by Paul Ducklin Apple’s latest collection of security updates has arrived, including the just-launched macOS 13 Ventura, which was accompanied by its own security bulletin listing a whopping 112 CVE-numbered security holes. Of those, we counted 27 arbitrary code execution holes, of which 12 allow rogue code to be injected right into the kernel itself,
Month: October 2022
Virtual Chief Information Security Officer (vCISO) services (also known as ‘Fractional CISO’ or ‘CISO-as-a-Service’) are growing in popularity, especially as growing cyber threats, tightening regulatory demands and strict cyber insurance requirements are driving small to medium-sized enterprises demand for strategic cybersecurity and compliance guidance and management. But vCISO services are labor intensive, require highly skilled
Have you ever been browsing online and clicked a link or search result that took you to a site that triggers a “your connection is not private” or “your connection is not secure” error code? If you’re not too interested in that particular result, you may simply move on to another result option. But if
Thousands of publicly exposed, active application programming interface (API) tokens have been spotted across the web that could threaten software integrity and allow bad actors to access confidential information, data or private networks. The findings come from security researchers at JFrog, who recently made the discovery while testing a new feature in one of the company’s security
A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. “The attacker intends to utilize a victim’s resources as much as possible, not only to install RAR1Ransom for extortion, but also to spread GuardMiner to collect cryptocurrency,” Fortinet FortiGuard Labs researcher Cara
It’s important to know that not all websites are safe to visit. In fact, some sites may contain malicious software (malware) that can harm your computer or steal your personal contact information or credit card numbers. Phishing is another common type of web-based attack where scammers try to trick you into giving them your personal
Google called for contributors on Thursday to a new open source project named Graph for Understanding Artifact Composition (GUAC) as part of its efforts to improve software supply chain security. According to the tech giant, GUAC is still in the early stages, but it is set to change how the industry perceives software supply chains.
by Paul Ducklin Java programmers love string interpolation features. If you’re not a coder, you’re probably confused by the word “interpolation” here, because it’s been borrowed as programming jargon where it’s not a very good linguistic fit… …but the idea is simple, very powerful, and sometimes spectacularly dangerous. In other programming ecosystems it’s often known
Researchers have disclosed details about a now-patched critical flaw in the Move virtual machine that powers the Aptos blockchain network. The vulnerability “can cause Aptos nodes to crash and cause denial of service,” Singapore-based Numen Cyber Labs said in a technical write-up published earlier this month. Aptos is a new entrant to the blockchain space,
Whether you’re spending time on the web or working in the office, you want peace of mind knowing that you are in a safe environment. While most of us know to take precautions when online — protecting ourselves from things like phishing attacks and other cyber threats — we should also attend to our physical
With hot-ticket events firmly back on the agenda, scammers selling fake tickets online have also come out in force As the events scene slowly came back to life in 2022, the clamor for tickets to festivals and gigs surged massively. Many festivals around the UK sold out within hours, and as a result people were
Multiple phishing domains impersonating Absher, the Saudi government service portal, have been set up to provide fake services to citizens and steal their credentials. The discovery comes from cybersecurity researchers at CloudSEK, who published an advisory about the threat on Thursday. “The threat actors are targeting individuals by sending an SMS, along with a link, urging
by Paul Ducklin Sadly, we’ve needed to cover the DEADBOLT ransomware several times before on Naked Security. For almost two years already, this niche player in the ransomware cybercrime scene has been preying mainly on home users and small businesses in a very different way from most contemporary ransomware attacks: If you were involved in
The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems. In an attack chain detected by Trustwave SpiderLabs researchers, an invoice-themed ZIP file lure was found to contain a nested self-extracting (SFX) archive, the first
Smishing and vishing are scams where criminals attempt to get users to click a fraudulent link through a phone text message, email, or voicemail. These scams are becoming increasingly popular as cybercriminals try to take advantage of people who are more likely to fall for them, such as those who aren’t as familiar with technology
