Nearly three weeks after Florida-based software vendor Kaseya was hit by a widespread supply-chain ransomware attack, the company on Thursday said it obtained a universal decryptor to unlock systems and help customers recover their data. “On July 21, Kaseya obtained a decryptor for victims of the REvil ransomware attack, and we’re working to remediate customers
Month: July 2021
by Paul Ducklin As if one Windows Nightmare dogging all our printers were not enough… …here’s another bug, disclosed by Microsoft on 2021-07-20, that could expose critical secrets from the Windows registry. Denoted CVE-2021-36934, this one has variously been nicknamed HiveNightmare and SeriousSAM. The moniker HiveNightmare comes from the fact that Windows stores its registry
Over the past year and a half, workers everywhere have gotten used to working from home. They have adopted an entirely new work from home mindset and diverted their weekly commuting hours to other productive and more enjoyable pursuits. As parts of the world return to a “new normal,” another change is on the way: a gradual return to the
Cybercriminals may target the popular event with ransomware, phishing, or DDoS attacks in a bid to increase their notoriety or make money The United States’ Federal Bureau of Investigation (FBI) has issued a warning about threat actors potentially attempting to disrupt the upcoming Tokyo 2020 Summer Olympics. It went on to warn that cybercriminals could utilize various
A software package available from the official NPM repository has been revealed to be actually a front for a tool that’s designed to steal saved passwords from the Chrome web browser. The package in question, named “nodejs_net_server” and downloaded over 1,283 times since February 2019, was last updated seven months ago (version 1.1.2), with its
by Paul Ducklin It’s already nearly two months since Apple’s last security update to iOS 14, which was back on 2021-05-24 when iOS 14.6 appeared. So we weren’t surprised to see that another patch is out, officially listed [2021-07-19] as covering iOS (now on 14.7), tvOS (now also 14.7) and watchOS (now on 7.6). Annoyingly,
With the increase in online activities due to the COVID-19 pandemic, consumers are potentially becoming exposed to more online threats, and nearly 1 in 3 Americans are not confident in their ability to prevent a cyberattack. Through a partnership with American Express via the Amex Offers Program, McAfee is delighted to offer eligible American Express Card Members personal online
On iOS we have seen link shortener services pushing spam calendar files to victims’ devices. We hope you already know that you shouldn’t click on just any URLs. You might be sent one in a message; somebody might insert one under a social media post or you could be provided with one on basically any
Details have emerged about a high severity security vulnerability affecting a software driver used in HP, Xerox, and Samsung printers that has remained undetected since 2005. Tracked as CVE-2021-3438 (CVSS score: 8.8), the issue concerns a buffer overflow in a print driver installer package named “SSPORT.SYS” that can enable remote privilege and arbitrary code execution.
In 2021 ransomware attacks have been dominant among the bigger cyber security stories. Hence, I was not surprized to see that McAfee’s June 2021 Threat report is primarily focused on this topic. This report provides a large range of statistics using the McAfee data lake behind MVISION Insights, including the Top MITRE ATT&CK Techniques. In
A threat group likely based in Romania and active since at least 2020 has been behind an active cryptojacking campaign targeting Linux-based machines with a previously undocumented SSH brute-forcer written in Golang. Dubbed “Diicot brute,” the password cracking tool is alleged to be distributed via a software-as-a-service model, with each threat actor furnishing their own
by Paul Ducklin [01’32”] We explain how a format string bug could lock your iPhone out of your own network. [08’53”] We revisit the PrintNightmare saga, which is sort-of fixed but not really. [12’50”] We look back at the 20-year-old Code Red virus. [18’30”] We look at what cybercriminals spend money on (hint: more cybercrime). [29’10”] And in this week’s “Oh! No!”, we learn
Depending on where your travels take you, you might need a new passport—a COVID-19 vaccine passport. In an effort to kickstart travel and local economies, these so-called vaccine passports are more accurately a certificate. Such a “passport” can offer proof that the holder has been fully vaccinated against the virus, and there are several of these passports developing in the wings. With all of this in motion, I wanted to give families a look at
How can organizations mitigate the risk of damaging cyberattacks while juggling the constantly changing mix of office and off-site workers? The pandemic may finally be receding, but remote working is very much here to stay. The model that appears to be gaining most traction is a hybrid one, where most staff are allowed to spend
Instagram earlier this week introduced a new “Security Checkup” feature that aims to keep accounts safe and help users—whose accounts may have been compromised—to recover them. In order to gain access to accounts, users will be prompted to perform a series of steps, which include checking recent login activity, reviewing profile information, and updating contact
