Office Sentinel

European police have arrested scores of suspects and seized thousands of stolen artefacts after a joint physical and cyber operation last year, according to Europol. Operation Pandora VII involved police from Austria, Bulgaria, the Czech Republic, Croatia, Cyprus, Greece, Ireland, Italy, Poland, Portugal, Romania, Spain, Sweden and Bosnia and Herzegovina. As with previous iterations, the

Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs (CRIL), Kekw malware can steal sensitive information from infected systems and perform clipper activities that can hijack cryptocurrency transactions. “Following our investigation, we found that

The North Korean state-sponsored APT group known as Kimsuky has been observed using a new malware component called ReconShark. According to an advisory published by SentinelOne security researchers on Thursday, ReconShark is distributed through targeted spear-phishing emails, which contain OneDrive links that lead to downloading documents and activating harmful macros. “The spear-phishing emails are made

by Paul Ducklin World Password Day is always hard to write tips for, because the primary advice you’ll hear has been the same for many years. That’s because the “passwordless future” that we’ve all been promised is still some time away, even if some services already support it. Simply put, we’re stuck with the old,

The City of Dallas in Texas, US, has confirmed a ransomware attack took down essential services, including some 911 dispatch systems.  “Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment,” the City wrote in a press release. “Subsequently, the City has

by Paul Ducklin We’ve written about PHP’s Packagist ecosystem before. Like PyPI for Pythonistas, Gems for Ruby fans, NPM for JavaScript programmers, or LuaRocks for Luaphiles, Packagist is a repository where community contributors can publish details of PHP packages they’ve created. This makes it easy for fellow PHP coders to get hold of library code

Pediatric mental health provider Brightline has warned patients that it suffered a data breach on January 30, impacting 783,606 people. Writing in a notice on its website earlier this week, Brightline said the breach was related to a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform. “Through its investigation, Fortra states that it

by Paul Ducklin SILENT SECURITY! (IS THAT A GOOD THING?) No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the

The US Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to incorporate the Covered List created by the Federal Communications Commission (FCC) into their risk management plans. The list encompasses a number of communications equipment and service providers that have been determined by the US government to pose a potential national security risk according

by Paul Ducklin Apple’s AirTag system has famously been subjected to firmware hacking, used as a free low-bandwidth community radio network, and involved in a stalking incident that tragically ended in a murder charge. To be fair to Apple, the company has introduced various tricks and techniques to make AirTags harder for stalkers and criminals

German IT service provider Bitmarck has confirmed bringing all of its customer and internal systems offline due to a cyber-attack discovered over the weekend. Writing on a temporary website on Sunday (and then on Monday), the company said the cyber-attack was detected by its early warning systems. “In compliance with our security protocol, we have

An Ohio man has been sentenced to four years and three months behind bars after stealing 712 bitcoin ($21m), which were seized by investigators following the arrest of his brother. Gary James Harmon, 31, of Cleveland, stole the cryptocurrency, which was the subject of “pending criminal forfeiture proceedings” in the case of his sibling, Larry

by Paul Ducklin We’ve written about the uncertainty of Apple’s security update process many times before. We’ve had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them… …but without even the vaguest description of what sort of criminals, and what they

Multiple Android applications have been observed not invalidating or revalidating session cookies during app data transfer from one device to another. The technique would enable attackers with a highly privileged device migration tool to move applications to a new Android device, causing migration issues, according to a new advisory by CloudSEK researchers. “This means if

by Paul Ducklin Researchers at dark web monitoring company Cyble recently wrote about a data-stealing-as-a-service toolkit that they found being advertised in an underground Telegram channel. One somewhat unusual aspect of this “service” (and in this context, we don’t mean that word in any sort of positive sense!) is that it was specifically built to

Weekly cyber-attacks have increased worldwide by 7% in Q1 2023 compared to the same period last year, with each firm facing an average of 1248 attacks per week. The figures come from Check Point’s latest research report, which also suggests that the education and research sector experienced the highest number of attacks, rising to an