Cybersecurity experts from Deepwatch spotted activity from threat actors (TA) that “highly likely” exploited a security flaw in the Atlassian Confluence server (CVE-2022-26134) to deploy a new backdoor dubbed “Ljl” against a number of unnamed organizations. Deepwatch’s Adversary Tactics and Intelligence group (ATI) described the findings in an advisory published on Tuesday. After gaining initial
admin
by Paul Ducklin Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just
Are you on Tinder? With 75 million monthly active users, you might be able to find the right one. However there are also traps you need to look out for. Read more about catfishing, sextortion, phishing and other practices used by scammers. “It’s a match” is now a common expression in the dating scene, and
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed high-severity vulnerability in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue in question is CVE-2022-27924 (CVSS score: 7.5), a command injection flaw in the platform that could lead to the execution of
A recent report by Javelin Strategy and Research found that identity theft cost Americans $56 billion in 2020, with imposter scams accounting for 20% of online fraud. While most internet platforms have stringent data security measures in place to curb cyber fraud, they aren’t always fool-proof. Your user information is available online as a result
Security researchers from ThreatLabz have uncovered a new strain of a large-scale phishing campaign using adversary-in-the-middle (AiTM) techniques along with several evasion tactics. According to an advisory published by the company on Tuesday, similar AiTM phishing techniques were used in a separate phishing campaign described by Microsoft last month. Now, ThreatLabz revealed that using intelligence
by Paul Ducklin Just over a year ago, we wrote about a “cybersecurity researcher” who posted almost 4000 pointlessly poisoned Python packages to the popular repository PyPI. This person went by the curious nickname of Remind Supply Chain Risks, and the packages had project names that were generally similar to well-known projects, presumably in the
Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution (RCE) or cause a denial-of-service (DoS) condition on affected devices. The most critical of the flaws impact Cisco Small Business RV160, RV260, RV340, and RV345 Series routers. Tracked as
If you’re the parent of a tween or teen, chances are they’re not the only ones going back to school. Their smartphones are going back too. Our recent global research showed just how many tweens and teens use a smartphone. Plenty. Depending on the age band, that figure ranges anywhere from 76% to 93%, with
A Sentinel One investigation revealed threat actors (TA) have been abusing the Windows Defender command line tool to decrypt and load Cobalt Strike payloads. The cybersecurity experts detailed their findings in an advisory last week, in which they said the TA managed to carry out the attacks after obtaining initial access via the Log4Shell vulnerability
by Paul Ducklin Cryptocurrency protocol Nomad (not to be confused with Monad, which is what PowerShell was called when it first came out) describes itself as “an optimistic interoperability protocol that enables secure cross-chain communication,” and promises that it’s a “security-first cross-chain messaging protocol.” In plain English, it’s supposed to let you swap cryptocurrency tokens
Whether you are getting ready for back-to-school season, getting new work laptop or fancying a new gamer’s pc, learn the steps to protect your new PC from cyberthreats. With Windows 11 making headlines for all the right reasons, it could be a great time to invest in a new PC for the family or the
Virtualization services provider VMware on Tuesday shipped updates to address 10 security flaws affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions. The issues tracked from CVE-2022-31656 through CVE-2022-31665 (CVSS scores: 4.7 – 9.8) affect the VMware Workspace ONE Access, Workspace ONE Access Connector, Identity Manager, Identity Manager Connector, vRealize
Security experts from online platform Zscaler have published an analysis of the new variant of the known Raccoon Stealer malware. Writing in an advisory last Friday, Zscaler said the new version of the malware is written in C, unlike previous versions which were mainly written in C++. Raccoon Stealer 2.0 features a new back-end and
by Paul Ducklin The best-known cryptographic library in the open-source world is almost certainly OpenSSL. Firstly, it’s one of the most widely-used, to the point that most developers on most platforms have heard of it even if they haven’t used it directly. Secondly, it’s probably the most widely-publicised, sadly because of a rather nasty bug
