The Apache Software Foundation on Thursday released additional security updates for its HTTP Server product to remediate what it says is an “incomplete fix” for an actively exploited path traversal and remote code execution flaw that it patched earlier this week. CVE-2021-42013, as the new vulnerability is identified as, builds upon CVE-2021-41773, a flaw that
A student at East Carolina University has been charged with cyber-stalking after allegedly posing as a member of a rival fraternity to upload a racist post to social media. A police investigation was launched after an offensive message, purporting to be from the university’s Theta Chi chapter, was uploaded anonymously to Yik Yak in August.
Today marks a significant and exciting step forward for the combined McAfee Enterprise and FireEye businesses as we create a pure play, cybersecurity market leader. I’m incredibly proud to be writing this as the newly appointed CEO of this combined business. Keeping nations and large enterprises safe is – I believe – one of the
Cryptocurrencies rise and fall, but one thing stays the same – cybercriminals attempt to cash in on the craze Cybercriminals are trying to capitalize on “the next big thing” in the turbulent cryptocurrency space in an attempt to take remote control of people’s computers and then steal their passwords and money. A campaign spotted recently
Cybersecurity researchers have detailed a new campaign that likely targets entities in Southeast Asia with a previously unrecognized Linux malware that’s engineered to enable remote access to its operators, in addition to amassing credentials and function as a proxy server. The malware family, dubbed “FontOnLake” by Slovak cybersecurity firm ESET, is said to feature “well-designed
by Paul Ducklin Software patches are sometimes a bit like buses. You don’t get one for a while, and then three come at once. For buses on busy urban routes, at least, the explanation of the phenomenon goes something like this. If three buses start out travelling the same route together in a nicely spaced
An international psychic mail fraud scheme that sold the promise of good fortune to tens of thousands of victims has been shut down by a United States court. Earlier today, the US District Court for the Southern District of Florida entered a permanent injunction against three residents of France and two corporate defendants who had been carrying
The nationally recognized Hispanic Heritage Month grew out of a desire to educate people all over the country about the many contributions the Hispanic community has made to U.S. culture. Here at McAfee Enterprise, we’re taking this year’s Hispanic Heritage Month to spotlight members of the LatinX community who are using their platforms to make
ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks ESET researchers have discovered a previously unknown malware family that utilizes custom and well-designed modules, targeting systems running Linux. Modules used by this malware family, which we dubbed FontOnLake, are constantly under development and provide remote access to the
An “aggressive” financially motivated threat actor has been identified as linked to a string of RYUK ransomware attacks since October 2018, while maintaining close partnerships with TrickBot-affiliated threat actors and using a publicly available arsenal of tools such as Cobalt Strike Beacon payloads to interact with victim networks. Cybersecurity firm Mandiant attributed the intrusions to
by Paul Ducklin [01’47”] Apple Pay gets hacked (sort of). [13’18”] DOJ busts four gift card scamming suspects. [25’23”] We give you our top tips for #Cybermonth. [27’40”] Ukrainian Cyberpolice take on ransomware crooks. [32’13”] Oh! No! The user that volunteered to RTFM!? With Paul Ducklin and Doug Aamoth. Intro and outro music by Edith
What is chaos engineering is and how to get started? What are the different types of tests and how does it compare to other options? These were questions that Holly Grace Williams, founder of Akimbo Core, aimed to tackle during a technical session at the Digital Transformation EXPO Europe 2021. The ‘A Chaos Podcast Presents: A Beginner’s
Did you know, the timing of Hispanic Heritage Month coincides with the Independence Day celebrations of several Latin American nations? At McAfee Enterprise, we’re celebrating Hispanic Heritage Month by recognizing some of our amazing employees and asking them about their heritage and the impact it had on their career and journey to cybersecurity. Read my
Two-factor authentication is a simple way to greatly enhance the security of your account Google has announced that by the end of 2021 it plans to automatically enroll 150 million users into two-step verification (2SV), a security measure also commonly known as two-factor authentication (2FA). “For years, Google has been at the forefront of innovation
A high-severity code injection vulnerability has been disclosed in 23andMe’s Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code. The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution.
by Paul Ducklin The venerable Apache web server has just been updated to fix a dangerous remote code execution (RCE) bug. This bug is already both widely-known and trivial to exploit, with examples now circulating freely on Twitter, and a single, innocent-looking web request aimed at your server could be enough for an attacker to
A working group appointed by the International Association of Scientific, Technical and Medical Publishers (STM) has published a new set of guidelines to tackle the issue of doctored images in scientific research papers. The recommendations of the Standards and Technology Committee (STEC) include a three-tier classification system that editors can use to flag suspicious content, and detailed
A good time to check if someone is using your identity is before it even happens. One of identity theft’s several downsides is how people discover they’ve become a victim in the first place—by surprise. They go to rent an apartment, open a line of credit, or apply for financing, only to discover that their finances or reputation has taken a hit because of identity thief. And those
ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012 ESET researchers analyze a previously undocumented, real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which we’ve named ESPecter, can bypass Windows Driver Signature Enforcement to load its own unsigned driver, which
Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing
by Paul Ducklin Back in June this year, we wrote about a ransomware-related bust in Ukraine, featuring a police video in which a high-security door was dismantled with a BFG (Big Fat Grinder), substantial piles of cash were counted out and packed into evidence bags, and numerous fancy cars were seized. Well, here’s another bust
A voucher scheme launched by the Northern Ireland Assembly to stimulate economic growth following Covid-19 lockdowns is having an identity crisis. Under the £145m High Street Spend Local Scheme, the approximately 1.4 million residents of Northern Ireland who are aged 18 and over are eligible to apply for a £100 Spend Local voucher. The voucher takes the form
Welcome back to our executive blog series, where I chat with some of the pivotal players behind McAfee Enterprise to hear their takes on today’s security trends, challenges, and opportunities for enterprises across the globe. Dive into the conversation below with Vice President, Global Commercial, Britt Norwood. Q: What’s the first career you dreamed of having
Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence, once again demonstrating how technology meant to secure the environment prior
by Paul Ducklin As you probably know (or, at least, as you know now!), October is Cybersecurity Awareness Month, which means it’s a great opportunity to do three things: Stop. Think. Connect. Those three words were chosen many years ago by the US public service as a short and simple motto for cybersecurity awareness. 5
A former Facebook employee is to appear before a US Senate subcommittee tomorrow after blowing the whistle on the company’s alleged prioritization of profit above user welfare. Frances Haugen, a 37-year-old data scientist from Iowa, revealed yesterday that it was she who leaked internal research carried out by Facebook to the Wall Street Journal. This research formed the
We hope you’ve enjoyed Cyber Awareness month. This year’s theme asked us all to do our part to stay safer online. The idea is that if we each take steps to secure our lives online, then together we all contribute to creating a safer, more secure internet. Of course, it’s our job to help you #BeCyberSmart. With that in mind, we’ve pulled together all the safety tips we featured in October. From family
A newly discovered data exfiltration mechanism employs Ethernet cables as a “transmitting antenna” to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research. “It’s interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack,” Dr. Mordechai Guri, the head of R&D in
The owner of two chains of American luxury department stores has warned 4.6 million Neiman Marcus customers that their personal data may have been exposed in a security incident that happened 17 months ago. Neiman Marcus Group, which owns the Neiman Marcus and Bergdorf Goodman department stores, as well as the high-end home goods line
You can’t automate every business process. While I love automation and promote the concept, I know its limitations. This viewpoint needs to be recognized and observed as more security officials implement automation within their organizations. I’d estimate that for most enterprises, the first 80 percent of migrating and integrating processes to automation is easy to