Representatives from Ukraine’s State Service of Special Communications and Information Protection (SSSCIP) and the European Union Agency for Cybersecurity (ENISA) recently met to discuss strengthening cooperation and networking. The working meeting was held during the visit to ENISA HQ in Athens as a part of the Cybersecurity East Project. Viktor Zhora, SSSCIP deputy head, said after
Month: October 2022
by Paul Ducklin Naked Security meets Sophos X-Ops! (Read or listen according to your preference.) We dig into OAuth 2.0, a well-known protocol for authorization. Microsoft calls it “Modern Auth”, though it’s a decade old, and is finally forcing Exchange Online customers to switch to it. We look at the what, the why and the
A new piece of research has detailed the increasingly sophisticated nature of the malware toolset employed by an advanced persistent threat (APT) group named Earth Aughisky. “Over the last decade, the group has continued to make adjustments in the tools and malware deployments on specific targets located in Taiwan and, more recently, Japan,” Trend Micro
Lloyd’s of London, the London-based insurance market heavily involved in implementing sanctions against Russia, may have been hit by a cyber-attack. On Wednesday, October 5, 2022, the British insurance market revealed it had detected “unusual activity” on its systems and has turned off all external connectivity “as a precautionary measure.” “We have informed market participants
by Paul Ducklin Scam calls are a nuisance at best, because they’re intrusive, and a social and financial evil at worst, because they prey on those who are vulnerable. You probably get dozens or hundreds of them a year, often in waves of several a day, where the caller claims to be from Amazon (about
Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from “.*autodiscover.json.*Powershell.*” to “(?=.*autodiscover.json)(?=.*powershell).” The list of updated steps to
Chinese state–sponsored threat actors continue to exploit known vulnerabilities to target US and allied networks and companies, according to a new advisory published on October 06, 2022, by the US National Security Agency (NSA), Cybersecurity & Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI). Worse, they use “an increasing array of new and
by Naked Security writer Joe Sullivan, who was Chief Security Officer at Uber from 2015 to 2017, has been convicted in a US federal court of covering up a data breach at the company in 2016. Sullivan was charged with obstructing proceedings conducted by the FTC (the Federal Trade Commission, the US consumer rights body),
Your phone buzzes. You hope it’s a reply from last night’s date, but instead you get an entirely different swooping feeling: It’s an alarming SMS text alerting you about suspicious activity on your bank account and that immediate action is necessary. Take a deep breath and make sure to read the message carefully. Luckily, your
A look back on the key trends and developments that shaped the cyberthreat landscape from May to August of this year The ESET research team has just released its latest Threat Report, and in this week’s video, Tony summarizes the report’s main takeaways. What trends and developments shaped the threat landscape between May and August
A severe remote code execution vulnerability in Zimbra’s enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. The shortcoming, assigned CVE-2022-41352, carries a critical-severity rating of CVSS 9.8, providing a pathway for attackers to upload arbitrary files and carry out malicious actions on affected installations.
A number of notable software supply chain cyber incidents have been linked to ‘LofyGang,’ an attack group that has been operating for over a year, according to a new analysis by Checkmarx. The researchers discovered around 200 malicious packages with thousands of installations linked to LofyGang. These included several classes of malicious payloads, general password
by Paul Ducklin If you can’t beat ’em, sue ’em! Actually, the original quote doesn’t quite go like that, but you get the idea: if you can’t stop people downloading bogus, malware-tainted apps that pretend to be backed by your powerful, global brand… …why not use your powerful, global brand to sue the creators of
A view of the T2 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts The past four months were the time of summer vacations for many of us in the northern hemisphere. It appears that some malware operators also took this time as an opportunity
Meta Platforms on Friday disclosed that it had identified over 400 malicious apps on Android and iOS that it said targeted online users with the goal of stealing their Facebook login information. “These apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps,
A newly discovered Android spyware family dubbed ‘RatMilad’ has been observed trying to infect an enterprise device in the Middle East. The discovery comes from security researchers at Zimperium, who said the original variant of the previously unknown RatMilad spyware hid behind a VPN and phone number spoofing app called Text Me. After identifying the
by Paul Ducklin SCAMMERS IN THE SLAMMER (AND OTHER STORIES) With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere
In the fall of 2021, cryptocurrency value skyrocketed. Ethereum and Bitcoin had their highest values ever, causing a huge stir in interest in online currencies from experts, hobbyists and newbies alike … and in cybercriminals seeking huge paydays. Since then, cryptocurrency value has cooled, as has the public’s opinion about whether it’s worth the risk.
