Security researchers have recorded a 76% year-on-year (YoY) increase in financial losses stemming from phishing attacks, as sophisticated tactics and user knowledge gaps give threat actors the upper hand. Proofpoint compiled its 2023 State of the Phish report from interviews with 7500 consumers and 1050 IT security professionals across 15 counties, as well as 135
Month: February 2023
by Paul Ducklin There’s no date on the update, but as far as we can make out, LastPass just [2023-02-27] published a short document entitled Incident 2 – Additional details of the attack. As you probably remember, because the bad news broke just before the Christmas holiday season in December 2022, LastPass suffered what’s known
Feb 28, 2023Ravie LakshmananRansomware / Malware A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within enterprise networks while flying under the radar. “It comes with a wide range of capabilities, making post-exploitation a cakewalk for anyone purchasing the tool,” CYFIRMA said in a new
A business magnate and major political donor has been indicted for masterminding a “massive” $2bn scheme to defraud regulators and thousands of insurance policyholders. Greg Lindberg, 53, of Durham, North Carolina, allegedly conspired with others between 2016 and 2019 to invest nearly $2bn in multiple insurance companies – many of which have since 2019 apparently
by Paul Ducklin Thanks to Tommy Mysk and Talal Haj Bakry of @mysk_co for the impetus and information behind this article. The duo describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not
Spoiler Alert: Organizations with 10,000 SaaS users that use M365 and Google Workspace average over 4,371 additional connected apps. SaaS-to-SaaS (third-party) app installations are growing nonstop at organizations around the world. When an employee needs an additional app to increase their efficiency or productivity, they rarely think twice before installing. Most employees don’t even realize
The US Cybersecurity and Infrastructure Security Agency (CISA) warned nations’ defenders yesterday against disruptive and defacement attacks today. These, the agency said on Thursday, may spur from attempts to sow chaos and societal discord on the anniversary of Russia’s 2022 invasion of Ukraine. “In response to the heightened geopolitical tensions resulting from Russia’s full-scale invasion
ESET Research has compiled a timeline of cyberattacks that used wiper malware and have occurred since Russia’s invasion of Ukraine in 2022 This blogpost presents a compiled overview of the disruptive wiper attacks that we have observed in Ukraine since the beginning of 2022, shortly before the Russian military invasion started. We were able to
Feb 24, 2023The Hacker NewsArtificial Intelligence / Cybersecurity The use of AI in cybersecurity is growing rapidly and is having a significant impact on threat detection, incident response, fraud detection, and vulnerability management. According to a report by Juniper Research, the use of AI for fraud detection and prevention is expected to save businesses $11
Google Play Store’s new Data Safety labels have been criticized for being inaccurate in nearly 80% of cases. The claims come from Mozilla’s *Privacy Not Included researchers, who published a new study about them on Thursday. “[We] found that the labels were false or misleading based on discrepancies between the apps’ privacy policies and the
With the conflict in Ukraine passing the one-year mark, have its cyber-war elements turned out as expected? It’s been twelve months since Russia invaded Ukraine, and it’s a good time to pause and reflect on a few pertinent issues, including: How is the war playing out in cyberspace? Have the cyber-elements turned out as expected?
