Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs (CRIL), Kekw malware can steal sensitive information from infected systems and perform clipper activities that can hijack cryptocurrency transactions. “Following our investigation, we found that
Security
The North Korean state-sponsored APT group known as Kimsuky has been observed using a new malware component called ReconShark. According to an advisory published by SentinelOne security researchers on Thursday, ReconShark is distributed through targeted spear-phishing emails, which contain OneDrive links that lead to downloading documents and activating harmful macros. “The spear-phishing emails are made
by Paul Ducklin World Password Day is always hard to write tips for, because the primary advice you’ll hear has been the same for many years. That’s because the “passwordless future” that we’ve all been promised is still some time away, even if some services already support it. Simply put, we’re stuck with the old,
The City of Dallas in Texas, US, has confirmed a ransomware attack took down essential services, including some 911 dispatch systems. “Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment,” the City wrote in a press release. “Subsequently, the City has
by Paul Ducklin We’ve written about PHP’s Packagist ecosystem before. Like PyPI for Pythonistas, Gems for Ruby fans, NPM for JavaScript programmers, or LuaRocks for Luaphiles, Packagist is a repository where community contributors can publish details of PHP packages they’ve created. This makes it easy for fellow PHP coders to get hold of library code
Pediatric mental health provider Brightline has warned patients that it suffered a data breach on January 30, impacting 783,606 people. Writing in a notice on its website earlier this week, Brightline said the breach was related to a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform. “Through its investigation, Fortra states that it
by Paul Ducklin SILENT SECURITY! (IS THAT A GOOD THING?) No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the
The US Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to incorporate the Covered List created by the Federal Communications Commission (FCC) into their risk management plans. The list encompasses a number of communications equipment and service providers that have been determined by the US government to pose a potential national security risk according
by Paul Ducklin Apple’s AirTag system has famously been subjected to firmware hacking, used as a free low-bandwidth community radio network, and involved in a stalking incident that tragically ended in a murder charge. To be fair to Apple, the company has introduced various tricks and techniques to make AirTags harder for stalkers and criminals
German IT service provider Bitmarck has confirmed bringing all of its customer and internal systems offline due to a cyber-attack discovered over the weekend. Writing on a temporary website on Sunday (and then on Monday), the company said the cyber-attack was detected by its early warning systems. “In compliance with our security protocol, we have
An Ohio man has been sentenced to four years and three months behind bars after stealing 712 bitcoin ($21m), which were seized by investigators following the arrest of his brother. Gary James Harmon, 31, of Cleveland, stole the cryptocurrency, which was the subject of “pending criminal forfeiture proceedings” in the case of his sibling, Larry
by Paul Ducklin We’ve written about the uncertainty of Apple’s security update process many times before. We’ve had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them… …but without even the vaguest description of what sort of criminals, and what they
Multiple Android applications have been observed not invalidating or revalidating session cookies during app data transfer from one device to another. The technique would enable attackers with a highly privileged device migration tool to move applications to a new Android device, causing migration issues, according to a new advisory by CloudSEK researchers. “This means if
by Paul Ducklin Researchers at dark web monitoring company Cyble recently wrote about a data-stealing-as-a-service toolkit that they found being advertised in an underground Telegram channel. One somewhat unusual aspect of this “service” (and in this context, we don’t mean that word in any sort of positive sense!) is that it was specifically built to
Weekly cyber-attacks have increased worldwide by 7% in Q1 2023 compared to the same period last year, with each firm facing an average of 1248 attacks per week. The figures come from Check Point’s latest research report, which also suggests that the education and research sector experienced the highest number of attacks, rising to an
A UK secondary school has confirmed it was hit by a cyber-incident affecting its IT network. Hardenhuish School in Chippenham, Wiltshire, confirmed the attack on Thursday, saying hackers gained access to network infrastructure and then demanded a ransom for restoring access. At the time of writing, it is unclear whether the school paid the ransom,
by Naked Security writer A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google. Google, it seems, decided to use its size, influence and network data to say, “No more!”, based on evidence it had collected
Artificial Intelligence (AI) tooling was the hot topic at this year’s RSA Conference, held in San Francisco. The potential of generative AI in cybersecurity tooling has sparked excitement among cybersecurity professionals. However, questions have been raised about the practical usage of AI in cybersecurity and the reliability of the data used to build AI models.
by Paul Ducklin 2FA, HACKING, AND PATCHING No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our
Professional sport faces unique cyber-threats and challenges, especially sounding the tie-in cyber has with physical security. These distinctive challenges have led to close collaboration between top organizations in this sector. This is according to CISOs from three of the US’ largest sports – Steve Grossman from the National Basketball Association, Tomás Maldonado at the National
by Paul Ducklin The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. To explain, a 2FA (two-factor authentication) app is one of those programs that you run on your
The current democratic system is not for purpose in the 21st Century and requires a radical revamp using modern technologies. This was the key message Bruce Schneier, security technologist, researcher, and lecturer at Harvard Kennedy School, highlighted during his keynote address on day two of the RSA 2023 Conference. Schneier said that democratic systems should
by Paul Ducklin We’ll be honest, and admit that we hadn’t heard of the printer management software PaperCut until this week. In fact, the first time we heard the name was in the context of cybercriminality and malware attacks, and we naively assumed that “PaperCut” was what we like to call a BWAIN. A BWAIN
To ensure that digital systems and products have security built in by design, the US federal government and cybersecurity professionals have been calling for greater investment in skills and training in cybersecurity throughout the tech sector. Despite CISA Director Jen Easterly recently calling for universities to include security as a standard element in computer science
by Paul Ducklin If you’re a Google Chrome or Microsoft Edge browser fan, you’re probably getting updates automatically and you’re probably up to date already. However… …just in case you’ve missed any updates recently, we suggest you go and check right now, because the Chromium browser core, on which both Edge and Chrome are based,
Popular software tools such as Zoom, Cisco AnyConnect, ChatGPT and Citrix Workspace have been trojanized to distribute the malware known as Bumblebee. Secureworks’ Counter Threat Unit (CTU) analyzed the findings in a report published on Thursday, saying the infection chain for several of these attacks relied on a malicious Google Ad that sent users to
The attack tool known as Evil Extractor and developed by a company called Kodex as an “educational tool,” has been used by threat actors to target Windows-based machines. The claims come from Fortinet security researchers and were described in an advisory published on Thursday. “[We] observed this malware in a phishing email campaign [disguised as account
An employee from the US Consumer Financial Protection Bureau (CFPB) has reportedly forwarded confidential records of roughly 256,000 consumers and confidential supervisory information of approximately 50 institutions to a personal email account. Congressman Bill Huizenga addressed the claims in a letter to CFPB director, Rohit Chopra, dated April 18. “At the time of your notification,
by Paul Ducklin Logging software has made cyberinsecurity headlines many times before, notably in the case of the Apache Log4J bug known as Log4Shell that ruined Christmas for many sysadmins at the end of 2021. The Log4Shell hole was a security flaw in the logging process itself, and boiled down to the fact that many
The 3CX Desktop App software has been reportedly compromised via a prior software supply chain breach, with a North Korean actor suspected to be responsible. According to security researchers at Mandiant, the initial compromise was traced back to malware from financial software firm Trading Technologies’ website. The first attack saw hackers place a backdoor into
- « Previous Page
- 1
- …
- 21
- 22
- 23
- 24
- 25
- …
- 51
- Next Page »