’s
0 Comments
What is Ransomware? Over the past year, you may have seen the term ransomware popping up frequently. There’s good reason for that as ransomware is responsible for 21% of all cyberattacks, according to a new report. For enterprising hackers, this tactic has become standard operating procedure because it’s effective and organizations are willing to pay.
0 Comments
Czech-based multinational cybersecurity software company Avast has suspended the sale and marketing of its products in Russia and Belarus.  In a statement shared Thursday, Avast said it was ceasing business in Russia and offering its premium products free of charge to the people of Ukraine. “With immediate effect, we have withdrawn the availability of all of our products
0 Comments
by Naked Security writer In cybersecurity history, the US Independence Day weekend of 2021 is not remembered for the restful and relaxing summer celebrations that you’d usually associate with the Fourth of July. Instead, it’s remembered as the weekend of the infamous Kaseya ransomware attack. This was ransomware-with-a-difference, and the difference was the ultimate scale
0 Comments
Authored by Oliver Devane, Vallabh Chole, and Aayush Tyagi  McAfee has recently observed several malicious Chrome Extensions which, once installed, will redirect users to phishing sites, insert Affiliate IDs and modify legitimate websites to exfiltrate personally identifiable information (PII) data. According to the Google Extension Chrome Store, the combined install base is 80,000  One extension,
0 Comments
Multiple security vulnerabilities have been disclosed in popular package managers that, if potentially exploited, could be abused to run arbitrary code and access sensitive information, including source code and access tokens, from compromised machines. It’s, however, worth noting that the flaws require the targeted developers to handle a malicious package in conjunction with one of
0 Comments
Two 66-year-old women from Colorado have been accused of interfering with election equipment and official misconduct. On Tuesday, a Mesa County grand jury returned a 13-count indictment against clerk and recorder Tina Peters and deputy clerk Belinda Knisley. According to the indictment, the women tampered with the security of Dominion Voting Systems machines in late May 2021. It is