by Paul Ducklin It’s Patch Tuesday Week (if you will allow us our daily pleonasm), and Microsoft’s updates include fixes for a number of security holes that the company has dubbed Critical, along with a zero-day fix, although the 0-day only gets a rating of Important. The 0-day probably got away with not being Critical
Month: April 2023
Here’s how to choose the right password vault for you and what exactly to consider when weighing your options Wave after wave of new technologies have threatened to bring about the end of the password over the years. But none so far have succeeded. That leaves most users with a problem. Passwords are a potential
Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware campaign was directed against journalists, political opposition figures, and
Malicious Android apps have been found for sale on the darknet and are being sold for up to $20,000, according to security researchers at Kaspersky. The company described the findings in an article published on Monday, in which it said the team collected examples from nine different darknet forums where these apps are being sold. “Like
by Paul Ducklin If you’re a gamer or an avid squeezer of raw computing power, you’ve probably spent hours tweaking your motherboard settings to eke out every last drop of performance. Over the years, you might even have tried out various unofficial firmware bodges and hacks to let you change settings that would otherwise be
Apr 11, 2023Ravie LakshmananCloud Security / Data Security A “by-design flaw” uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. “It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal access-tokens of higher
Spanish police have arrested a 19-year-old who they claim represents a national security threat due to the magnitude of the cyber-attacks he has conducted. An investigation into Jose Luis Huertas (aka “Alcasec”) began after he allegedly hacked the national council of the judiciary (CGPJ) and tax agency, and stole data on over half a million Spaniards.
by Paul Ducklin Last week, we warned about the appearance of two critical zero-day bugs that were patched in the very latest versions of macOS (version 13, also known as Ventura), iOS (version 16), and iPadOS (version 16). Zero-days, as the name suggests, are security vulnerabilities that were found by attackers, and put to real-life
Apr 10, 2023Ravie LakshmananHacking Tool / Cyber Threat An Estonian national has been charged in the U.S. for purchasing U.S.-made electronics on behalf of the Russian government and military. The 45-year-old individual, Andrey Shevlyakov, was arrested on March 28, 2023, in Tallinn. He has been indicted with 18 counts of conspiracy and other charges. If
When a man arrived in the middle of the night at a North London hospital and was emotionally upset, distressed, with seizure-like movements and unable to speak, Isabel Straw, an NHS emergency doctor, first struggled to find the reason because all the tests her team performed on him did not reveal any issues. That is
by Paul Ducklin We’ve written before, back in 2022, about a code execution hole in the widely-used JavaScript sandbox system vm2. Now we’re writing to let you know about a similar-but-different hole in the same sandbox toolkit, and urging you to update vm2 if you use (or are reponsible for building) any products that depend
Apr 08, 2023Ravie LakshmananCyber War / Cyber Threat The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That’s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in
Google has unveiled a new policy for Android apps that enable account creation. The rule mandates such apps to provide users with an option to delete both the accounts and the data associated with them. Describing the new feature in a blog post published on Wednesday, Bethel Otuteye, senior director of product management at Android
by Paul Ducklin Apple just issued a short, sharp series of security fixes for Macs, iPhones and iPads. All supported macOS versions (Big Sur, Monterey and Ventura) have patches you need to install, but only the iOS 16 and iPadOS 16 mobile versions currently have updates available. As ever, we can’t yet tell you whether
Apr 08, 2023Ravie LakshmananMalware / Cyber Attack Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its systems. The company said it “promptly” initiated incident response and recovery measures after detecting “network anomalies.” It also said it alerted law enforcement agencies of the matter. That
A mid-sized law firm representing Uber has notified an unknown number of its drivers that sensitive data has been exposed and stolen due to a cyber-attack. New Jersey-based Genova Burns disclosed the breach in an email to customers first obtained by The Register. “We determined that an unauthorized third party gained access to our systems,
In a rush to file your taxes? Watch out for cybercriminals preying on stressed taxpayers as Tax Day looms large on the horizon. The IRS-approved tax return filing service eFile.com has been caught compromising people’s devices with malware for weeks, serving a strong reminder that cybercriminals are also well aware of the fact that it’s
Apr 07, 2023Ravie LakshmananCyber Threat / Online Security In yet another sign that Telegram is increasingly becoming a thriving hub for cybercrime, researchers have found that threat actors are using the messaging platform to peddle phishing kits and help set up phishing campaigns. “To promote their ‘goods,’ phishers create Telegram channels through which they educate
Threat actors focusing on phishing techniques have been increasingly using Telegram to automate their activities and provide various services. The findings come from cybersecurity experts at Kaspersky, who described the new trend in a Wednesday advisory authored by web content analyst Olga Svistunova. “To promote their ‘goods,’ phishers create Telegram channels through which they educate
by Paul Ducklin WHEN MALWARE COMES FROM WITHIN No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of
Give your social media presence a good spring scrubbing, audit your passwords and other easy ways to bring order to your digital chaos Spring has sprung, the sun is out longer, and the birds’ chirping, peeping and tweeting in the trees have put that much-needed pep in your step. With the arrival of spring also
Critical infrastructure attacks are a preferred target for cyber criminals. Here’s why and what’s being done to protect them. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national security, the economy, public health, or safety. It can be government-
Security teams ought to seize on the opportunities of failures of the past to make meaningful change in how we approach incident response, urged Sarah Armstrong-Smith, chief security advisor at Microsoft, during UK Cyber Week 2023. Learning lessons from the past is crucial to developing an effective incident response strategy in cybersecurity, Armstrong-Smith said. The
by Paul Ducklin Cybersecurity researcher Sam Sabetan yesterday went public with insecurity revelations against IoT vendor Nexx, which sells a range of “smart” devices including door openers, home alarms and remotely switchable power plugs. According to Sabetan, he reported the bugs to Nexx back in January 2023, but to no avail. So he decided to
Do you know how many devices are connected to your home network? You don’t? This is precisely why it’s time for a network audit. The rite of spring cleaning is clearly good for your home and your mind and well-being, but trust me, your home network and all the devices connected to it could use
Apr 05, 2023Ravie LakshmananCyber Threat / Malware Portuguese users are being targeted by a new malware codenamed CryptoClippy that’s capable of stealing cryptocurrency as part of a malvertising campaign. The activity leverages SEO poisoning techniques to entice users searching for “WhatsApp web” to rogue domains hosting the malware, Palo Alto Networks Unit 42 said in
Threat actors have deployed a new, unique ransomware strain using the Palo Alto Cortex XDR Dump Service Tool, a commercial security product. Dubbed Rorschach, the malware was discovered by the Check Point Research (CPR) and Check Point Incident Response Team (CPIRT) and discussed in an advisory publisher earlier today. “Unlike other ransomware cases, the threat
by Paul Ducklin Mathematics is a complex and esoteric field that underpins science and engineering, notably including the disciplines of cryptography and cybersecurity. (There… we’ve added a mention of cybersecurity, thus justifying the rest of this article.) The topic of mathematics has been extensively and fervently studied from at least ancient Babylonian times, and the
Spring is in the air and as the leaves start growing again, why not breathe some new life into the devices you depend on so badly? It’s spring time in the northern hemisphere, and chances are good that you have a whole new spring in your step (excuse the pun!) thanks to the weather becoming
Clouded vision CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or any poisoning? Do I risk acting on outdated