Month: January 2023

The pro-Russia hacktivist group known as NoName057(16) has recently started new attacks against organizations and businesses across Poland, Lithuania and other countries. Most recently, the group began targeting the websites of the Czech presidential election candidates. According to SentinelOne, who discovered the new campaigns, the group conducted these campaigns by using public Telegram channels, a distributed

The Guardian has confirmed that threat actors stole the personal data of UK staff members during the ransomware attack that affected its systems on December 20, 2022. The updates come from The Guardian Media Group’s chief executive, Anna Bateson, and The Guardian‘s editor-in-chief, Katharine Viner, who emailed staff members on Wednesday. The executives have described

by Paul Ducklin THE CRYPTO CRISIS THAT WASN’T Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good

A new advanced persistent threat (APT) group dubbed ‘Dark Pink’ by Group-IB (and ‘Saaiwc Group’ by Chinese cybersecurity researchers) has been spotted targeting various entities across Asia-Pacific and Europe, mainly with spear phishing techniques. According to a new advisory published by Group-IB earlier today, Dark Pink began operations as early as mid-2021, although the group’s

by Paul Ducklin JWT is short for JSON Web Token, where JSON itself is short for JavaScript Object Notation. JSON is a modernish way of representing structured data; its format is a bit like XML, and can often be used instead, but without all the opening-and-closing angle brackets to get in the way of legibility.

The US Supreme Court gave the green light on Monday for WhatsApp to pursue a lawsuit against NSO Group, the Israeli surveillance company, for installing the Pegasus spyware on roughly 1400 devices where WhatsApp was also installed. More specifically, the court has ruled that WhatsApp is allowed to sue for damages ensued by the malicious installation

by Paul Ducklin As far as we can tell, there are a whopping 2874 items in this month’s Patch Tuesday update list from Microsoft, based on the CSV download we just grabbed from Redmond’s Security Update Guide web page. (The website itself says 2283, but the CSV export contained 2875 lines, where the first line

The South African threat actors known as “Automated Libra” have been improving their techniques to exploit cloud platform resources for cryptocurrency mining. According to Palo Alto Networks Unit 42, the threat actors have used a new Captcha-solving system alongside a more aggressive use of CPU resources for mining and the mix of “freejacking” with the

by Paul Ducklin If you’re a programmer, whether you code for a hobby or professionally, you’ll know that creating a new version of your project – an official “release” version that you yourself, or your friends, or your customers, will actually install and use – is always a bit of a white-knuckle ride. After all,

US-based health and human services organization Maternal & Family Health Services (MFHS) has reported being hit by a ransomware attack. The non-profit made the announcement on Thursday, saying its systems were compromised between August 21, 2021, and April 4, 2022. An investigation launched in April last year revealed the attack may have exposed sensitive information

Ongoing hacking campaigns orchestrated by the threat actor group Blind Eagle (also known as APT-C-36) have been spotted targeting individuals across South America. Security experts from Check Point Research (CPR) unveiled the findings in a new advisory published on Thursday, describing a novel infection chain involving an advanced toolset. “For the last few months, we have

Meta’s instant messaging subsidiary WhatsApp has officially introduced proxy support, reportedly to tackle internet disruption tactics used by repressive governments. The company made the announcement in a blog post on Thursday, saying the new feature is designed to put the power into people’s hands to maintain access to WhatsApp if their connection is blocked or

by Paul Ducklin There’s been a bit of a kerfuffle in the technology media over the past few days about whether the venerable public-key cryptosystem known as RSA might soon be crackable. RSA, as you probably know, is short for Rivest-Shamir-Adleman, the three cryptographers who devised what turned into an astonishingly useful and long-lived encryption