Cybersecurity researchers are drawing attention to an ongoing wave of attacks linked to a threat cluster tracked as Raspberry Robin that’s behind a Windows malware with worm-like capabilities. Describing it as a “persistent” and “spreading” threat, Cybereason said it observed a number of victims in Europe. The infections involve a worm that propagates over removable
Month: July 2022
Fewer people carry cash these days, kids included. This growing paperless reality fast-forwards the parenting task of educating kids on financial responsibility. As of 2021, most cash apps allow kids 13 and up to open accounts (previously, the age was 18). Kids can also get a cash app debit card for retail purchases. But while
Apple has announced a new set of iPhone features called “Lockdown Mode.” Unveiled in a blog post on Wednesday, Lockdown Mode will land on iOS 16, iPadOS 16, and macOS Ventura devices in the fall of this year, and offer a number of security features. Apple called the mode an “extreme, optional level of security
by Paul Ducklin Remember the Log4Shell bug that showed up in Apache Log4j late in 2021? Log4j is one of the Apache Software Foundation’s many software projects (more than 350 at current count), and it’s a programming library that Java coders can use to manage logfiles in their own products. Logfiles are a vital part
In a new joint cybersecurity advisory, U.S. cybersecurity and intelligence agencies have warned about the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021. “North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including electronic health records
It’s a question we get a lot from parents: “How can I keep my kids safe when they are constantly hopping between so many different apps?” We get it, there’s a lot to stay on top and all of it changes constantly. Unfortunately, that question doesn’t have a simple answer. But there are some baseline
The Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory suggesting North Korean state-sponsored cyber actors are using the Maui ransomware to target Healthcare and Public Health (HPH) Sector organizations in the US. According to the document – a joint effort between CISA, the Federal Bureau of Investigation (FBI) and the Department of
by Paul Ducklin Just over a week ago, the newswires were abuzz with news of a potentially serious bug in the widely-used cryptographic library OpenSSL. Some headlines went as far as describing the bug as a possibly “worse-than-Heartbleed flaw”, which was dramatic language indeed. Heartbleed, as you may remember, was an incredibly high-profile data leakage
Here’s what to watch out for when buying or selling stuff on the online marketplace and how to tell if you’re being scammed Last year, Facebook Marketplace passed one billion global users. In so doing, it’s become a giant of the consumer-to-consumer space, allowing individual Facebook users to buy from and sell to each other
Apple on Wednesday announced it plans to introduce an enhanced security setting called Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura to safeguard high-risk users against “highly targeted cyberattacks.” The “extreme, optional protection” feature, now available for preview in beta versions of its upcoming software, is designed to counter a surge in threats
In the spirit of #PrideMonth, McAfee hosted month-long celebrations across the world. One of these was a live event hosted by the McAfee Pride Community with a guest speaker from the Resource Center that focused on the history of Pride, support, allyship, and belonging. We took a moment to ask our event guest speaker, Leslie
The US Department of Commerce’s National Institute of Standards and Technology (NIST) has selected the first-ever group of encryption tools that could potentially withstand the attack of a quantum computer. The four selected encryption algorithms will now reportedly become part of NIST’s post-quantum cryptographic (PQC) standard, which should be finalized in about two years. More specifically, for
by Paul Ducklin Google’s latest update to the Chrome browser fixes a varying number of bugs, depending on whether you’re on Android, Windows or Mac, and depending on whether you’re running the “stable channel” or the “extended stable channel“. Don’t worry if you find the the plethora of Google blog posts confusing… …we did too,
A widespread software supply chain attack has targeted the NPM package manager at least since December 2021 with rogue modules designed to steal data entered in forms by users on websites that include them. The coordinated attack, dubbed IconBurst by ReversingLabs, involves no fewer than two dozen NPM packages that include obfuscated JavaScript, which comes
NATO has announced plans to develop virtual rapid response capabilities “to respond to significant malicious cyber activities.” The plans were unveiled in a declaration published following the NATO Summit in Madrid, Spain, last week. The latest summit took on extra significance in light of the Russian invasion of Ukraine earlier this year, amid fears of the conflict
