Apr 29, 2023Ravie LakshmananHealthcare / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) medical advisory warning of a critical flaw impacting Illumina medical devices. The issues impact the Universal Copy Service (UCS) software in the Illumina MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq
A UK secondary school has confirmed it was hit by a cyber-incident affecting its IT network. Hardenhuish School in Chippenham, Wiltshire, confirmed the attack on Thursday, saying hackers gained access to network infrastructure and then demanded a ransom for restoring access. At the time of writing, it is unclear whether the school paid the ransom,
by Naked Security writer A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google. Google, it seems, decided to use its size, influence and network data to say, “No more!”, based on evidence it had collected
Apr 28, 2023Ravie LakshmananEndpoint Security / Cryptocurrency Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer (or AMOS) on Telegram for $1,000 per month, joining the likes of MacStealer. “The Atomic macOS Stealer can steal various types of information from the victim’s machine, including Keychain passwords,
Artificial Intelligence (AI) tooling was the hot topic at this year’s RSA Conference, held in San Francisco. The potential of generative AI in cybersecurity tooling has sparked excitement among cybersecurity professionals. However, questions have been raised about the practical usage of AI in cybersecurity and the reliability of the data used to build AI models.
by Paul Ducklin 2FA, HACKING, AND PATCHING No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our
As all things (wrongly called) AI take the world’s biggest security event by storm, we round up of some of their most-touted use cases and applications Okay, so there’s this ChatGPT thing layered on top of AI – well, not really, it seems even the practitioners responsible for some of the most impressive machine learning
Apr 27, 2023Ravie LakshmananBotnet / Cyber Crime Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and “decelerate” its growth. The tech giant’s Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to “not only
Professional sport faces unique cyber-threats and challenges, especially sounding the tie-in cyber has with physical security. These distinctive challenges have led to close collaboration between top organizations in this sector. This is according to CISOs from three of the US’ largest sports – Steve Grossman from the National Basketball Association, Tomás Maldonado at the National
by Paul Ducklin The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. To explain, a 2FA (two-factor authentication) app is one of those programs that you run on your
ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software ESET researchers have discovered a campaign that we attribute to the APT group known as Evasive Panda, where update channels of legitimate applications were mysteriously hijacked to
Apr 26, 2023Ravie LakshmananLinux / Cyber Threat The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033. That’s according to findings from Palo Alto Networks Unit 42, which discovered recent malicious cyber activity carried out by the group targeting
The current democratic system is not for purpose in the 21st Century and requires a radical revamp using modern technologies. This was the key message Bruce Schneier, security technologist, researcher, and lecturer at Harvard Kennedy School, highlighted during his keynote address on day two of the RSA 2023 Conference. Schneier said that democratic systems should
by Paul Ducklin We’ll be honest, and admit that we hadn’t heard of the printer management software PaperCut until this week. In fact, the first time we heard the name was in the context of cybercriminality and malware attacks, and we naively assumed that “PaperCut” was what we like to call a BWAIN. A BWAIN
Apr 25, 2023Ravie LakshmananNetwork Security / DDoS Details have emerged about a high-severity security vulnerability impacting Service Location Protocol (SLP) that could be weaponized to launch volumetric denial-of-service attacks against targets. “Attackers exploiting this vulnerability could leverage vulnerable instances to launch massive Denial-of-Service (DoS) amplification attacks with a factor as high as 2200 times, potentially
To ensure that digital systems and products have security built in by design, the US federal government and cybersecurity professionals have been calling for greater investment in skills and training in cybersecurity throughout the tech sector. Despite CISA Director Jen Easterly recently calling for universities to include security as a standard element in computer science
by Paul Ducklin If you’re a Google Chrome or Microsoft Edge browser fan, you’re probably getting updates automatically and you’re probably up to date already. However… …just in case you’ve missed any updates recently, we suggest you go and check right now, because the Chromium browser core, on which both Edge and Chrome are based,
Apr 24, 2023Ravie LakshmananCyber Espionage The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. “Tomiris’s endgame consistently appears to be the regular theft of internal documents,” security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. “The
Popular software tools such as Zoom, Cisco AnyConnect, ChatGPT and Citrix Workspace have been trojanized to distribute the malware known as Bumblebee. Secureworks’ Counter Threat Unit (CTU) analyzed the findings in a report published on Thursday, saying the infection chain for several of these attacks relied on a malicious Google Ad that sent users to
Before you rush to buy new hardware, try these simple tricks to get your machine up to speed again – and keep it that way. A slow-running computer can be a major headache, affecting your productivity and causing unnecessary stress. But before frustration kicks in and makes you run to buy a new machine, there
Apr 22, 2023Ravie LakshmananPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows – CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability CVE-2023-27350 (CVSS score –
The attack tool known as Evil Extractor and developed by a company called Kodex as an “educational tool,” has been used by threat actors to target Windows-based machines. The claims come from Fortinet security researchers and were described in an advisory published on Thursday. “[We] observed this malware in a phishing email campaign [disguised as account
Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering techniques
Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come courtesy of
An employee from the US Consumer Financial Protection Bureau (CFPB) has reportedly forwarded confidential records of roughly 256,000 consumers and confidential supervisory information of approximately 50 institutions to a personal email account. Congressman Bill Huizenga addressed the claims in a letter to CFPB director, Rohit Chopra, dated April 18. “At the time of your notification,
by Paul Ducklin Logging software has made cyberinsecurity headlines many times before, notably in the case of the Apache Log4J bug known as Log4Shell that ruined Christmas for many sysadmins at the end of 2021. The Log4Shell hole was a security flaw in the logging process itself, and boiled down to the fact that many
Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks Did you mistakenly sell access to your network when you sold a decommissioned router? Recently, ESET researchers purchased several used core routers to set up a test environment, only to find that, in many cases, the previously
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. “The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack,” cloud security firm Aqua said in a report
The 3CX Desktop App software has been reportedly compromised via a prior software supply chain breach, with a North Korean actor suspected to be responsible. According to security researchers at Mandiant, the initial compromise was traced back to malware from financial software firm Trading Technologies’ website. The first attack saw hackers place a backdoor into
by Paul Ducklin LOOPING THE LOOP No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS
- « Previous Page
- 1
- …
- 28
- 29
- 30
- 31
- 32
- …
- 114
- Next Page »