by Paul Ducklin Just over a week ago, we wrote about the REvil ransomware gang’s latest braggadoccio. As you probably know, ransomware operators like REvil, Clop and others don’t generally work on the front line themselves by conducting the actual network intrusions that deliver the final ransomware warhead. Instead, they recruit teams of “attack affiliates”
This blog was written byVaradharajan Krishnasamy, Karthickkumar, Sakshi Jaiswal Introduction Ransomware attacks are one of the most common cyber-attacks among organizations; due to an increase in Ransomware-as-a-service (RaaS) on the black market. RaaS provides readily available ransomware to cyber criminals and is an effective way for attackers to deploy a variety of ransomware in a
From securing your devices to avoiding public Wi-Fi hotspots for logging into apps we look at measures you can take to remain safe while this holiday season. Summer vacations are slowly inching closer, a welcome respite from the COVID-19 pandemic that has been raging around the world for well over a year now. And with the
The Cyberspace Administration of China (CAC) has issued new stricter vulnerability disclosures regulations that mandate security researchers uncovering critical flaws in computer systems to mandatorily disclose them first-hand to the government authorities within two days of filing a report. The “Regulations on the Management of Network Product Security Vulnerability” are expected to go into effect
by Paul Ducklin “It never rains but that it pours,” as the old weather adage goes. That’s certainly how Microsoft must be seeing things right now, following the official announcement of yet another unpatched vulnerability in the Windows Print Spooler service. Dubbed CVE-2021-34481, this one isn’t quite as bad as the previous PrintNightmare problems, because
The overarching threat facing cyber organizations today is a highly skilled asymmetric enemy, well-funded and resolute in his task and purpose. You never can exactly tell how they will come at you, but come they will. It’s no different than fighting a kinetic foe in that, before you fight, you must choose your ground and
The newest update fixes a total of eight vulnerabilities affecting the desktop versions of the popular browser. Google has rolled out an update for its Chrome web browser that fixes a range of vulnerabilities, including a zero-day flaw that has been known to be actively exploited in the wild. The security loopholes affect the Windows,
Two of the zero-day Windows flaws patched by Microsoft as part of its Patch Tuesday update earlier this week were weaponized by an Israel-based company called Candiru in a series of “precision attacks” to hack more than 100 journalists, academics, activists, and political dissidents globally. The spyware vendor was also formally identified as the commercial
by Paul Ducklin There’s a famous and very catchy song that starts, “It was 20 years ago today…” In the song, of course, Sergeant Pepper was busily teaching his band to play – a band, as the song assures us, that was guaranteed to raise a smile. But can you remember where you were and
What happened Microsoft has shipped an emergency security update affecting most Windows users. This update partially addresses a security vulnerability known as PrintNightmare that could allow remote hackers to take over your system. How does this affect you? PrintNightmare could allow hackers to gain control of your computer. This means hackers could perform malicious activities like installing their own apps, stealing your data, and creating new user accounts. How to fix the issue Microsoft recommends Windows
If you’ll be watching Sports Streaming events on your SmartTV, laptop, tablet or cell phone, learn the tips to keep you and your personal data safe. After a year and a half of cancelled global events, the 2021 summer season is proving to be full of major sporting events across the globe, and all sports
A sweeping and “highly active campaign” that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines, according to new research. Russian cybersecurity firm Kaspersky, which first spotted the infections in October 2020, attributed them to a threat actor it tracks as “LuminousMoth,” which it
by Paul Ducklin We’ve written several times before about home delivery scams, where cybercriminals take advantage of our ever-increasing (and, in coronavirus times, often unavoidable) use of online ordering combined with to-the-doorstep delivery. Over the past year or so, we’ve noticed what we must grudgingly admit is a gradual improvement in believability on the part
Small business owners are getting a special deal on their online protection through a partnership between McAfee and Visa. With new ways of working creating online opportunities and risks for small business owners, McAfee and Visa have come together to offer comprehensive protection for a changed business landscape. Designed to help you minimize costs and unexpected interruptions to your business, McAfee® Security for Visa cardholders provides award-winning antivirus, ransomware, and malware
The latest Patch Tuesday brings a new batch of security updates addressing a total of 117 vulnerabilities The second Tuesday of the month is here, which means that Microsoft has rolled out patches for security vulnerabilities in Windows and its other products as part of its monthly Patch Tuesday bundle. This month’s batch of security updates brings