The Chinese advanced persistent threat (APT) actor known as APT41 (or Barium, Bronze Atlas, Double Dragon and Wicked Panda) has targeted at least 13 organizations across the US, Taiwan, India, Vietnam and China as part of four different campaigns in 2021. The news comes from Group-IB Security researchers, who published an advisory detailing APT41 activities from
admin
by Paul Ducklin The latest update to Google’s Chrome browser is out, bumping the four-part version number to 104.0.5112.101 (Mac and Linux), or to 104.0.5112.102 (Windows). According to Google, the new version includes 11 security fixes, one of which is annotated with the remark that “an exploit [for this vulnerability] exists in the wild”, making
Windows used to be the big talking point when it came to exploits resulting in mass casualties. Nowadays, talks turned to other massive attack platforms like #cloud and cars In years past, a massive Windows exploit netted mass casualties, but here at Black Hat, talks turned toward other massive attack platforms like clouds and cars.
The Donot Team threat actor has updated its Jaca Windows malware toolkit with improved capabilities, including a revamped stealer module designed to plunder information from Google Chrome and Mozilla Firefox browsers. The improvements also include a new infection chain that incorporates previously undocumented components to the modular framework, Morphisec researchers Hido Cohen and Arnold Osipov
The Estonian government has revealed that the country was on the receiving end of the “most extensive” DDoS attacks in 15 years this week after angering Moscow. The former Soviet state reportedly removed a Red Army monument from Tallin square this week, while a Soviet-era tank was removed in the eastern city of Narva. The government has
by Paul Ducklin Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Paul Ducklin and Chester Wisniewski. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just
LinkedIn privacy settings are just as overwhelming as any other social media settings. There’s a lot of menus, a lot buttons to enable, select, accept or reject. To make sure you have control over your information we bring you a step-by-step guide on how to enjoy LinkedIn safely. Managing our privacy settings is overwhelming. There’s
Retail giant Amazon patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user’s device to access sensitive information and camera recordings. The Ring app for Android has over 10 million downloads and enables users to monitor video feeds from smart home
We’ve all heard about the Metaverse. And there’s no doubt it has certainly captured the attention of the world’s biggest companies: Facebook has changed its name to Meta, Hyundai has partnered up with Roblox to offer virtual test drives, Nike has bought a virtual shoe company and Coca-Cola is selling NFT’s there too. (Non-Fungible Tokens
Summary DarkTortilla is a complex and highly configurable .NET-based crypter that has possibly been active since at least August 2015. It typically delivers popular information stealers and remote access trojans (RATs) such as AgentTesla, AsyncRat, NanoCore, and RedLine. While it appears to primarily deliver commodity malware, Secureworks® Counter Threat Unit™ (CTU) researchers identified DarkTortilla samples
Security experts have repeated warnings about malicious applications hiding on official mobile app stores after finding dozens of them on Google Play. Bitdefender said it identified 35 in total by using behavioral analysis technology to scan the marketplace. They totaled over two million downloads. The apps perform various malicious activities to achieve persistence on the user’s
by Paul Ducklin Apple just pushed out an emergency update for two zero-day bugs that are apparently actively being exploited. There’s a remote code execution hole (RCE) dubbed CVE-20220-32893 in Apple’s HTML rendering software (WebKit), by means of which a booby trapped web page can trick iPhones, iPads and Macs into running unauthorised and untrusted
The Sender Policy Framework can’t help prevent spam and phishing if you allow billions of IP addresses to send as your domain Twenty years ago, Paul Vixie published a Request for Comments on Repudiating MAIL FROM that helped spur the internet community to develop a new way of fighting spam with the Sender Policy Framework
Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below – CVE-2022-32893 – An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web
Removable media represents the second greatest threat to operational technology (OT) systems so far this year, according to new data from IBM X-Force. The vendor analyzed its incident response and managed security services (MSS) data in light of the ongoing threat from Russia and a fast-expanding digital attack surface for many OT asset owners and
by Naked Security writer You’ve almost certainly seen and heard the word Conti in the context of cybercrime. Conti is the name of a well-known ransomware gang – more precisely, what’s known as a ransomware-as-a-service (RaaS) gang, where the ransomware code, and the blackmail demands, and the receipt of extortion payments from desperate victims are
