Security

0 Comments
A previously unknown strain of Linux malware is targeting WordPress based websites, according to research by cybersecurity firm Dr.Web. Dubbed Linux.BackDoor.WordPressExploit.1, the Trojan targets 32-bit versions of Linux but can also run on 64-bit versions. Its main function is to hack websites based on a WordPress content management system (CMS) and inject a malicious JavaScript
0 Comments
The FCC is going after an alleged prolific robocall company, with a proposed record-breaking fine in the hundreds of millions of dollars. The regulator said an operation run by Roy Cox, Jr. and Michael Aaron Jones made billions of illegal robocalls via their Sumco Panama company and numerous other entities located in the US, Panama
0 Comments
The global political unrest from this year will seep into 2023 with serious ramifications for the security industry, according to Infosecurity Europe’s community of cybersecurity leaders. However, with stricter regulations and developments in Artificial Intelligence (AI) and Machine Learning (ML), CISOs may be in a stronger position to minimise threats next year.  The organisers of
0 Comments
A prolific botnet that spreads primarily through IoT and web application vulnerabilities has added new exploits and attack capabilities, Microsoft has warned. Zerobot (aka ZeroStresser) is a Go-based botnet sold on the cybercrime underground via a malware-as-a-service model, which makes it relatively easy for its developers to update functionality regularly. Mainly used for distributed denial
0 Comments
Password management giant LastPass has revealed that hackers that breached the firm in August made off with encrypted customer vault data and unencrypted account information. The update comes after the firm originally said that the incident only resulted in a breach of “source code and some proprietary LastPass technical information.” Then at the end of
0 Comments
The UK’s data protection watchdog has hit out at several newspaper editors for misrepresenting the nature of a draft code of practice for journalists. The Information Commissioner’s Office (ICO) is currently working with the media industry to develop a Journalism Code of Practice. The aim is to help journalists meet their statutory data protection obligations,
0 Comments
by Paul Ducklin Popular password management company LastPass has been under the pump this year, following a network intrusion back in August 2022. Details of how the attackers first got in are still scarce, with LastPass’s first official comment cautiously stating that: [A]n unauthorized party gained access to portions of the LastPass development environment through
0 Comments
The FBI has warned that cyber-criminals are using search engine advertisement services to defraud the public. The public service announcement, issued on December 21, 2022, stated that threat actors are purchasing these ad services to impersonate brands for the purpose of luring users to malicious websites. These sites, which “look identical to the impersonated business’s
0 Comments
by Paul Ducklin STOP THE CROOKS BEFORE THEY STOP YOU! Paul Ducklin talks to world-renowned cybersecurity expert Fraser Howard, Director of Research at SophosLabs, in this fascinating episode, recorded during our recent Security SOS Week 2022. When it comes to fighting cybercrime, Fraser truly is a “specialist in everything”, and he also has the knack
0 Comments
by Paul Ducklin When we woke up this morning, our cybersecurity infofeed was awash with “news” that Apple had just patched a security hole variously described a “gnarly bug”, a “critical flaw” that could leave your Macs “defenceless”, and the “Achilles’ heel of macOS”. Given that we usually check our various security bulletin mailing lists
0 Comments
Ransomware groups are expected to tweak their tactics, techniques and procedures (TTPs) and shift their business models as organizations strengthen their cybersecurity measures, law enforcement gets better at tracking down threat actors and governments tighten regulations on cryptocurrencies, according to Trend Micro’s latest research paper. In the report, published on 15 December and titled The