Security

A British man has admitted being a member of an international video piracy ring that illegally distributed “nearly every movie released by major production studios.” On Thursday, before United States District Judge Richard M. Berman, George Bridi pleaded guilty to conspiracy to commit copyright infringement, which carries a maximum sentence of five years in prison. Bridi, who

by Paul Ducklin [00’52”] Fun Fact: The dawn of the transistor [01’37”] Emotet malware: “The report of my death was an exaggeration” [08’26”] FBI email hack spreads fake security alerts [15’19”] Tech history: Why tubes are valves, and valves are tubes [16’44”] Samba update patches plaintext password plundering [22’24”] The hijackable self-driving robot suitcase [30’22”]

Entertainment company Sky took more than 17 months to fix a security flaw that impacted roughly six million routers belonging to its customers.  The DNS rebinding vulnerability was discovered in May 2020 by Raf Fini, a researcher at British cybersecurity company Pen Test Partners.  Six router models were affected by the flaw: Sky Hub 3, Sky Hub 3.5,

by Paul Ducklin Remember when people used to upload their SSH keys onto Github and similar code sharing sites by mistake? Two years ago, we wrote about the fact that incautious software developers had uploaded hundreds of thousands of private access control keys, entirely unintentionally, along with source code files that they did intend to

A threat actor believed to be associated with the Democratic People’s Republic of Korea (DPRK) has a certain fondness for repetition, according to new research published today. In the report Triple Threat: North Korea–Aligned TA406 Scams, Spies, and Steals, researchers at Proofpoint shine a light on the nefarious activity of the threat actor TA406, whose campaigns they have

by Paul Ducklin Tommy Mysk and Talal Haj Bakry describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not taking application or operating system security features for granted, but keeping their own eyes

The United States has announced plans to sell tens of millions of dollars’ worth of seized crypto-currency to compensate victims of fraud. On Friday, US District Judge Todd Robinson granted a request from the US Department of Justice and the US Attorney’s Office for the Southern District of California for authority to liquidate BitConnect crypto-currency

by Paul Ducklin The Internet of Things (IoT) has become infamous for providing us, in a worrying number of cases, with three outcomes: Connected products that we didn’t know we needed. Connected products that we purchased anyway. Connected products that ended up disconnected in a cupboard. To be fair, not all IoT products fall into

Cybersecurity professionals are unsurprised by the apparent return of Emotet malware.  First discovered as a banking trojan in 2014, the malware evolved into a powerful tool deployed by cyber-criminals around the world to illegally access computer systems.  The malware’s creators — APT group TA542 — hired Emotet out to other cyber-criminals, who used it to

by Paul Ducklin You’ve probably seem the breathless media headlines everwhere: “Emotet’s back!” One cybersecurity article we saw – and we knew what it was about right away – didn’t even give a name, announcing simply, “Guess who’s back?” As you almost certainly know, and may sadly have experienced first hand, Emotet is a blanket

A cyber-safety platform has found a humorous way to warn the American public how to spot a gift card scam ahead of the holiday season.  ScamSpotter.org has made a series of amusing videos in which some of the ridiculous storylines deployed by gift card scammers are played out by actors.  In one Hollywood blockbuster–style dramatization, a

Spain’s second-biggest brewery says it expects to fully recover from a “highly complex” cyber-attack “in the coming days.”  Sociedad Anónima Damm, which has been making the world-renowned Estrella Damm lager since 1876, was targeted by cyber-criminals on Tuesday.  The attack on the company’s computer systems temporarily halted production at all of Damm’s breweries. However, the main brewery

by Naked Security writer Well-known email tracking organisation Spamhaus, which maintains lists of known senders of spams and scams, is warning of a fraudulent “FBI/Homeland Security” alert that has apparently been widely circulated to network administrators and other IT staff in North America. Indeed, some of our own colleagues have reported receiving messages like this:

A Russian cyber-criminal has been sent to prison in the United States for defrauding American companies out of millions of dollars. Aleksandr Zhukov ran a sophisticated digital advertising scam through purported advertising network Media Methane. In June, he was convicted of wire fraud conspiracy, wire fraud, money laundering conspiracy, and money laundering. Zhukov, the self-styled “king of

by Paul Ducklin If you use the venerable Samba open source tool anywhere on your network, you’ll want to read up on the latest update, version 4.15.2. Samba is the closest pronounceable word to SMB that Andrew Tridgell, who created the project back in the 1990s, could come up with. SMB, short for Server Message

