The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. The “successful attack,” which is believed to have occurred last week, was mounted against its Confluence
admin
by Paul Ducklin Not long ago, independent software developer Tim Perry, creator of the HTTP Toolkit for intercepting and debugging web traffic… …decided to add proxy support to his product, which, like lots of software these days, is written using Node.js. ICYMI, Node.js is the project that took the JavaScript language out of your browser
US government security experts have urged system administrators to patch two critical flaws in widely used Cisco and Atlassian products, exposing them to compromise. In a rare move, US Cyber Command took to Twitter before the Labor Day holiday weekend on Friday to address the Atlassian bug. “Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing
Les chercheurs d’ESET expliquent les détails d’une faille découverte dans VaxiCode Vérif, l’application mobile permettant la vérification des preuves vaccinales québécoise La sortie d’applications mobiles permettant le stockage et la vérification du passeport vaccinal par le gouvernement du Québec (VaxiCode et VaxiCode Vérif) a fait couler beaucoup d’encre la semaine dernière. C’est avec raison; l’application
End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France. The Switzerland-based company said it received a “legally binding order from the Swiss Federal Department of Justice” related to a collective
Another Accellion breach victim has been named nine months after threat actors exploited zero-day vulnerabilities in the company’s File Transfer Application. Beaumont Health has notified approximately 1500 patient that their personal data may have been compromised in the December attack on Accellion software. Goodwin Procter LLP, which was hired by Beaumont to provide legal services, used Accellion’s File Transfer software
Authored by ChanUng Pak McAfee’s Mobile Research team recently found a new Android malware, Elibomi, targeting taxpayers in India. The malware steals sensitive financial and private information via phishing by pretending to be a tax-filing application. We have identified two main campaigns that used different fake app themes to lure in taxpayers. The first campaign from November 2020 pretended to be a fake IT certificate application while the second campaign, first seen in May 2021, used the fake tax-filing theme. With this discovery,
Vaccination passports may facilitate the return to normalcy, but there are also concerns about what kinds of personal data they collect and how well they protect it. Here’s what you should know. Technology has been front and center throughout the COVID-19 pandemic, but not without presenting a few issues and challenges. Proof of vaccination and
Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with “high confidence” to a threat actor operating out of China. In mid-July, the Texas-based company remedied a remote code execution flaw (CVE-2021-35211) that was rooted in Serv-U’s implementation of the
Two new senior cybersecurity appointments have been announced by the United States Department of Homeland Security. Former lead solution engineer at Salesforce, David Larrimore, has been named as the Department’s chief technology officer. Between 2016 and 2019, Larrimore occupied the same position at the Immigration and Customs Enforcement (ICE) component. Other roles held by Larrimore include an
You open your laptop and see an email from a healthcare organization that you don’t recognize. The subject line reads “URGENT – PROOF OF VACCINATION NEEDED.” Impulsively, you open the email and click on the link. You’re redirected to a website that asks you to enter your name, date of birth, Social Security Number, and a photo of
Smartphones are kids’ trusty companions both in- and outside the classroom, and as they return to their desks, we’ve prepared some handy tips on how to keep their devices secure. While in some parts of the world kids have already returned to their classrooms, in virtual form or in person, in others they are just gearing
Apple is temporarily hitting the pause button on its controversial plans to screen users’ devices for child sexual abuse material (CSAM) after receiving sustained blowback over worries that the tool could be weaponized for mass surveillance and erode the privacy of users. “Based on feedback from customers, advocacy groups, researchers, and others, we have decided
by Paul Ducklin [02’00”] Security code flushes out security bugs. [15’48”] Recursion: see recursion. [26’34”] Phishing (and lots of it). [33’09”] Oh! No! The Windows desktop that got so big it imploded. With Paul Ducklin and Doug Aamoth. Intro and outro music by Edith Mudge. LISTEN NOW Click-and-drag on the soundwaves below to skip to
Tech giant Apple has announced that eight US states will start accepting driver’s licenses and other state IDs that are stored on iPhones and Apple Watch. Arizona and Georgia will be the first states to allow their residents to use this system, and will be followed by Connecticut, Iowa, Kentucky, Maryland, Oklahoma and Utah. The
Welcome back to our executive blog series, where we’re sitting down with some of the pivotal players behind McAfee Enterprise to hear their takes on today’s security trends, challenges, and opportunities for enterprises across the globe. Q: Do you have a role model? If so, who is it? Well, there are work and there are
Dubbed Safety Mode, the feature will temporarily block authors of offensive tweets from being able to contact or follow users. Twitter has unveiled a new feature called Safety Mode aimed at curbing abusive behavior, by autoblocking any unwanted tweets and other forms of online harassment. Currently the feature is available to a handful of users.
