The Cybersecurity and Infrastructure Security Agency (CISA) has published a new series of guidelines to help federal agencies defend against distributed denial-of-service (DDoS) attacks. The Capacity Enhancement Guide has been published in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). It provides organizations with proactive steps
Month: October 2022
by Paul Ducklin Imagine that you’d spoken in what you thought was total confidence to a psychotherapist, but the contents of your sessions had been saved for posterity, along with precise personal identification details such as your unique national ID number, and perhaps including additional information such as notes about your relationship with your family…
Personal devices and the information they carry are incredibly valuable to their owners. It is only natural to want to protect your device like a royal family fortifying a medieval castle. Unlike medieval castles that depended upon layers and layers of protection (moats, drawbridges, spiky gates, etc.), personal devices thrive on just one defense: a devoted guard called antivirus software. Increasing your personal device’s
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360’s Network Security Research Lab said in a report published last week. Fodcha
The threat actors behind the Raspberry Robin worm have been associated with a complex and interconnected malware ecosystem comprising the Clop and LockBit ransomware groups. The findings come from Microsoft, which has said the worm had alternate infection methods beyond its original USB drive spread. “These infections lead to follow-on hands-on-keyboard attacks and human-operated ransomware
by Paul Ducklin The Clearview AI saga continues! If you haven’t heard of this company before, here’s a very clear and concise recap from the French privacy regulator, CNIL (Commission Nationale de l’Informatique et des Libertés), which has very handily been publishing its findings and rulings in this long-running story in both French and English:
Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud. “These droppers continue the unstopping evolution of malicious apps sneaking to the official store,” Dutch mobile security firm ThreatFabric
A previously undocumented dropper has been spotted installing backdoors and other tools using the new technique of reading commands from apparently innocuous Internet Information Services (IIS) logs. The dropper has been discovered by cybersecurity researchers at Symantec, who said an actor is using the piece of malware dubbed Cranefly (aka UNC3524) to install another piece
by Paul Ducklin Google pushed out a bunch of security fixes for the Chrome and Chromium browser code earlier this week… …only to receive a vulnerability report from researchers at cybersecurity company Avast on the very same day. Google’s response was to push out another update as soon as it could: a one-bug fix dealing
When you open your laptop or your mobile device, what is the first thing you do? Do you head to your favorite social media site to skim the latest news, or do you place your weekly grocery delivery order? No matter what your daily online habits are, even the slightest degree of caution can go a long way in staying secure online. That’s
You probably don’t have to ditch your phone just yet – try these simple tips and tricks to make any Android device or iPhone run faster Mobile phones are so present in our lives that they have become just as important as our wallets; in fact, they have also become our wallets. Unfortunately, no matter
Communication services provider Twilio this week disclosed that it experienced another “brief security incident” in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new report outlining baseline cybersecurity performance goals (CPGs) for all critical infrastructure sectors. The document is the result of a July 2021 security memorandum signed by President Biden. It has tasked CISA and the National Institute of Standards and Technology (NIST) with creating fundamental cybersecurity
by Paul Ducklin Regular readers will know two things about our attitude to Apple’s security patches: We like to get them as soon as we can. Whether it’s a full version upgrade that also includes a bunch of security fixes, or a point release (one where the leftmost verion number doesn’t change) with the primary
When you’re online, the world is at your fingertips. You can do amazing things like stream the latest movies while they’re still in theaters! Or you can enjoy the convenience of online shopping and avoiding the DMV by renewing your driver’s license remotely. This is possible because we’re able to communicate with these organizations through many different channels and we trust them. Unfortunately, many bad actors have taken advantage of this trust
