by Paul Ducklin Earlier this month, the NortonLifeLock online identity protection service, owned by Arizona-based technology company Gen Digital, sent a security warning to many of its customers. The warning letter can be viewed online, for example on the website of the Office of the Vermont Attorney General, where it appears under the title NortonLifeLock
Don’t be the next victim – here’s what to know about some of the most common tricks that scammers use on the payment app Today’s consumers have a wealth of choice when it comes to paying and sending money online. A range of slick digital payment apps have emerged over recent years to make the
Jan 18, 2023Ravie LakshmananICS/SCADA Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via
The US Department of Defense (DoD) has confirmed it will soon launch the third part of its ‘Hack the Pentagon’ bug bounty program, first unveiled in 2016. According to a dedicated page on the Sam.Gov website, the initiative will rely on cybersecurity researchers to find vulnerabilities in the government’s Facility Related Controls System (FRCS) network.
by Paul Ducklin Another day, another series of cryptocurrency scams… …these, fortunately, brought to a halt, though sadly not before they’d defrauded “investors” around the globe to the tune of millions of dollars. According to Europol, 216 people were questioned in Bulgaria, Cyprus, Germany and Serbia; 15 have already been arrested; 22 searches were conducted,
It is now acceptable to find a job on a dating app! As we observed last week, many enterprises and small and medium businesses (SMBs) take advantage of solutions such as Slack, Zoom or Microsoft Teams for collaborative work. At the same time, these platforms are still trying to figure out better ways to create
Jan 17, 2023Ravie LakshmananSoftware Security / Supply Chain A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package Index (PyPI) repository that are designed to drop malware on compromised developer systems. The packages – named colorslib (versions 4.6.11 and 4.6.12), httpslib (versions 4.6.9 and 4.6.11), and libhttps (version 4.6.12)
Cisco has warned customers of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. The security flaw (tracked CVE-2023-20025) has been found in the web-based management interface of Cisco Small Business (SMB) RV016, RV042, RV042G and RV082 routers provided by Hou Liuyang of Qihoo 360 Netlab. “[These vulnerabilities] could allow a remote
Jan 14, 2023Ravie LakshmananServer Security / Patch Management A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That’s according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be
Russian cyber-criminals have been observed on dark web forums trying to bypass OpenAI’s API restrictions to gain access to the ChatGPT chatbot for nefarious purposes. Various individuals have been observed, for instance, discussing how to use stolen payment cards to pay for upgraded users on OpenAI (thus circumventing the limitations of free accounts). Others have
Hybrid work and hybrid play now merge into hybrid living, but where is the line between the two? Is there one? That the COVID-19 pandemic brought a new normal to businesses, educational institutions, and our everyday lives is an understatement. Many interactions, whether work-related or personal, moved online or at least gained a virtual mirror.
Jan 14, 2023Ravie LakshmananDevOps / Data Security DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee’s laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company’s systems and data last month. The CI/CD service CircleCI said the “sophisticated attack” took place on December 16, 2022, and that
The pro-Russia hacktivist group known as NoName057(16) has recently started new attacks against organizations and businesses across Poland, Lithuania and other countries. Most recently, the group began targeting the websites of the Czech presidential election candidates. According to SentinelOne, who discovered the new campaigns, the group conducted these campaigns by using public Telegram channels, a distributed
StrongPity’s backdoor is fitted with various spying features and can record phone calls, collect texts, and gather call logs and contact lists This week, the ESET research team published their findings about an espionage campaign by the StrongPity APT group that spreads a fully functional, but trojanized version of the legitimate Telegram app for Android.
Jan 14, 2023Ravie LakshmananPrivacy / Online Safety Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by the French data protection watchdog for breaking cookie consent rules, making it the latest platform to face similar penalties after Amazon, Google, Meta, and Microsoft since 2020. “Users of ‘tiktok[.]com’ could not refuse
The Guardian has confirmed that threat actors stole the personal data of UK staff members during the ransomware attack that affected its systems on December 20, 2022. The updates come from The Guardian Media Group’s chief executive, Anna Bateson, and The Guardian‘s editor-in-chief, Katharine Viner, who emailed staff members on Wednesday. The executives have described
by Paul Ducklin THE CRYPTO CRISIS THAT WASN’T Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good
ESET Research announces IPyIDA 2.0, a Python plugin integrating IPython and Jupyter Notebook into IDA IDA Pro from Hex-Rays is probably the most popular tool today for reverse-engineering software. For ESET researchers, this tool is a favorite disassembler and has inspired the development of the IPyIDA plugin that embeds an IPython kernel into IDA Pro. Under
Jan 12, 2023Ravie LakshmananActive Directory / Malware A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. “Throughout the attack, the attacker followed a routine
A new advanced persistent threat (APT) group dubbed ‘Dark Pink’ by Group-IB (and ‘Saaiwc Group’ by Chinese cybersecurity researchers) has been spotted targeting various entities across Asia-Pacific and Europe, mainly with spear phishing techniques. According to a new advisory published by Group-IB earlier today, Dark Pink began operations as early as mid-2021, although the group’s
by Paul Ducklin JWT is short for JSON Web Token, where JSON itself is short for JavaScript Object Notation. JSON is a modernish way of representing structured data; its format is a bit like XML, and can often be used instead, but without all the opening-and-closing angle brackets to get in the way of legibility.
A new law portends a future where (we hope) it will be easier for us all to repair, fix, upgrade, and just tinker with things we already own Want to secure, patch, upgrade, or modify tech you own? You may not be able to, if some manufacturers have anything to say about it. They view
Jan 12, 2023Ravie LakshmananServer Security / Linux Malicious actors are actively attempting to exploit a recently patched critical vulnerability in Control Web Panel (CWP) that enables elevated privileges and unauthenticated remote code execution (RCE) on susceptible servers. Tracked as CVE-2022-44877 (CVSS score: 9.8), the bug impacts all versions of the software before 0.9.8.1147 and was
The US Supreme Court gave the green light on Monday for WhatsApp to pursue a lawsuit against NSO Group, the Israeli surveillance company, for installing the Pegasus spyware on roughly 1400 devices where WhatsApp was also installed. More specifically, the court has ruled that WhatsApp is allowed to sue for damages ensued by the malicious installation
by Paul Ducklin As far as we can tell, there are a whopping 2874 items in this month’s Patch Tuesday update list from Microsoft, based on the CSV download we just grabbed from Redmond’s Security Update Guide web page. (The website itself says 2283, but the CSV export contained 2875 lines, where the first line
ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild. 11 of the 98 issues are rated Critical and 87 are rated Important in severity, with one of the vulnerabilities also listed as
Are you an online oversharer? Do you give your full birthday to all your online shopping accounts? Have a few companies you have accounts with been breached but you didn’t take any action at the time? If you have bad digital habits, now is an excellent time to reset your digital presence. In isolation, these
The South African threat actors known as “Automated Libra” have been improving their techniques to exploit cloud platform resources for cryptocurrency mining. According to Palo Alto Networks Unit 42, the threat actors have used a new Captcha-solving system alongside a more aggressive use of CPU resources for mining and the mix of “freejacking” with the
by Paul Ducklin If you’re a programmer, whether you code for a hobby or professionally, you’ll know that creating a new version of your project – an official “release” version that you yourself, or your friends, or your customers, will actually install and use – is always a bit of a white-knuckle ride. After all,
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- …
- 75
- Next Page »