A novel data exfiltration technique has been found to leverage a covert ultrasonic channel to leak sensitive information from isolated, air-gapped computers to a nearby smartphone that doesn’t even require a microphone to pick up the sound waves. Dubbed GAIROSCOPE, the adversarial model is the latest addition to a long list of acoustic, electromagnetic, optical,
admin
Security researchers have discovered a new threat campaign designed to trick users into downloading malware capable of hijacking their machine. Discovered by Sucuri, the attacks begin with a malicious JavaScript injection designed to target WordPress sites, resulting in a fake Cloudflare DDoS protection pop-up. These have become increasingly popular over recent years as website owners struggle
Researchers have disclosed multiple vulnerabilities impacting Ultra-wideband (UWB) Real-time Locating Systems (RTLS), enabling threat actors to launch adversary-in-the-middle (AitM) attacks and tamper with location data. “The zero-days found specifically pose a security risk for workers in industrial environments,” cybersecurity firm Nozomi Networks disclosed in a technical write-up last week. “If a threat actor exploits these
Trojanized crypto-currency miners, also known as cryptojackers, continue to spread across computers around the world, while also becoming stealthier and increasingly avoiding detection. The data comes from Microsoft’s 365 Defender Research Team, who published a new analysis of cryptojackers on Thursday on its blog. “In the past several months, Microsoft Defender Antivirus detected cryptojackers on
Zero-day vulnerabilities are super active and Google and Apple are acting to patch these vulnerabilities, some of which seen on-the-wild. Google and Apple are both release patches for zero-day vulnerabilities that have already been exploited in the wild. ESET cybersecurity expert Tony Anscombe explains what those vulnerabilities are in simpler words, and reiterate the importance
Organizations in the Spanish-speaking nations of Mexico and Spain are in the crosshairs of a new campaign designed to deliver the Grandoreiro banking trojan. “In this campaign, the threat actors impersonate government officials from the Attorney General’s Office of Mexico City and from the Public Ministry in the form of spear-phishing emails in order to
Many people opt for encrypted messaging services because they like the additional layers of privacy they offer. They allow users to message their closest friends, family, and business partners without worrying about a stranger digitally eavesdropping on their conversation. The same people who message over encrypted services and apps are likely also diligent with securing
The Chinese advanced persistent threat (APT) actor known as APT41 (or Barium, Bronze Atlas, Double Dragon and Wicked Panda) has targeted at least 13 organizations across the US, Taiwan, India, Vietnam and China as part of four different campaigns in 2021. The news comes from Group-IB Security researchers, who published an advisory detailing APT41 activities from
by Paul Ducklin The latest update to Google’s Chrome browser is out, bumping the four-part version number to 104.0.5112.101 (Mac and Linux), or to 104.0.5112.102 (Windows). According to Google, the new version includes 11 security fixes, one of which is annotated with the remark that “an exploit [for this vulnerability] exists in the wild”, making
Windows used to be the big talking point when it came to exploits resulting in mass casualties. Nowadays, talks turned to other massive attack platforms like #cloud and cars In years past, a massive Windows exploit netted mass casualties, but here at Black Hat, talks turned toward other massive attack platforms like clouds and cars.