Cybersecurity researchers have disclosed details about a new malware family that relies on the Common Log File System (CLFS) to hide a second-stage payload in registry transaction files in an attempt to evade detection mechanisms. FireEye’s Mandiant Advanced Practices team, which made the discovery, dubbed the malware PRIVATELOG, and its installer, STASHLOG. Specifics about the
by Paul Ducklin A researcher at vulnerability and red-team company Rapid7 recently uncovered a pair of risky security bugs in a digital home security product. The first bug, reported back in May 2021 and dubbed CVE-2021-39276, means that an attacker who knows the email address against which you registered your product can effectively use your
A team of researchers at a UK university have designed a new device, which they claim will mitigate the risk of malicious USB drives. The “external scanning device” was designed at Liverpool Hope University and will soon go into production, having been granted a patent by the Indian government. It has been engineered to overcome
The federal agency urges organizations to ditch the bad practice and instead use multi-factor authentication methods The Cybersecurity and Infrastructure Security Agency (CISA) has added the use of single-factor authentication to its brief list of bad practices that it considers to be exceptionally risky when it comes to cybersecurity. “Single-factor authentication is a common low-security
A set of new security vulnerabilities has been disclosed in commercial Bluetooth stacks that could enable an adversary to execute arbitrary code and, worse, crash the devices via denial-of-service (DoS) attacks. Collectively dubbed “BrakTooth” (referring to the Norwegian word “Brak” which translates to “crash”), the 16 security weaknesses span across 13 Bluetooth chipsets from 11
The number of ransomware attacks surged by 288% between the first and second quarters of 2021 as double extortion attempts grew, according to the latest data from NCC Group. Analyzing incidents dealt with by its own Research Intelligence and Fusion Team (RIFT) throughout 2021, the firm claimed nearly a quarter (22%) of data leaks in
As you know, McAfee Enterprise’s MVISION Unified Cloud Edge (UCE) was the was the first of all the SASE vendors to implement the MITRE ATT&CK Framework for Cloud last year. An important aspect of Gartner’s SASE Framework (link) is the ability for effective Threat Protection and Resolution in the Cloud. MVISION UCE takes this to
ESET’s cybersecurity expert Marc-Étienne Léveillé analyses in-depth the Quebec’s vaccine proof apps VaxiCode and VaxiCode Verif. The launch of the mobile applications allowing the storage and verification of the vaccination passport by the Quebec government (VaxiCode and VaxiCode Verif) has caused a lot of ink to flow last week. It is with good reason; the
Cybersecurity could be described as a marathon for security teams that spend most of their time building sustained defenses that prevent threats day after day. However, they must be ready to hit a sprint whenever an attack succeeds since attack duration, and the resulting damages are directly correlated. Reacting to a successful attack is a
by Paul Ducklin You must have had that happy feeling (happiest of all when it’s still a day or two to payday and you know that your balance is paper-thin) when you’re withdrawing money from a cash machine and, even though you’re still nervously watching the ATM screen telling you that your request is being
Scores of ransomware attacks on US schools and colleges last year may have cost them over $6bn, according to a new report published today. Security testing site Comparitech analyzed the 77 attacks reported by educational institutions nationwide in 2020 and calculated the cost to these victims from estimated downtime and recovery time. Rransom costs are
Now more than ever, it’s critical to be mission-ready for the next cyber threat. Our digital-first, post-pandemic world is shifting back to a new normal. But the threats are still here. Mission-Ready And according to many reports, the threats have – and are continuing to – increase. McAfee Enterprise’s Advanced Threat Research recently published a
New vulnerabilities have been discovered in Fortress S03 Wi-Fi Home Security System that could be potentially abused by a malicious party to gain unauthorized access with an aim to alter system behavior, including disarming the devices without the victim’s knowledge. The two unpatched issues, tracked under the identifiers CVE-2021-39276 (CVSS score: 5.3) and CVE-2021-39277 (CVSS