by Paul Ducklin If you’re a Naked Security Pocast listener, you may remember, back in March 2022, that we spoke about a convicted cybercriminal from Canada by the name of Sebastien Vachon-Desjardins. By all accounts, he was part of several so-called Ransomware-as-a-Service (RaaS) gangs, such as REvil and NetWalker, where the actual ransomware attackers act
One in five organizations have teetered on the brink of insolvency after a cyberattack. Can your company keep hackers at bay? We all know cyber is a critical element of business risk. But how critical? Some boardrooms seem to pay little more than lip service to security and still manage to avoid serious repercussions. That’s
Google on Monday shipped security updates to address a high-severity zero-day vulnerability in its Chrome web browser that it said is being exploited in the wild. The shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to
CloudSEK used its artificial intelligence (AI)-powered digital risk platform XVigil to identify a post on a cybercrime forum mentioning open source automation server platform Jenkins as one of the TTP (tactics, techniques, and procedures) used by a threat actor (TA) in attacks against IBM and Stanford University. The module reportedly has hidden desktop takeover capabilities that would be
Google on Thursday announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms. Central to the changes is a “simplified and unified management experience that’s the same in Chrome and Android settings,” Ali Sarraf, Google Chrome product manager, said in a blog post.
Kaspersky security experts have discovered new malware targeting Microsoft Exchange servers belonging to several organizations worldwide. Dubbed “SessionManager” and first spotted by the company in early 2022, the backdoor enables threat actors to keep “persistent, update-resistant and rather stealth access to the IT infrastructure of a targeted organization.” According to Kaspersky, once propagated, SessionManager would enable
by Paul Ducklin The US Federal Bureau of Investigation (FBI) famously maintains a Ten Most Wanted Fugitives list. Currently, nine of them are men, suspected of 22 different offences between them: Accessory After the Fact Aiding and Abetting Armed Robbery Cocaine Importation Conspiracy Conspiracy to Commit Murder-for-Hire Conspiracy to Commit Violent Crimes in Aid of
The lead-up to the Canada Day festivities has brought a tax scam with it Even though the deadline to file taxes in Canada already passed on May 2nd, 2022, some people may have filed late or are still expecting their refund. Perhaps that’s why I received a phishing email yesterday purporting to come from the
Following heightened worries that U.S. users’ data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it’s taking steps to “strengthen data security.” The admission that some China-based employees can access information from U.S. users came in a letter sent to nine
Microsoft’s Security Intelligence team has issued a new warning against a known cloud threat actor (TA) group. Tracked as 8220 and active since early 2017, the group would have now updated its malware toolset to breach Linux servers in order to install crypto miners as part of a long-running campaign. “The updates include the deployment
by Paul Ducklin We’ll tell this story primarily through the medium of images, because a picture is worth 1024 words. This cybercrime is a visual reminder of three things: It’s easy to fall for a phishing scam if you’re in a hurry. Cybercriminals don’t waste any time getting new scams going. 2FA isn’t a cybersecurity
As scammers continue to ask people to take fake surveys, can you recognize some common telltale signs you’re dealing with a scam? Scammers recently launched a campaign on WhatsApp where they trick unsuspecting victims into thinking that they qualify for a cash prize from Costco in exchange for taking a simple survey. Obviously this type
Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its “complex multi-step attack flow” and an improved mechanism to evade security analysis. Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their
It’s Social Media Day! How are you celebrating? Reposting your very first profile picture from a decade ago? Sharing your most-loved status update or the photo you’re most proud of? This year, consider commemorating the day by learning more about how to keep your information safe. Enjoy your favorite platform, but be on the lookout
An ex-Canadian government employee pleaded guilty in Florida court earlier this week to charges of involvement with the NetWalker ransomware group. Sebastien Vachon-Desjardins, 34, was accused of conspiracy to commit computer fraud and wire fraud, as well as intentional damage to a protected computer and transmitting a demand concerning damaging a protected computer. Vachon-Desjardins was extradited in March, following