The Donot Team threat actor has updated its Jaca Windows malware toolkit with improved capabilities, including a revamped stealer module designed to plunder information from Google Chrome and Mozilla Firefox browsers. The improvements also include a new infection chain that incorporates previously undocumented components to the modular framework, Morphisec researchers Hido Cohen and Arnold Osipov
The Estonian government has revealed that the country was on the receiving end of the “most extensive” DDoS attacks in 15 years this week after angering Moscow. The former Soviet state reportedly removed a Red Army monument from Tallin square this week, while a Soviet-era tank was removed in the eastern city of Narva. The government has
by Paul Ducklin Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Paul Ducklin and Chester Wisniewski. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just
LinkedIn privacy settings are just as overwhelming as any other social media settings. There’s a lot of menus, a lot buttons to enable, select, accept or reject. To make sure you have control over your information we bring you a step-by-step guide on how to enjoy LinkedIn safely. Managing our privacy settings is overwhelming. There’s
Retail giant Amazon patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user’s device to access sensitive information and camera recordings. The Ring app for Android has over 10 million downloads and enables users to monitor video feeds from smart home
We’ve all heard about the Metaverse. And there’s no doubt it has certainly captured the attention of the world’s biggest companies: Facebook has changed its name to Meta, Hyundai has partnered up with Roblox to offer virtual test drives, Nike has bought a virtual shoe company and Coca-Cola is selling NFT’s there too. (Non-Fungible Tokens
Summary DarkTortilla is a complex and highly configurable .NET-based crypter that has possibly been active since at least August 2015. It typically delivers popular information stealers and remote access trojans (RATs) such as AgentTesla, AsyncRat, NanoCore, and RedLine. While it appears to primarily deliver commodity malware, Secureworks® Counter Threat Unit™ (CTU) researchers identified DarkTortilla samples
Security experts have repeated warnings about malicious applications hiding on official mobile app stores after finding dozens of them on Google Play. Bitdefender said it identified 35 in total by using behavioral analysis technology to scan the marketplace. They totaled over two million downloads. The apps perform various malicious activities to achieve persistence on the user’s
by Paul Ducklin Apple just pushed out an emergency update for two zero-day bugs that are apparently actively being exploited. There’s a remote code execution hole (RCE) dubbed CVE-20220-32893 in Apple’s HTML rendering software (WebKit), by means of which a booby trapped web page can trick iPhones, iPads and Macs into running unauthorised and untrusted
The Sender Policy Framework can’t help prevent spam and phishing if you allow billions of IP addresses to send as your domain Twenty years ago, Paul Vixie published a Request for Comments on Repudiating MAIL FROM that helped spur the internet community to develop a new way of fighting spam with the Sender Policy Framework
Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below – CVE-2022-32893 – An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web
Removable media represents the second greatest threat to operational technology (OT) systems so far this year, according to new data from IBM X-Force. The vendor analyzed its incident response and managed security services (MSS) data in light of the ongoing threat from Russia and a fast-expanding digital attack surface for many OT asset owners and
by Naked Security writer You’ve almost certainly seen and heard the word Conti in the context of cybercrime. Conti is the name of a well-known ransomware gang – more precisely, what’s known as a ransomware-as-a-service (RaaS) gang, where the ransomware code, and the blackmail demands, and the receipt of extortion payments from desperate victims are
Don’t worry, elections are safe. Our Security Researcher Cameron Camp provide us highlights from the DEF CON 30 conference. Scattered around a bevy of tables in the election hacking village here at DEF CON 30 are all the devices – opened wide – that are supposed to keep elections safe. Oh, the irony. It’s unclear
More than 1.31 million users attempted to install malicious or unwanted web browser extensions at least once, new findings from cybersecurity firm Kaspersky show. “From January 2020 to June 2022, more than 4.3 million unique users were attacked by adware hiding in browser extensions, which is approximately 70% of all users affected by malicious and
Microsoft claims to have disrupted a prolific Russian state-backed threat group known for conducting long-running cyber-espionage campaigns against mainly NATO countries. In an update on August 15, the tech giant said it had disabled accounts used by the “Seaborgium” group for reconnaissance, phishing, and email collection, and updated detections against its phishing domains in Microsoft
by Paul Ducklin At the well-known DEF CON security shindig in Las Vegas, Nevada, last week, Mac cybersecurity researcher Patrick Wardle revealed a “get-root” elevation of privilege (EoP) bug in Zoom for Mac: Mahalo to everybody who came to my @defcon talk “You’re M̶u̶t̶e̶d̶ Rooted” 🙏🏽 Was stoked to talk about (& live-demo 😅) a
The digital skills gap, especially in cybersecurity, is not a new phenomenon. This problematic is now exacerbate by the prevalence of burnout, which was presented at Black Hat USA 2022 Discussion of the resourcing issues within the cybersecurity sector is not a new phenomenon; according to a recent article in Fortune Education, the number of
Russian state-sponsored actors are continuing to strike Ukrainian entities with information-stealing malware as part of what’s suspected to be an espionage operation. Symantec, a division of Broadcom Software, attributed the malicious campaign to a threat actor tracked Shuckworm, also known as Actinium, Armageddon, Gamaredon, Primitive Bear, and Trident Ursa. The findings have been corroborated by
Only a fifth of North American organizations have cyber-insurance coverage over $600,000, leaving a potentially significant shortfall in funds if they are compromised by ransomware, according to BlackBerry. The security software developer teamed up with Corvus Insurance to produce its BlackBerry Cyber Insurance Coverage study, compiled from interviews with 450 IT decision makers in the
- « Previous Page
- 1
- …
- 75
- 76
- 77
- 78
- 79
- …
- 111
- Next Page »