Security

by Paul Ducklin If you’re a programmer, whether you code for a hobby or professionally, you’ll know that creating a new version of your project – an official “release” version that you yourself, or your friends, or your customers, will actually install and use – is always a bit of a white-knuckle ride. After all,

The South African threat actors known as “Automated Libra” have been improving their techniques to exploit cloud platform resources for cryptocurrency mining. According to Palo Alto Networks Unit 42, the threat actors have used a new Captcha-solving system alongside a more aggressive use of CPU resources for mining and the mix of “freejacking” with the

US-based health and human services organization Maternal & Family Health Services (MFHS) has reported being hit by a ransomware attack. The non-profit made the announcement on Thursday, saying its systems were compromised between August 21, 2021, and April 4, 2022. An investigation launched in April last year revealed the attack may have exposed sensitive information

Ongoing hacking campaigns orchestrated by the threat actor group Blind Eagle (also known as APT-C-36) have been spotted targeting individuals across South America. Security experts from Check Point Research (CPR) unveiled the findings in a new advisory published on Thursday, describing a novel infection chain involving an advanced toolset. “For the last few months, we have

Meta’s instant messaging subsidiary WhatsApp has officially introduced proxy support, reportedly to tackle internet disruption tactics used by repressive governments. The company made the announcement in a blog post on Thursday, saying the new feature is designed to put the power into people’s hands to maintain access to WhatsApp if their connection is blocked or

by Paul Ducklin There’s been a bit of a kerfuffle in the technology media over the past few days about whether the venerable public-key cryptosystem known as RSA might soon be crackable. RSA, as you probably know, is short for Rivest-Shamir-Adleman, the three cryptographers who devised what turned into an astonishingly useful and long-lived encryption

Threat actors have exploited Fortinet Virtual Private Network (VPN) devices to try and infect a Canadian-based college and a global investment firm with ransomware. The findings come from eSentire’s Threat Response Unit (TRU), which reportedly stopped the attacks and shared information about them with Infosecurity ahead of publication. eSentire said the threat actors tried to

by Paul Ducklin LAST STRAW FOR LASTPASS? IS CRYPTO DOOMED? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere

US Financial regulators have warned banks about the security risks posed by the crypto market. In a joint statement issued on January 3, 2022, the Board of Governors of the Federal Reserve, the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC) warned banking organizations of the “key risks

by Paul Ducklin Even though it’s already Day 4 of Year 2023, some of the important IT/sysadmin/X-Ops security stories of the holiday season are only popping up in mainstream news now. So we though we’d take a quick look back at some of the major issues we covered over the last couple of weeks, and

by Naked Security writer It looks like the sort of meeting room you might find in startups all over the world: diffuse lighting from windows down one wall, alongside a giant poster cityscape of New York’s Brooklyn Bridge, with the Manhattan skyline towering behind it. The difference in this case is that that the computer

A previously unknown strain of Linux malware is targeting WordPress based websites, according to research by cybersecurity firm Dr.Web. Dubbed Linux.BackDoor.WordPressExploit.1, the Trojan targets 32-bit versions of Linux but can also run on 64-bit versions. Its main function is to hack websites based on a WordPress content management system (CMS) and inject a malicious JavaScript

by Paul Ducklin A DAY IN THE LIFE OF A CYBERCRIME FIGHTER Once more unto the breach, dear friends, once more! Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure. Click-and-drag on the soundwaves below to skip

by Paul Ducklin PyTorch is one of the most popular and widely-used machine learning toolkits out there. (We’re not going to be drawn on where it sits on the artifical intelligence leaderboard – as with many widely-used open source tools in a competitive field, the answer seems to depend on whom you ask, and which

The FCC is going after an alleged prolific robocall company, with a proposed record-breaking fine in the hundreds of millions of dollars. The regulator said an operation run by Roy Cox, Jr. and Michael Aaron Jones made billions of illegal robocalls via their Sumco Panama company and numerous other entities located in the US, Panama

by Paul Ducklin Remember quantum computing, and the quantum computers that make it possible? Along with superstrings, dark matter, gravitons and controlled fusion (hot or cold), quantum computing is a concept that many people have heard of, even if they know little more about any of these topics than their names. Some us are vaguely