APT-C-50’s Domestic Kitten campaign continues, targeting Iranian citizens with a new version of the FurBall malware masquerading as an Android translation app ESET researchers recently identified a new version of the Android malware FurBall being used in a Domestic Kitten campaign conducted by the APT-C-50 group. The Domestic Kitten campaign is known to conduct mobile
Ransomware has grown by 466% since 2019 and is increasingly being used as a precursor to physical war. The findings come from Ivanti’s Ransomware Index Report Q2–Q3 2022, which the company shared with Infosecurity earlier today. The data also shows ransomware groups continuing to grow in volume and sophistication, with 35 vulnerabilities becoming associated with ransomware
by Paul Ducklin WHAT DO YOU MEAN, “DOESN’T MEET THE BAR FOR SECURITY SERVICING”? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts,
Google on Thursday announced that it’s seeking contributors to a new open source initiative called Graph for Understanding Artifact Composition, also known as GUAC, as part of its ongoing efforts to beef up the software supply chain. “GUAC addresses a need created by the burgeoning efforts across the ecosystem to generate software build, security, and
Authored by SangRyol Ryu Cybercriminals are always after illegal advertising revenue. As we have previously reported, we have seen many mobile malwares masquerading as a useful tool or utility, and automatically crawling ads in the background. Recently the McAfee Mobile Research Team has identified new Clicker malware that sneaked into Google Play. In total 16
From the warning banner ‘Be afraid and expect the worst’ that was shown on several Ukrainian government websites on January 13, 2022, after a cyber-attack took them down, the US National Security Agency’s (NSA) cybersecurity director, Rob Joyce, knew that something was going to be different, and very aggressive, between Ukraine and Russia, and that
by Paul Ducklin The US Postal Service just issued a commemorative stamp to remember the service of some 11,000 women cryptologists during World War 2. Like their Bletchley Park counterparts in the UK, these wartime heros didn’t finish the war with any sort of hero’s welcome back into civilian life. Indeed, they got no public
Cybersecurity researchers have shared more details about a now-patched security flaw in Azure Service Fabric Explorer (SFX) that could potentially enable an attacker to gain administrator privileges on the cluster. The vulnerability, tracked as CVE-2022-35829, carries a CVSS severity rating of 6.2 and was addressed by Microsoft as part of its Patch Tuesday updates last
Automobile manufacturer Toyota recently announced a data breach that may have exposed the emails of up to 300,000 customers for a period of nearly five years. Toyota says the breach is the result of a subcontractor posting source code for Toyota’s “T-Connect” app on the software development platform GitHub in December 2017. This code included
What can schools, which all too often make easy prey for cybercriminals, do to bolster their defenses and keep threats at bay? Schools are at the center of societal change, whether it is by educating and empowering students or by serving as a mirror of current social and economic realities. In order to fulfill their
Video messaging platform Zoom released a new patch last week to a high-severity flaw in its client for macOS devices. The vulnerability (tracked CVE-2022-28762) refers to a debugging port misconfiguration affecting versions between 5.10.6 and 5.12.0 (excluded) and has a common vulnerability scoring system (CVSS) of 3.1 of 7.3 out of 10. “When camera mode
by Paul Ducklin Popular and ubiquitous (software isn’t always both of those things!) cloud meeting company Zoom recently announced an oops-that-wasn’t-supposed-to-happen bug in the Mac version of its software. The security bulletin is, forgivably, written in the typically staccato and jargon-soaked style of bug-hunters, but the meaning is fairly clear. The bug is denoted CVE-2022-28762,
Both cryptocurrency and ransomware are nothing new in the digital world; both have been there for a very long time, which was enough for them to find common pieces for starting their relationship. Ransomware can be like a virtual car that works on all types of fuels, and crypto is the one that is currently
In the eyes of hackers, scammers, and thieves, your online privacy and identity look like a giant jigsaw puzzle. One that they don’t need every piece to solve. They only need a few bits to do their dirty work, which means protecting every piece you put out there—a sort of holistic view on your personal
A novel ransomware campaign has been spotted targeting organizations in the transportation and logistics industries in Ukraine and Poland using a previously unidentified ransomware payload. Dubbed “Prestige ranusomeware” by its creators, the malware was observed by the Microsoft Threat Intelligence Center (MSTIC), targeting several organizations on October 11 in attacks occurring within an hour of