Security

0 Comments
The Cybersecurity and Infrastructure Security Agency (CISA) has released a new joint Cybersecurity Advisory (CSA) warning organizations against the ransomware and data extortion group Daixin Team. Published in conjunction with the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS), the CSA said Daixin Team is actively targeting US businesses, mainly in
0 Comments
Thousands of publicly exposed, active application programming interface (API) tokens have been spotted across the web that could threaten software integrity and allow bad actors to access confidential information, data or private networks. The findings come from security researchers at JFrog, who recently made the discovery while testing a new feature in one of the company’s security
0 Comments
by Paul Ducklin Java programmers love string interpolation features. If you’re not a coder, you’re probably confused by the word “interpolation” here, because it’s been borrowed as programming jargon where it’s not a very good linguistic fit… …but the idea is simple, very powerful, and sometimes spectacularly dangerous. In other programming ecosystems it’s often known
0 Comments
Multiple phishing domains impersonating Absher, the Saudi government service portal, have been set up to provide fake services to citizens and steal their credentials. The discovery comes from cybersecurity researchers at CloudSEK, who published an advisory about the threat on Thursday. “The threat actors are targeting individuals by sending an SMS, along with a link, urging
0 Comments
Ransomware has grown by 466% since 2019 and is increasingly being used as a precursor to physical war. The findings come from Ivanti’s Ransomware Index Report Q2–Q3 2022, which the company shared with Infosecurity earlier today. The data also shows ransomware groups continuing to grow in volume and sophistication, with 35 vulnerabilities becoming associated with ransomware
0 Comments
Video messaging platform Zoom released a new patch last week to a high-severity flaw in its client for macOS devices. The vulnerability (tracked CVE-2022-28762) refers to a debugging port misconfiguration affecting versions between 5.10.6 and 5.12.0 (excluded) and has a common vulnerability scoring system (CVSS) of 3.1 of 7.3 out of 10. “When camera mode
0 Comments
by Paul Ducklin Popular and ubiquitous (software isn’t always both of those things!) cloud meeting company Zoom recently announced an oops-that-wasn’t-supposed-to-happen bug in the Mac version of its software. The security bulletin is, forgivably, written in the typically staccato and jargon-soaked style of bug-hunters, but the meaning is fairly clear. The bug is denoted CVE-2022-28762,
0 Comments
A novel ransomware campaign has been spotted targeting organizations in the transportation and logistics industries in Ukraine and Poland using a previously unidentified ransomware payload. Dubbed “Prestige ranusomeware” by its creators, the malware was observed by the Microsoft Threat Intelligence Center (MSTIC), targeting several organizations on October 11 in attacks occurring within an hour of
0 Comments
Performance and security company Cloudflare reported that it stopped a 2.5Tbps distributed denial-of-service (DDoS) attack in Q3 2022 launched by a Mirai botnet against Minecraft server Wynncraft. The data comes from the company’s latest DDoS Threat Report, which includes insights and trends about the DDoS threat landscape in the third quarter of 2022. “Multi-terabit strong
0 Comments
A new threat cluster, tracked by SentinelLabs as WIP19, has been targeting telecommunications and IT service providers across the Middle East and Asia. According to the security experts, the group is characterized by the use of a legitimate, stolen digital certificate issued by DEEPSoft, a Korean company specializing in messaging solutions.  “Throughout this activity, the
0 Comments
Japanese car giant Toyota has warned that nearly 300,000 customers may have had their personal data leaked after an access key was publicly available on GitHub for almost five years. In a statement on its website, Toyota said that the email addresses and customer control numbers of 296,019 people who have used T-Connect, a telematics
0 Comments
by Paul Ducklin The second Tuesday of every month is Microsoft’s regular day for security updates, still known by almost everyone by its unofficial nickname of “Patch Tuesday”. But the second Tuesday in October is also Ada Lovelace Day, celebrating Ada, Countess of Lovelace. Ada was a true pioneer not only of computing, but also
0 Comments
Representatives from Ukraine’s State Service of Special Communications and Information Protection (SSSCIP) and the European Union Agency for Cybersecurity (ENISA) recently met to discuss strengthening cooperation and networking. The working meeting was held during the visit to ENISA HQ in Athens as a part of the Cybersecurity East Project. Viktor Zhora, SSSCIP deputy head, said after
0 Comments
Lloyd’s of London, the London-based insurance market heavily involved in implementing sanctions against Russia, may have been hit by a cyber-attack. On Wednesday, October 5, 2022, the British insurance market revealed it had detected “unusual activity” on its systems and has turned off all external connectivity “as a precautionary measure.” “We have informed market participants