A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts Despite threats seemingly looming around every corner (I’m looking at you, Delta), the past four months were the time of summer vacations for many of us located in the northern hemisphere,
In yet another indicator of how hacking groups are quick to capitalize on world events and improvise their attack campaigns for maximum impact, threat actors have been discovered impersonating Amnesty International to distribute malware that purports to be security software designed to safeguard against NSO Group’s Pegasus surveillanceware. “Adversaries have set up a phony website
by Paul Ducklin [00’22”] Guess what? iOS 12 wasn’t dead, it was just resting. [03’04”] Let’s Encrypt brings HTTPS to everyone. [12’12”] Researchers rediscover an Outlook data leakage issue. [25’34”] VMware keeps it real. [28’47”] Oh! No! When the mouse is away, the cat will play. With Paul Ducklin and Doug Aamoth. Intro and outro
America’s head of state, Joe Biden, has announced plans to hold a meeting with representatives of 30 different countries later this month to discuss ransomware and other cybersecurity issues. In a statement released to coincide with the first day of America’s annual Cybersecurity Awareness Month, President Biden said that the chief purpose of the confab would be to address
I spoke with Anand Ramanathan, VP of Products and Marketing who brings over 20 years of enterprise SaaS product experience ranging from high growth startups to established market leaders. Read the interview below to understand his thoughts on McAfee Enterprise and where he see’s the company going in the coming years. Q: What is your
The campaign may last for a month, but we should remember that cybersecurity is a year-round affair The month of October is associated with a variety of themes, but it also ushers in the start of autumn and pumpkin-spiced lattes and culminates with one of the scariest days of the year – Halloween. However, beyond
A formerly unknown Chinese-speaking threat actor has been linked to a long-standing evasive operation aimed at South East Asian targets as far back as July 2020 to deploy a kernel-mode rootkit on compromised Windows systems. Attacks mounted by the hacking group, dubbed GhostEmperor by Kaspersky, are also said to have used a “sophisticated multi-stage malware
by Paul Ducklin You might be forgiven for thinking that cybercrime is almost all about ransomware and cryptocoins these days. In a ransomware attack, the crooks typically blackmail you to send them cryptocurrency in return for giving you your stolen data back (or for not selling it on to someone else). In a cryptocoin attack,
Today marks the start of the 18th Annual Cybersecurity Awareness Month in America, and this year’s theme is “Do Your Part. #BeCyberSmart.” The digital safety initiative was launched back in October 2004 by the National Cyber Security Alliance and the United States Department of Homeland Security to help the public stay safe and secure while
When it comes to crime, what do people worry about most? Having their car stolen? A break-in while they’re not at home? Good answers, but not the top answer by a long shot. In this U.S.-based survey, hacker-related crime weighed in at 72%, with a home burglary at 35% and auto theft at 34%, indicating that people’s concerns
Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds Cybercriminals could make fraudulent purchases by circumventing an iPhone’s Apple Pay lock screen where the device’s wallet has a Visa card set up in so-called transit mode. The attackers could also bypass the contactless limit
Cybersecurity researchers have disclosed an unpatched flaw in Apple Pay that attackers could abuse to make an unauthorized Visa payment with a locked iPhone by taking advantage of the Express Travel mode set up in the device’s wallet. “An attacker only needs a stolen, powered on iPhone. The transactions could also be relayed from an
by Paul Ducklin A not-yet-published paper from researchers in the UK has been making media headlines because of its dramatic claims about Apple Pay. Apple-centric publication 9to5Mac covered it with a headline that was almost a story in itself: Apparent flaw allows hackers to steal money from a locked iPhone, when a Visa card is
Many iPhone users are vulnerable to payment fraud due to vulnerabilities in Apple Pay and Visa, according to new research from the University of Birmingham and the University of Surrey. The experts revealed they could bypass an iPhone’s Apple Pay lock screen to perform contactless payments when the Visa card is set up in ‘Express Transit mode’
The latest gadget on the tech and fashion streets is Ray-Ban Stories, a sunglasses collaboration between Facebook and Ray-Ban. These pair of shades feature two cameras that capture video, audio, and photos and sync to a mobile app. Social media fanatics are excited about this new ability to capture and share hands-free content. Do gadgets like Ray-Ban Stories make you immediately think,
