by Paul Ducklin HOW MANY CRYPTOGRAPHERS? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify and anywhere that good podcasts are found. Or just drop the URL of our RSS feed
Security
Security researchers have detected a 178% increase in sextortion emails between the first half of 2022 and the same period this year, marking the category out as a top email threat. ESET said that sextortion emails ranked third among all email threats in H1 2023. They typically arrive unsolicited and claim to have compromising images
by Paul Ducklin The venerable RAR program, short for Roshal’s Archiver after its original creator, has been popular in file sharing and software distribution circles for decades, not least because of its built-in error recovery and file reconstruction features. Early internet users will remember, with little fondness, the days when large file transfers were shipped
Experian Consumer Services has agreed to a permanent injunction and to pay a civil penalty of $650,000 to settle allegations relating to the CAN-SPAM Act. The firm, whose parent company is credit agency giant Experian, provides online credit reports, scores and monitoring products to customers. A case filed in the US District Court for the
by Paul Ducklin A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb. The researchers seem to have chosen their target device, the TP-Link Tapo L530E, on the basis that it is “currently [the] best seller on Amazon Italy,”
A cyber-attack on Australian utility company, Energy One Limited (EOL), could have international impact with the firm’s corporate systems in the UK also affected. The company, a global supplier of software and services to the wholesale energy market, confirmed that it had taken steps to limit the impact of the incident and had alerted both
by Paul Ducklin Researchers at Apple device management company Jamf recently published an intriguing paper entitled Fake Airplane Mode: A mobile tampering technique to maintain connectivity. We’ll start with the good news: the tricks that Jamf discovered can’t magically be triggered remotely, for example merely by enticing you to a booby-trapped website. Attackers need to
The government is urging more schools to enrol their students in a government scheme designed to boost cyber skills, claiming that tens of thousands have already signed up since its launch in February last year. Around 2000 schools across the UK are participating in Cyber Explorers – a free learning platform for 11–14-year-olds designed to
A recent cybersecurity study has brought to light a concerning vulnerability crisis affecting web applications. CyCognito’s semi-annual State of External Exposure Management report unveiled a distressing landscape of digital threats across public cloud, mobile and web platforms. The comprehensive analysis of 3.5 million assets, encompassing Fortune 500 entities, highlights the precarious state of data security. The
A significant phishing campaign employing QR codes has recently come to light, with a major US-based energy company as one of the primary targets. The campaign, which began in May 2023, has witnessed a 2400% surge in volume since then, underscoring the urgency of addressing this emerging threat. Cybersecurity company Cofense has been closely monitoring
The UK’s much-anticipated summit on AI safety will reportedly be held in November, with cybersecurity experts welcoming the government’s focus on regulating emerging technologies. A Downing Street spokesperson confirmed the event will take place at the start of November at Bletchley Park, home to the codebreakers of World War Two who were led by the
by Paul Ducklin CELEBRATING THE TRUE CRYPTO BROS No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify and anywhere that good podcasts are found. Or just drop the URL of our
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that a Citrix flaw patched in June is being actively exploited in the wild. CVE-2023-24489 was added to the agency’s Known Exploited Vulnerabilities Catalog yesterday, with CISA warning it poses “significant risks to the federal enterprise.” The flaw is described as an improper access control vulnerability
by Paul Ducklin The US Federal Bureau of Investigation (FBI) has just published an official public service announcement headlined with with a very specific warning: Cybercriminals Targeting Victims through Mobile Beta-Testing Applications. The Feds didn’t go as far as naming any specific vendors or services here, but one of the main reasons that crooks go
One in three students at British universities encountered fraud attempts online last year, according to a new study from NatWest. The high street lender commissioned consulting firm RedBrick to poll over 3000 UK university students from 63 towns and cities back in May. Although a third of respondents said they’d encountered a scam over the
by Paul Ducklin It’s taken nearly ten years, but the US Department of Justice (DOJ) has just announced the court-approved seizure of a web domain called LolekHosted.net that was allegedly connected to a wide range of crimeware-as-a-service activities. The DOJ also charged a 36-year-old Polish man named Artur Karol Grabowski in connection with running the
