by Paul Ducklin The infamous LAPSUS$ gang, whose curious brand of cyberextortion has been linked with intrusions at Microsoft, Samsung, Okta, Nvidia and others, still seems to be on the boil. According to Microsoft’s own analysis of the gang’s intrusion at Microsoft itself, these hackers use a range of social engineering techniques that go beyond
admin
Cybersecurity researchers have uncovered further links between BlackCat (aka AlphaV) and BlackMatter ransomware families, the former of which emerged as a replacement following international scrutiny last year. “At least some members of the new BlackCat group have links to the BlackMatter group, because they modified and reused a custom exfiltration tool […] and which has
The websites of Finland’s defense and foreign affairs were taken offline today following DDoS attacks. The ministries each confirmed the attacks on Twitter earlier today, although the websites now appear to be back up and running. The nation’s Ministry of Defense wrote at 10.45 am GMT: “The Department of Defense website http://defmin.fi is currently under attack. We
by Paul Ducklin The good news in this month’s Android patches is that even though Google’s own updates close off numerous elevation of privilege (EoP) holes, there aren’t any remote code execution bugs on the list. The bad news, of course, is that EoP bugs that directly lead to root access, without any tell-tale signs,
If you’re thinking about crypto, one of the first things you’ll want to do is get yourself a good wallet. Topping the several important things a new cryptocurrency investor needs to think about is security. Rightfully so. Cryptocurrency is indeed subject to all kinds of fraud, theft, and phishing attacks, just like the credentials and
The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022. “The exploitation allows threat actors to download the Mirai sample to the ‘/tmp’ folder and execute them after permission change using ‘chmod,'” Trend Micro researchers
The Information Commissioner’s Office (ICO) is currently investigating a cyber-attack across TrustFord branches throughout the UK. The vehicle dealer group revealed the attack, which is believed to have been committed by the Conti ransomware gang, affected the firm’s internal systems. In particular, access to the internet and phones within the business was affected. However, TrustFord assured
by Paul Ducklin If you’ve ever written technical documentation to use online, you probably started out by creating it directly in HTML (hypertext markup language), so you could drop it directly into your website. You may have used various HTML editors that gave you a real-time but not entirely precise preview, but you’ll have spent
What’s worse than a surprise call from a law enforcement official telling you to pay a fine or be forced to serve time? Providing your personal information and paying that fine only to find out that it was all a scam. You didn’t miss jury duty; you didn’t commit a crime — you were just tricked
China-linked adversaries have been attributed to an ongoing onslaught against Indian power grid organizations, one year after a concerted campaign targeting critical infrastructure in the country came to light. Most of the intrusions involved a modular backdoor named ShadowPad, according to Recorded Future’s Insikt Group, a sophisticated remote access trojan which has been dubbed a
The website of Gazprom Neft, the oil arm of Russian state gas company Gazprom, was offline on Wednesday after an alleged hack, in what appears to be the latest hack on a government-associated site following Russia’s invasion of Ukraine. A statement allegedly from Gazprom CEO Alexie Miller, a close friend of President Vladimir Putin, was briefly
by Paul Ducklin LISTEN NOW [01’34”] LAPSUS$ hacking, 2022-style. [06’11”] Zero-day emergency updates from Apple. [08’46”] Elevation of privilege patches in Android. [09’41”] Bugs fixed in Firefox 99. [11’00”] The SATAN network scanner and its impact on threat reponse. [14’02”] Two confusing bugs in VMware Spring. [20’17”] Old-school hacking, PDP-11 style. Click-and-drag on the soundwaves
Outfitting your smart home could get a whole lot easier this year. A new industry standard called Matter aims to remove a big barrier in smart home technology, one that makes different smart home devices compatible with any smart home platform—something that wasn’t possible until now. For years, different smart home devices have run on several
As cloud systems are increasingly the bedrock on which digital transformation is built, keeping a close eye on how they are secured is an essential cybersecurity best practice For weeks, cybersecurity experts and government agencies have been urging organizations to enhance their cyber-defenses due to the increased threat of cyberattacks amid Russia’s invasion of Ukraine.