A program set up to teach cybersecurity skills to autistic and neurodiverse young people in the United Kingdom has received a sizable injection of cash. The UK chancellor of the exchequer, Rishi Sunak, has awarded £100,000 (approximately $135K) to the Cybersecurity Neurodiversity Skills Development Program, described by Native Newspost as “ground-breaking.” The program, which is based in

by Paul Ducklin [00’21”] We enjoy the Sophos 2022 Threat Report. [02’10”] The world’s {oldest, coolest} continously maintained browser. [03’39”] Facebook folds up its Face Recognition feature. [08’24”] Crooks combine a new social engineering scam with a new way of packaging malware. [23’11”] Kaseya ransomware suspect busted in Poland. [28’00”] Oh! No! How to block

The skills-to-job consortium CyberVetsUSA is launching a new pilot program in Nebraska that aims to fast-track military veterans into new cybersecurity careers.  CyberVetsUSA exists as a public-private partnership between non-profit and Veteran Service Organizations (VSOs), tech employers, institutions of higher education, and local government agencies.  It was launched in 2017 with the mission to increase the available

by Paul Ducklin The November 2021 Patch Tuesday updates from Microsoft and Adobe are out. Microsoft documented 34 different bugs that were worrisome enough to get CVE numbers, while Adobe listed three (the Adobe products with bugs of CVE-level seriousness are RoboHelp Server, InCopy and Creative Cloud, in case you were wondering). You can read

Visitors to the website of Britain’s biggest angling outfitter were redirected to an adult website based in Canada in a recent cyber-attack.  Angling Direct PLC discovered that something fishy was going on with their website late on Friday when unauthorized activity was detected.  On Monday, it was determined that attackers had hacked into the Angling

by Naked Security writer The name “Kaseya” has become one of the biggest words in ransomware infamy. Cybercriminals penetrated the IT management business Kaseya earlier this year and used the company’s own remote management tools to wreak simultaneous ransomware havoc across its customer base. Unfortunately for the many victims of the attack, Kaseya’s software required

Small and mid-sized businesses (SMBs) were today granted free access to a virtual security awareness training program. The program was put together by six-year-old security awareness training company Curricula, which is based in Atlanta, Georgia. In a statement released Tuesday, Curricula said: “Our team at Curricula is proud to announce a free security awareness training program designed to

by Paul Ducklin It’s that time of year again, just after Cybersecurity Awareness Month and just before Black Friday… …time for the latest Sophos Threat Report. We know what lots of you are thinking. Here come pages and pages of thinly disguised product pitches, setting aside science for sensationalism and advice for advertising. Well, it’s

Apple fans will have the opportunity to purchase a rare piece of cyber history when an Apple-1 computer is auctioned off tomorrow. The machine was hand-built by Steve Wozniak, Steve Jobs, and others in garage in Los Altos, California, in 1976 and 1977. It has been listed by California-based auction house John Moran Auctioneers in their Postwar and Contemporary

A ransomware attack on a laboratory based in Florida has exposed the personal health information (PHI) of more than 30,000 patients.  Nationwide Laboratory Services, which is based in Boca Raton, identified suspicious activity on its network on May 19, 2021. An examination of the activity revealed that attackers had used ransomware to encrypt files across

A digital forensics tool capable of retrieving previously unrecoverable data is now available to license from the United States Department of Defense’s Cyber Crime Center (DC3). DC3’s Advanced Carver was invented by digital forensics expert Dr. Eoghan Casey to salvage corrupted data files from almost any digital device. The tool can be used to recover digital content, including

by Paul Ducklin Have you ever had an angry customer bellow the dreaded words, “Just you wait, I’m going to report you to your manager”, or something along those lines? We’re willing to bet that you have, and word on the street in the UK is that customer complaints, supposedly intensified by coronavirus-related frustrations, are

School districts in Ohio have been given a new online resource to help them improve their cybersecurity posture. The launch of the Ohio Department of Education Cyber Security Resources web page was announced by the Ohio Department of Education’s Cyber Security Steering Committee on November 3. The new resource was developed through the combined efforts of the Ohio Department

by Paul Ducklin [00’21”] Norbert (huzzah for Norbert!) does tech support. [02’38”] Europol digs into the ransomware scene. [09’21”] Microsoft finds a wacky bug in Apple’s shell. [18’09”] The Morris worm turns 33. [21’57”] Edge on Linux phans the phlames. [26’18”] Ola! Gibberish peculiarity textual solvage. With Paul Ducklin and Doug Aamoth. Intro and outro

A 22-year-old man from Britain has been indicted by the United States in connection with the 2019 theft of crypto-currency worth approximately $784,000. It is alleged that Joseph James O’Connor, also known as “PlugwalkJoe,” conspired with others to carry out SIM swap attacks against at least three individuals, all of whom were executives employed by the same