What your organization should consider when it comes to choosing a VPN solution and hardening it against attacks The NSA and CISA have released joint guidance to help organizations select their Virtual Private Network (VPN) solution and hardening it against compromise. Vulnerable VPN servers are attractive targets for threat actors, as they provide great opportunities
Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks. “This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the targeted organization’s tenant,” researchers from Secureworks
Summary In late June 2021, Secureworks® Counter Threat Unit™ (CTU) researchers discovered a flaw in the protocol used by the Azure Active Directory Seamless Single Sign-On feature. This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the targeted organization’s tenant. CTU™ researchers reported
Data breaches at two American mental healthcare providers may have exposed the personal health information (PHI) of thousands of individuals. Horizon House, Inc., which is in Philadelphia, Pennsylvania, warned that 27,823 people may have been impacted by a cyber-attack that took place in the late winter. The provider of mental health and residential treatment services detected
The security operations center (SecOps) team sits on the front lines of a cybersecurity battlefield. The SecOps team works around the clock with precious and limited resources to monitor enterprise systems, identify and investigate cybersecurity threats, and defend against security breaches. One of the important goals of SecOps is a faster and more effective collaboration
A newly discovered “aggressive” mobile campaign has infected north of 10 million users from over 70 countries via seemingly innocuous Android apps that subscribe the individuals to premium services costing €36 (~$42) per month without their knowledge. Zimperium zLabs dubbed the malicious trojan “GriftHorse.” The money-making scheme is believed to have been under active development
by Paul Ducklin You’ve probably heard of Let’s Encrypt, an organisation that makes it easy and cheap (in fact, free) to get HTTPS certificates for your web servers. HTTPS, short for secure HTTP, relies on the encryption protocol known as TLS, which is short for transport layer security. TLS encrypts and protects the data you
A new emergency fraud hotline has been set up to help tackle surging financial scams in the UK. UK citizens who believe someone is maybe trying to trick them into handing over money or personal details can now be automatically connected with their bank’s fraud prevention service by dialing 159. The service will work in
Overview On March 21st, 2021, the McAfee Enterprise Advanced Threat Research (ATR) team released several vulnerabilities it discovered in the Netop Vision Pro Education software, a popular schooling software used by more than 9,000 school systems around the world. Netop was very responsive and released several updates to address many of the critical findings, creating
The emergency release comes a mere three days after Google’s previous update that plugged another 19 security loopholes Google has released an emergency update for its Chrome web browser to fix a zero-day vulnerability that is known to be actively exploited in the wild by malicious actors. The security loophole affects the Windows, macOS, and
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) injection flaw that could
Huawei’s CFO is finally back in China after striking a plea deal with the US authorities in which she admitted playing a pivotal role in a scheme designed to defraud a global financial institution. Meng Wanzhou, the daughter of Huawei founder Ren Zhengfei, was indicted by the US in 2019 on charges associated with the firm’s alleged
Chances are, you’ve heard the term VPN more and more lately but still can’t figure out exactly what it does or if your family needs one. You aren’t alone. The short answer is yes—you need a VPN on your family devices—and here’s why. One of the main reasons you’re hearing more about VPNs is that cybercrime and data breaches are skyrocketing—especially since the pandemic.
State-sponsored hackers affiliated with Russia are behind a new series of intrusions using a previously undocumented implant to compromise systems in the U.S., Germany, and Afghanistan. Cisco Talos attributed the attacks to the Turla advanced persistent threat (APT) group, coining the malware “TinyTurla” for its limited functionality and efficient coding style that allows it to
Lawmakers in Florida are asking why the state has failed to spend millions of dollars it was assigned to fund the implementation of new cybersecurity measures. The Miami Herald reports that despite lawmakers’ allocating $30m for the improvements months ago, the Sunshine State is yet to spend a single cent. The office of Florida’s statewide chief information