A look at a recent string of law enforcement actions directed against (in some cases suspected) perpetrators of various types of cybercrime A Canadian, a Nigerian, a Brit and a Ukrainian – what’s the connection? As Cybersecurity Awareness Month draws to a close, we look at a recent string of law enforcement actions directed against (in
Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution. Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability (CVE-2022-22241, CVSS score: 8.1) in the J-Web component of Junos OS, according to Octagon Networks researcher Paulos Yibelo. “This vulnerability can
A new cryptojacking campaign has been discovered targeting vulnerable Docker and Kubernetes infrastructure. Dubbed ‘Kiss-a-dog’ by CrowdStrike security researchers, the campaign has used several command-and-control (C2) servers to launch attacks aiming at mining cryptocurrency. The threat actors have also utilized user and kernel mode rootkits to hide the activity, backdoor compromised containers, move laterally in the
by Paul Ducklin WE’RE SCRAPING YOUR FACES FOR YOUR OWN GOOD! (ALLEGEDLY) Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher
Vernon has been our Manager of Technical Accounting for more than two years, but that doesn’t mean he’s buried in spreadsheets and numbers all day. He’s a part of our team of experts for the complex, technical accounting projects that pop up. My McAfee career journey story It’s been an amazing ride so far. My
As package delivery scams that spoof DHL, USPS and other delivery companies soar, here’s how to stay safe not just this shopping season Where there are users to be scammed and money to be made, cybercriminals won’t be far behind. So it was during the pandemic, when internet users eager to get hold of the
A 34-year-old U.K. national has been arraigned in the U.S. for operating a dark web marketplace called The Real Deal that specialized in the sales of hacking tools and stolen login credentials. Daniel Kaye, who went by a litany of pseudonyms Popopret, Bestbuy, UserL0ser, and Spdrman, has been charged with five counts of access device
The threat actor known as Vice Society has been conducting ransomware and extortion campaigns against the global education sector, particularly in the US. The findings come from Microsoft security researchers, who published an advisory about Vice Society (tracked by the tech giant as DEV-0832) on Tuesday. “Shifting ransomware payloads over time from BlackCat, QuantumLocker, and
by Paul Ducklin See Tickets is a major global player in the online event ticketing business: they’ll sell you tickets to festivals, theatre shows, concerts, clubs, gigs and much more. The company has just admitted to a major data breach that shares at least one characteristic with the amplifiers favoured by notorious rock performers Spinal
It’s Diwali, a time of light, a time of togetherness, and, of course, a time of celebration. Along with Diwali comes the traditional acts of dana and seva, as well as gift-giving to the friends and family members they honor and love. However, it’s also a time when thieves get busy—where they hop online and
A 26-year-old Ukrainian national has been charged in the U.S. for his alleged role in the Raccoon Stealer malware-as-a-service (MaaS) operation. Mark Sokolovsky, who was arrested by Dutch law enforcement after leaving Ukraine on March 4, 2022, in what’s said to be a Porsche Cayenne, is currently being held in the Netherlands and awaits extradition
A total of 108.9 million accounts were breached in the third quarter of 2022, a 70% increase compared to the previous quarter. The top five countries and regions most affected by data breaches in Q3 2022 were Russia, France, Indonesia, the US and Spain. While Russia had the most breaches overall (22.3 million), France had
by Paul Ducklin Apple’s latest collection of security updates has arrived, including the just-launched macOS 13 Ventura, which was accompanied by its own security bulletin listing a whopping 112 CVE-numbered security holes. Of those, we counted 27 arbitrary code execution holes, of which 12 allow rogue code to be injected right into the kernel itself,
A new ransomware threat is currently sweeping its way across home computers. And what’s making it extra tricky is that it’s disguised as an operating system update. Be on the lookout for this new ransomware scheme and protect yourself from ransomware with a few of these tips. What Is Magniber Ransomware? Magniber is a new type of
Next time you’re tempted to hold off on installing software updates, remember why these updates are necessary in the first place Technology enables us to do wonderful things. The PCs and mobile devices at the center of our digital world are an indispensable part of our personal and working lives. They offer us a gateway
- 1
- 2
- 3
- …
- 5
- Next Page »