A first-of-its-kind malware targeting Amazon Web Services’ (AWS) Lambda serverless computing platform has been discovered in the wild. Dubbed “Denonia” after the name of the domain it communicates with, “the malware uses newer address resolution techniques for command and control traffic to evade typical detection measures and virtual network access controls,” Cado Labs researcher Matt
Russian hackers used compromised employee credentials to launch the cyber-attack that severely disrupted internet services in Ukraine last week, it has been claimed today. Kyrylo Honcharuk, CIO of Ukrtelecom, Ukraine’s national telecommunications provider targeted in the attack on March 28, said Russia accessed the account of an employee in a region “recently temporarily” occupied, although
by Paul Ducklin German police have located and closed down the servers of Hydra, allegedly one of the world’s biggest underground online stores. Investigators at the Bundeskriminalamt (BKA – the Federal Criminal Police Office) claim that the Russian-language Hydra darkweb site, accessible via the Tor network, had about 17 million customer accounts (many individual buyers
This month, McAfee celebrates three years of maintaining pay parity. Compensating employees equally for their contributions, regardless of gender or ethnicity, is one of the many ways we create a culture where all can belong and an environment where everyone is valued. But equal pay sounds like a given, right? It absolutely should be. However,
ESET researchers analyzed three malicious applications targeting customers of eight Malaysian banks The popularity of online shopping has been growing during the past few years, a trend accelerated by the pandemic. To make this already convenient way of never having to leave the couch to buy new things even more convenient, people are increasingly using
Communication is a vital skill for any leader at an organization, regardless of seniority. For security leaders, this goes double. Communicating clearly works on multiple levels. On the one hand, security leaders and CISOs must be able to communicate strategies clearly – instructions, incident response plans, and security policies. On the other, they must be
Federal police in Germany have disrupted a Russian-language darknet marketplace that specialized in the sale of illicit drugs, forged documents, intercepted data and illegal digital services. In an action coordinated with the United States Justice Department, authorities shut down the Germany-based servers of the Hydra Market on Tuesday, seizing $25m in bitcoin what they allege to be proceeds of crime.
by Paul Ducklin The once-every-four-weeks security update to Mozilla’s Firefox browser officially arrived today. The regular version of Firefox is now 99.0, while the Extended Support Release, which gets security fixes without any feature updates, is now 91.8.0 ESR. Add together the first two numbers in the ESR release triplet and you should get the
Summary Microsoft Azure Active Directory (Azure AD) is an identity and access management solution used by over 88 percent of Fortune 500 companies as of this publication. This market penetration makes Azure AD a lucrative target for threat actors. In the second half of 2021, Secureworks® Counter Threat Unit™ (CTU) researchers analyzed Azure AD tenants
As a gamer, you love the stuff you’ve racked up over the years—that rare Fortnite skin from six seasons ago, a complete set of Tier 20 armor in World of Warcraft, or a Steam account loaded with your favorite titles. Hackers love it too. Because they can make money off it. Hackers have been stealing
If better privacy and anonymity sound like music to your ears, you may not need to look much further than Tor Browser. Here’s what it’s like to surf the dark web using the browser. When I speak to people about the dark web, many are still very wary of it and often think that it
The notorious cybercrime group known as FIN7 has diversified its initial access vectors to incorporate software supply chain compromise and the use of stolen credentials, new research has revealed. “Data theft extortion or ransomware deployment following FIN7-attributed activity at multiple organizations, as well as technical overlaps, suggests that FIN7 actors have been associated with various
Cyber-criminals are impersonating the confectioner Cadbury online to steal personal data. Users of social media platform Facebook and messaging platform WhatsApp have encountered a scam that lures victims with the promise that they will receive a free Easter basket packed with chocolate treats. Cadbury has confirmed that the offer is “not genuine” and has stated that it is taking
Throw open the windows and let in some fresh air. It’s time for spring cleaning. And that goes for your digital stuff too. Whether it’s indeed spring where you are or not, you can give your devices, apps, and online accounts a good decluttering. Now’s the time. Cleaning them up can protect your privacy and
An Android spyware application has been spotted masquerading as a “Process Manager” service to stealthily siphon sensitive information stored in the infected devices. Interestingly, the app — that has the package name “com.remote.app” — establishes contact with a remote command-and-control server, 82.146.35[.]240, which has been previously identified as infrastructure belonging to the Russia-based hacking group
The American Public University System (APUS) is joining forces with the US Cyber Command (USCYBERCOM) to help boost the nation’s cybersecurity posture. APUS is a private online learning university system composed of American Military University and American Public University. Each offers a strong cyber defense-focused curriculum at undergraduate and graduate levels. The National Security Agency (NSA)
- « Previous Page
- 1
- …
- 76
- 77
- 78
- 79
- 80
- …
- 114
- Next Page »