Healthy habits that are instilled and nurtured at an early age bring lifelong benefits – the same applies to good cybersecurity habits It’s October, it’s Cybersecurity Awareness Month (CSAM), and with it the annual deluge of articles about phishing, passwords, protecting personal data and such like that will be hitting your inboxes very soon (if
The threat actor behind the malware-as-a-service (MaaS) called Eternity has been linked to new piece of malware called LilithBot. “It has advanced capabilities to be used as a miner, stealer, and a clipper along with its persistence mechanisms,” Zscaler ThreatLabz researchers Shatak Jain and Aditya Sharma said in a Wednesday report. “The group has been
A Canadian man was sentenced to 20 years in prison and ordered to forfeit $21.5m today for participating in the NetWalker ransomware attacks, said the Department of Justice (DOJ) Office of Public Affairs on Tuesday. Sebastien Vachon–Desjardins, 35, of Gatineau, Quebec, was extradited to the United States in January this year according to the extradition treaty between
by Naked Security writer Naked Security has written and talked about Sebastien Vachon-Desjardins before, in both article and podcast form. Vachon-Desjardins had been a federal government worker in the Canadian Capital Region (he comes from Gatineau in Quebec, directly across the river from the federal capital Ottawa in Ontario)… …but he seems to have decided
Happy Cybersecurity Awareness Month! Every October, the National Cybersecurity Alliance selects a theme around which to publish extensive awareness resources and practical tips to help you improve your cybersecurity.1 This year’s theme is “It’s easy to stay safe online.” With the number of cyber threats and breaches dominating the headlines, it can seem like
A novel Android malware called RatMilad has been observed targeting a Middle Eastern enterprise mobile device by concealing itself as a VPN and phone number spoofing app. The mobile trojan functions as advanced spyware with capabilities that receives and executes commands to collect and exfiltrate a wide variety of data from the infected mobile endpoint,
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive (BOD) to improve asset visibility and vulnerability detection on federal networks. Named BOD 23–01 and becoming effective on April 03, 2023, the new directive requires federal civilian executive branch (FCEB) agencies to perform automated asset discovery every seven days. “While many
by Paul Ducklin Elvis, you might say, has left the building, but only to be transported from court to federal prison. In this case, we’re referring to Elvis Eghosa Ogiekpolor, jailed for 25 years in Atlanta, Georgia for running a cybercrime group that scammed close to $10,000,000 in uunder two years from individuals and business
Our all-new ransomware coverage is now available, ready to help just in case—all backed by expert advice to help you find the quickest and best possible path to recovery. Ransomware coverage from McAfee can reimburse you up to $25,000 for losses resulting from a ransomware threat, including financial losses and ransom fees. You’ll find this
As each new smart home device may pose a privacy and security risk, do you know what to look out for before inviting a security camera into your home? Security cameras were once the preserve of the rich and famous. Now anyone can get their hands on one thanks to technological advances. The advent of
A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser. Kaspersky dubbed the campaign OnionPoison, with all of the victims located in China. The scale of the attack remains unclear, but the Russian cybersecurity company said it detected victims appearing in its
A former US National Security Agency (NSA) employee has been arrested after trying to sell classified information to an undercover Federal Bureau of Investigation (FBI) agent posing as a foreign spy working for a foreign government. Federal prosecutors do not directly identify the government in question. Still, according to the FBI agent’s affidavit, Jareh Sebastian