Researchers have uncovered a list of 3,207 mobile apps that are exposing Twitter API keys in the clear, some of which can be utilized to gain unauthorized access to Twitter accounts associated with them. The takeover is made possible, thanks to a leak of legitimate Consumer Key and Consumer Secret information, respectively, Singapore-based cybersecurity firm
The Federal Communications Commission (FCC) has noticed “substantial increases” in complaints about scam robotexts, it warned this week. The Commission issued an alert warning consumers that these texts are on the rise. It added that it was also seeing more reports of scam texts from robocall and robotext blocking services. The FCC tracks consumer complaints rather than
The operators of the Gootkit access-as-a-service (AaaS) malware have resurfaced with updated techniques to compromise unsuspecting victims. “In the past, Gootkit used freeware installers to mask malicious files; now it uses legal documents to trick users into downloading these files,” Trend Micro researchers Buddy Tancio and Jed Valderama said in a write-up last week. The
A cyber-attack on the US justice system has compromised a public document management system, revealed lawmakers on the Hill yesterday. Jerrold Nadler (D-NY), chairman of the House Judiciary Committee, revealed the attack at a hearing on oversight of the Justice Department on Thursday. Nadler said three hostile actors had breached the Public Access to Court Electronic Records
Learn to spot some of the threats that you can face while browsing online, and the best tips to stay safe on the web. Web browsers are our gateway to the digital world. We spend hours on them each day, which makes them not only a vital tool for legitimate users, but a valuable target
Image via Keeper Right Now, Get 50% Off Keeper, the Most Trusted Name in Password Management. In one way or another, almost every aspect of our lives is online, so it’s no surprise that hackers target everything from email accounts to banks to smart home devices, looking for vulnerabilities to exploit. One of the easiest
A bill designed to increase visibility of foreign ransomware attackers has passed in the US House of Representatives. The Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act (also known as the RANSOMWARE Act) will make it easier for the US to respond to ransomware attacks from foreign
by Paul Ducklin If you’ve ever watched a professional plumber at work, or a plasterer, or a bricklayer, or the people who deftly use those improbably long sticks to craft paper-thin pancakes the size of a bicycle wheel… …you’ve probably had the same thoughts that we have. I could do that. I really could. But
Cybercriminals exploited a vulnerability to steal the equivalent of 18M$ from the NFT music streaming platform Audius, while other cyberthreats related to crypto makes the news. This week, the NFT music streaming platform Audius was the victim of a cyberattack. Criminals exploited a vulnerability to steal the equivalent of 18M$ from the platform. This type of attack
A threat actor operating with interests aligned with North Korea has been deploying a malicious extension on Chromium-based web browsers that’s capable of stealing email content from Gmail and AOL. Cybersecurity firm Volexity attributed the malware to an activity cluster it calls SharpTongue, which is said to share overlaps with an adversarial collective publicly referred
Authored by Dexter Shin McAfee’s Mobile Research Team has identified new malware on the Google Play Store. Most of them are disguising themselves as cleaner apps that delete junk files or help optimize their batteries for device management. However, this malware hides and continuously show advertisements to victims. In addition, they run malicious services automatically
Police in Spain have arrested two people on suspicion of hacking the country’s Radioactivity Alert Network (RAR). The RAR, operated by Spain’s General Directorate of Civil Protection and Emergencies, is a network of gamma radiation sensors. It monitors parts of Spain – which operates nuclear power plants – for excessive radiation. The two individuals are
by Paul Ducklin Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just
A week after Atlassian rolled out patches to contain a critical flaw in its Questions For Confluence app for Confluence Server and Confluence Data Center, the shortcoming has now come under active exploitation in the wild. The bug in question is CVE-2022-26138, which concerns the use of a hard-coded password in the app that could
A database containing 5.4m Twitter users’ data is reportedly for sale on a popular criminal forum. Twitter is investigating the issue, which the seller said exploited a vulnerability in its systems reported in January. The seller, using the nickname ‘devil,’ advertised the data on the Breached Forums site and demanded at least $30,000 for it.
- « Previous Page
- 1
- …
- 82
- 83
- 84
- 85
- 86
- …
- 116
- Next Page »