Feb 24, 2023Ravie LakshmananMobile Security / Firmware Google said it’s working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what’s called the application processor (AP), it’s just one of the many processors of a system-on-chip (SoC) that cater to various tasks like cellular
Russia’s invasion of Ukraine has disrupted the vast cybercrime underground operating from the country, thanks to mobilization of some threat actors and the emigration of others, according to Recorded Future. The threat intelligence firm’s new report, Russia’s War Against Ukraine Disrupts the Cybercriminal Ecosystem, is compiled from analysis of dark web sources. The cybersecurity vendor
by Paul Ducklin LEARNING FROM OTHERS The first search warrant for computer storage. GoDaddy breach. Twitter surprise. Coinbase kerfuffle. The hidden cost of success. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You
The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous North Korea-aligned APT group ESET researchers have discovered one of the payloads of the Wslink downloader that we uncovered back in 2021. We named this payload WinorDLL64 based on its filename WinorDLL64.dll. Wslink, which had the filename WinorLoaderDLL64.dll,
Feb 24, 2023The Hacker NewsCybersecurity Webinar / SaaS Security Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan and Slack, it’s clear that SaaS apps are a prime target for cyberattacks. The vast amounts of valuable information stored in these apps make them a
The UK’s privacy regulator has called on accountants to play a key role in ensuring the country’s SMEs are compliant with rigorous data protection laws. The Information Commissioner’s Office (ICO) said that research from 2021 revealed that around a third (34%) of smaller businesses trust their accountants for advice, while a fifth (20%) use these
by Paul Ducklin Johnathan Swift is probably most famous for his novel Gulliver’s Travels, during which the narrator, Lemuel Gulliver, encounters a socio-political schism in Liiliputian society caused by unending arguments over whether you should open a boiled egg at the big end or the little end. This satirical observation has flowed diretly into modern
It’s never been easier to write a convincing message that can trick you into handing over your money or personal data ChatGPT has been taking the world by storm, having reached 100 million users only two months after launching. However, media stories about the tool’s uncanny ability to write human-sounding text mask a potentially darker reality.
The (Other) Risk in Finance A few years ago, a Washington-based real estate developer received a document link from First American – a financial services company in the real estate industry – relating to a deal he was working on. Everything about the document was perfectly fine and normal. The odd part, he told a
A suspected distributed denial of service (DDoS) attack downed several websites broadcasting President Putin’s state of the nation address on Tuesday, according to reports. Reuters said journalists based in multiple locations were unable to access the All-Russia State Television and Radio Broadcasting Company (VGTRK) website or the Smotrim live-streaming platform for periods during the speech.
by Paul Ducklin Popular cryptocurrency exchange Coinbase is the latest well-known online brand name that’s admitted to getting breached. The company decided to turn its breach report into an interesting mix of partial mea culpa and handy advice for others. As in the recent case of Reddit, the company couldn’t resist throwing in the S-word
SMBs need to not only reduce their odds of being hit by an attack, but also implement processes that they can follow if their defenses are breached The prevalence of cyberattacks continues to rise, with our telemetry showing a 13% increase in cyberthreat detections in 2022 year-on-year. While the news tends to feature breaches involving
Feb 22, 2023Ravie LakshmananEndpoint Security / Software Update Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS. The first flaw is a race condition in the Crash Reporter component (CVE-2023-23520) that could enable a malicious actor to read arbitrary files as root. The iPhone
Three fund managers have been sentenced to 12 years and three months following a seven-year investigation into their fraudulent handling of the Libyan sovereign wealth fund. The UK’s National Crime Agency (NCA) said it began its investigation after one of the trio, Frederic Marino, walked out of a London meeting with auditors and promptly fled
by Paul Ducklin Twitter has announced an intriguing change to its 2FA (two-factor authentication) system. The change will take effect in about a month’s time, and can be summarised very simply in the following short piece of doggerel: Using texts is insecure for doing 2FA, So if you want to keep it up you're going
AI-pocalypse soon? As stunning as ChatGPT’s output can be, should we also expect the chatbot to spit out sophisticated malware? ChatGPT didn’t write this article – I did. Nor did I ask it to answer the question from the title – I will. But I guess that’s just what ChatGPT might say. Luckily, there are
Feb 21, 2023Ravie LakshmananEndpoint Security / Botnet A sophisticated botnet known as MyloBot has compromised thousands of systems, with most of them located in India, the U.S., Indonesia, and Iran. That’s according to new findings from BitSight, which said it’s “currently seeing more than 50,000 unique infected systems every day,” down from a high of
The FBI has released a brief statement about a recent cyber-incident that occurred at one of its highest profile field offices, claiming it is now under control. Sources briefed on the matter told CNN that a malicious incident impacted part of its network used in investigations of images of child sexual exploitation. “The FBI is
by Paul Ducklin Late last week [2023-02-16], popular web hosting company GoDaddy filed its compulsory annual 10-K report with the US Securities and Exchange Commission (SEC). Under the sub-heading Operational Risks, GoDaddy revealed that: In December 2022, an unauthorized third party gained access to and installed malware on our cPanel hosting servers. The malware intermittently
- 1
- 2
- 3
- 4
- Next Page »