The global political unrest from this year will seep into 2023 with serious ramifications for the security industry, according to Infosecurity Europe’s community of cybersecurity leaders. However, with stricter regulations and developments in Artificial Intelligence (AI) and Machine Learning (ML), CISOs may be in a stronger position to minimise threats next year.  The organisers of

by Paul Ducklin It’s the last regular working weekday of 2022 (in the UK and the US, at least), in the unsurprisingly relaxed and vacationistic gap between Christmas and New Year… …so you were probably expecting us to come up either with a Coolest Stories Of The Year In Review listicle, or with a What

Geopolitics will continue to have an impact on cybersecurity and the security posture of organizations long into 2023. The impact of global conflicts on cybersecurity was thrust into the spotlight when Russia made moves to invade Ukraine in February 2022.  Ukraine’s Western allies were quick to recognize that with this came the threat of Russian-backed

by Paul Ducklin These days, almost every decent app, along with some that are half-decent (as well as a few that aren’t very good at all) will offer you tabbed whateveritis. Even command windows, which used to be just what they said (windows in which one – and only one – command shell was running),

France’s digital privacy regulator, the Commission nationale de l’informatique et des libertés (CNIL), announced on December 22, 2022 it had fined US tech giant Microsoft €60m ($64m), its largest this year, over advertising cookies. The CNIL found that Microsoft’s search engine, Bing, had not set up a system allowing users to refuse cookies as simply

by Paul Ducklin Hot on the heels of the LastPass data breach saga, which first came to light in August 2022, comes news of a Twitter breach, apparently based on a Twitter bug that first made headlines back in the same month. According to a screenshot posted by news site Bleeping Computer, a cybercriminal has

A prolific botnet that spreads primarily through IoT and web application vulnerabilities has added new exploits and attack capabilities, Microsoft has warned. Zerobot (aka ZeroStresser) is a Go-based botnet sold on the cybercrime underground via a malware-as-a-service model, which makes it relatively easy for its developers to update functionality regularly. Mainly used for distributed denial

by Paul Ducklin Just before the Christmas weekend – in fact, at about the same time that beleaguered password management service LastPass was admitting that, yes, your password vaults were stolen by criminals after all – we noticed a serious-sounding Linux kernel vulnerability that hit the news. The alerts came from Trend Micro’s Zero Day

Password management giant LastPass has revealed that hackers that breached the firm in August made off with encrypted customer vault data and unencrypted account information. The update comes after the firm originally said that the incident only resulted in a breach of “source code and some proprietary LastPass technical information.” Then at the end of

The UK’s data protection watchdog has hit out at several newspaper editors for misrepresenting the nature of a draft code of practice for journalists. The Information Commissioner’s Office (ICO) is currently working with the media industry to develop a Journalism Code of Practice. The aim is to help journalists meet their statutory data protection obligations,

US President Joe Biden has signed the Quantum Computing Cybersecurity Preparedness Act into law this week (December 21, 2022). The law is designed to secure the federal government systems and data against the threat of quantum-enabled data breaches, ahead of ‘Q Day’ – the point at which quantum computers are able to break existing cryptographic

What was just a rumor has been confirmed: employees of ByteDance, the China-based company that owns TikTok and its Chinese counterpart Douyin, accessed data from TikTok to track a Financial Times reporter and a former BuzzFeed reporter in a bid to identify the source of leaks to the media, ByteDance’s general counsel Erich Andersen admitted

by Paul Ducklin Popular password management company LastPass has been under the pump this year, following a network intrusion back in August 2022. Details of how the attackers first got in are still scarce, with LastPass’s first official comment cautiously stating that: [A]n unauthorized party gained access to portions of the LastPass development environment through

The FBI has warned that cyber-criminals are using search engine advertisement services to defraud the public. The public service announcement, issued on December 21, 2022, stated that threat actors are purchasing these ad services to impersonate brands for the purpose of luring users to malicious websites. These sites, which “look identical to the impersonated business’s