Don’t worry, elections are safe. Our Security Researcher Cameron Camp provide us highlights from the DEF CON 30 conference. Scattered around a bevy of tables in the election hacking village here at DEF CON 30 are all the devices – opened wide – that are supposed to keep elections safe. Oh, the irony. It’s unclear
More than 1.31 million users attempted to install malicious or unwanted web browser extensions at least once, new findings from cybersecurity firm Kaspersky show. “From January 2020 to June 2022, more than 4.3 million unique users were attacked by adware hiding in browser extensions, which is approximately 70% of all users affected by malicious and
Microsoft claims to have disrupted a prolific Russian state-backed threat group known for conducting long-running cyber-espionage campaigns against mainly NATO countries. In an update on August 15, the tech giant said it had disabled accounts used by the “Seaborgium” group for reconnaissance, phishing, and email collection, and updated detections against its phishing domains in Microsoft
by Paul Ducklin At the well-known DEF CON security shindig in Las Vegas, Nevada, last week, Mac cybersecurity researcher Patrick Wardle revealed a “get-root” elevation of privilege (EoP) bug in Zoom for Mac: Mahalo to everybody who came to my @defcon talk “You’re M̶u̶t̶e̶d̶ Rooted” 🙏🏽 Was stoked to talk about (& live-demo 😅) a
The digital skills gap, especially in cybersecurity, is not a new phenomenon. This problematic is now exacerbate by the prevalence of burnout, which was presented at Black Hat USA 2022 Discussion of the resourcing issues within the cybersecurity sector is not a new phenomenon; according to a recent article in Fortune Education, the number of
Russian state-sponsored actors are continuing to strike Ukrainian entities with information-stealing malware as part of what’s suspected to be an espionage operation. Symantec, a division of Broadcom Software, attributed the malicious campaign to a threat actor tracked Shuckworm, also known as Actinium, Armageddon, Gamaredon, Primitive Bear, and Trident Ursa. The findings have been corroborated by
Only a fifth of North American organizations have cyber-insurance coverage over $600,000, leaving a potentially significant shortfall in funds if they are compromised by ransomware, according to BlackBerry. The security software developer teamed up with Corvus Insurance to produce its BlackBerry Cyber Insurance Coverage study, compiled from interviews with 450 IT decision makers in the
Tinder, Bumble or Grindr – popular dating apps depend heavily on your location, personal data, and loose privacy settings. Find out how to put yourself out there safely by following our suggested settings tweaks. We get it! Most of us already forgot how to find a date offline. And that’s fine; times have changed and
A now-removed rogue package pushed to the official third-party software repository for Python has been found to deploy cryptominers on Linux systems. The module, named “secretslib” and downloaded 93 times prior to its deletion, was released to the Python Package Index (PyPI) on August 6, 2022 and is described as “secrets matching and verification made
Vulnerabilities in Xiaomi’s mobile payment could lead to an attacker stealing private keys used to sign Wechat Pay control and payment packages. The flaws were found by Check Point Research (CPR) in Xiaomi’s trusted execution environment (TEE), the system element responsible for storing and managing sensitive information such as keys and passwords. “We discovered a
Our Security evangelist’s take on this first day of Black Hat 2022, where cyberdefense was on every mind. As day one at Black Hat USA 2022 came to an end someone asked me, ”What is your takeaway from today’s conference?” There have been several interesting presentations, and as expected a number of them detailed the
Dutch authorities on Friday announced the arrest of a software developer in Amsterdam who is alleged to be working for Tornado Cash, days after the U.S. sanctioned the decentralized crypto mixing service. The 29-year-old individual is “suspected of involvement in concealing criminal financial flows and facilitating money laundering” through the service, the Dutch Fiscal Information
The first day of school is right around the corner. The whole family is gearing up for a return to the routine: waking up to alarm clocks at dawn, rushed mornings, learning all day, and after-school activities and homework all night. Even though everyone is in a frenzied state, now is a great time to
Social media giant Meta has announced it will start testing end-to-end encryption (E2EE) as the default option on its Facebook Messenger platform. The company made the announcement in a blog post on August 11, where it explained the feature will be initially available only to selected users. “If you’re in the test group, some of
- « Previous Page
- 1
- …
- 87
- 88
- 89
- 90
- 91
- …
- 123
- Next Page »