Security researchers have discovered over 140,000 breached passwords associated with accounts on hacking forums after their owners were infected with info-stealing malware. Hudson Rock trawled its cybercrime intelligence database for infected computers with credentials associated with the top 100 cybercrime sites. It found 120,000 such computers, claiming many of these belonged to hackers. When a
by Paul Ducklin It’s been a while since we’ve written about card skimmers, which used to play a big part in global cybercrime. These days, many if not most cyber-breach and cybercrime stories revolve around ransomware, the darkweb and the cloud, or some unholy combination of the three. In ransomware attacks, the criminals don’t actually
Police have taken down a Lolek bulletproof hosting service used by criminals to launch cyber-attacks across the world. The takedown was part of a coordinated effort between the Polish Central Cybercrime Bureau and the US Department of Justice (DoJ), alongside support from Europol and the Federal Bureau of Investigation (FBI). In a statement, Europol said:
A new variant of the SystemBC malware, paired with Cobalt Strike beacons, has been identified in a recent cyber-attack targeting a critical infrastructure power generator in a southern African nation. Echoing the high-profile Darkside Colonial Pipeline breach of 2021, the incident occurred during the third and fourth weeks of March 2023, according to a new
Multiple vulnerabilities have been identified in the widely used Avada theme and its accompanying Avada Builder plugin. These security flaws, uncovered by Patchstack’s security researcher Rafie Muhammad, expose a significant number of WordPress websites to potential breaches. Within these vulnerabilities, the Avada Builder plugin exhibits two weaknesses. The first is an Authenticated SQL Injection (CVE-2023-39309).
Security researchers have discovered a third novel backdoor that was used in attacks on users of Barracuda ESG appliances recently. The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory detailing the malware, dubbed “Whirlpool.” It claimed the backdoor established a TLS reverse shell to a command-and-control (C2) server. “This artifact is
by Paul Ducklin SNOOPING ON MEMORY, KEYSTROKES AND CRYPTOCOINS No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify and anywhere that good podcasts are found. Or just drop the URL of
Researchers have warned of a new multi-factor authentication (MFA) phishing campaign targeting thousands of users, including a large share of C-suite executives. The group behind it sent at least 120,000 phishing emails to hundreds of organizations across the globe between March and June this year, according to Proofpoint. These emails typically impersonate legitimate trusted services
by Paul Ducklin The August 2023 Microsoft security updates are out (the first day of the month was a Tuesday, making this month’s Patch Tuesday as early as ever it can be), with 74 CVE-numbered bugs fixed. Intriguingly, if not confusingly, Microsoft’s offical bug listing page is topped by two special items dubbed Exploitation Detected.
The UK’s financial regulatory has warned consumers to be on the lookout for loan fee fraudsters after revealing new research claiming that many Brits are worried about their finances this summer. The Financial Conduct Authority (FCA) said it polled 2000 adults in late July and found that 55% are more concerned about their bank balance
by Paul Ducklin Audio recordings are dangerously easy to make these days, whether by accident or by design. You could end up with your own permanent copy of something you thought you were discussing privately, preserved indefinitely in an uninterestingly-named file on your phone or laptop, thanks to hitting “Record” by mistake. Someone else could
UK organizations lost billions in data breaches between 2019 and 2022, with hundreds of millions of their customers suffering compromise of their personal information, according to a new analysis from Imperva. The security vendor studied 99,490 breaches reported to the Information Commissioner’s Office (ICO) between April 2019 and December 2022, as well as the “most
The Clop ransomware group has begun offering access to data stolen in MOVEit attacks via torrents, it has emerged. Security researcher Dominic Alvieri revealed the news on Twitter, with screenshots showing several big-name victims whose data is being made available via P2P sharing. Among the corporate names on that list were investment firm Putnam, Iron Bow Technologies
A new malicious campaign has been found on the Python Package Index (PyPI) open-source repository involving 24 malicious packages that closely imitate three popular open-source tools: vConnector, eth-tester and databases. The campaign, dubbed VMConnect, was uncovered by ReversingLabs and started around July 28, 2023, with the continuous posting of new malicious PyPI packages daily. The
- « Previous Page
- 1
- …
- 15
- 16
- 17
- 18
- 19
- …
- 51
- Next Page »