Security

A bill designed to increase visibility of foreign ransomware attackers has passed in the US House of Representatives. The Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act (also known as the RANSOMWARE Act) will make it easier for the US to respond to ransomware attacks from foreign

by Paul Ducklin If you’ve ever watched a professional plumber at work, or a plasterer, or a bricklayer, or the people who deftly use those improbably long sticks to craft paper-thin pancakes the size of a bicycle wheel… …you’ve probably had the same thoughts that we have. I could do that. I really could. But

Police in Spain have arrested two people on suspicion of hacking the country’s Radioactivity Alert Network (RAR). The RAR, operated by Spain’s General Directorate of Civil Protection and Emergencies, is a network of gamma radiation sensors. It monitors parts of Spain – which operates nuclear power plants – for excessive radiation. The two individuals are

by Paul Ducklin Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just

A database containing 5.4m Twitter users’ data is reportedly for sale on a popular criminal forum. Twitter is investigating the issue, which the seller said exploited a vulnerability in its systems reported in January. The seller, using the nickname ‘devil,’ advertised the data on the Breached Forums site and demanded at least $30,000 for it.

by Paul Ducklin Samba is a widely-used open source toolkit that not only makes it easy for Linux and Unix computers to talk to Windows networks, but also lets you host a Windows-style Active Directory domain without Windows servers at all. The name, in case you’ve ever wondered, is a happy-sounding and easy-to-say derivation from

Banks received the lion’s share of phishing attacks during the first half of 2022, according to figures published by cybersecurity company Vade today. The analysis also found that attackers were most likely to send their phishing emails on weekdays, with most arriving between Monday and Wednesday. Attacks tapered off towards the end of the week, Vade said.

by Paul Ducklin It’s time for this month’s scheduled Firefox update (technically, with 28 days between updates, you sometimes get two updates in one calendar month, but July 2022 isn’t one of those months)… …and the good news is that the worst bugs listed, which get a risk category of High, are those found by

The National Institute of Standards and Technology (NIST) has updated its cybersecurity guidance for protecting healthcare data. The draft update will provide a more practical guide for healthcare providers to comply with government rules on personal health data security, it claimed. The initial draft of the document is titled ‘Implementing the Health Insurance Portability and

by Paul Ducklin Just under a year ago, the US arm of telecomms giant T-Mobile admitted to a data breach after personal information about its customers was offered for sale on an underground forum. At the time, VICE Magazine claimed to have communicated with the hacker behind the breach via online chat, and to have

Ukrainian radio stations were hacked this week by threat actors to spread fake news about President Volodymyr Zelensky’s health, according to Ukraine’s security officials. A music program on “at least one” out of TAVR Media’s stations – one of Ukraine’s largest radio networks – was interrupted by the false reports just after midday on July 21. The so-far unidentified

Google this week announced the reversing of its recent decision to remove the app permissions list from the Google Play Store for Android. In tweets published on July 21, the Android Developers team stated that “privacy and transparency are core values in the Android community. We heard your feedback that you find the app permissions section in

by Paul Ducklin Apple has disgorged its latest patches, fixing more than 50 CVE-numbered security vulnerabilities in its range of supported products. The relevant security bulletins, update numbers, and where to find them online are as follows: APPLE-SA-2022-07-20-1: iOS 15.6 and iPadOS 15.6, details at HT213346 APPLE-SA-2022-07-20-2: macOS Monterey 12.5, details at HT213345 APPLE-SA-2022-07-20-3: macOS

This week HP released their report The Evolution of Cybercrime: Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back, exploring how cyber-criminals are increasingly operating in a quasi-professional manner, with malware and ransomware attacks being offered on a ‘software-as-a-service’ basis. The report’s findings showed how cybercrime is being supercharged through “plug and

by Paul Ducklin The phrase Office macros is a harmless-sounding, low-tech name that refers, in real life, to program code you can squirrel away inside Office files so that the code travels along with the text of a document, or the formulas of a spreadsheet, or the slides in a presentation… …and even though the

China has fined global mobility technology platform Didi Global around $1.2bn (8.026 billion yuan) for violating the country’s network security law, data security law and personal information protection law. The Cyberspace Administration of China (CAC), the country’s cybersecurity regulator, also fined two Didi executives 1 million yuan each for the infringements. The announcement came a

by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.

Unpatched flaws in popular GPS devices could allow attackers to disrupt and track vehicles, security researchers have warned. Security company BitSight described six ‘severe’ vulnerabilities in the MiCODUS MV720 GPS tracker, a popular device designed for vehicle fleet management and theft protection. The BitSight research came alongside a warning from the US Department of Homeland

by Paul Ducklin As the English translation of the Baroque-era German rendering of the Ancient Greek philosophical saying goes: Though the mills of God grind slowly, yet they grind exceeding small/Though with patience he stands waiting, with exactness grinds he all. Today, this saying is usually applied in respect of the judicial process, noting that

The Albanian government has been hit with a “massive cyber-attack,” forcing its websites offline. In a statement shared with local news outlets, the government blamed the incident on a synchronized “attack from abroad.” The press release continued: “In order to not allow this attack to damage our information system, the National Agency of Information Society

The UK government has set out proposals for a new AI rulebook to unleash innovation and boost public trust in the technology, according to a policy paper published today by the Department for Digital, Culture, Media and Sport. The report outlines the government’s approach to regulating the technology in the UK, with proposed rules addressing

by Paul Ducklin Remember Log4Shell? It was a dangerous bug in a popular open-source Java programming toolkit called Log4j, short for “Logging for Java”, published under a liberal, free source code licence, by the Apache Software Foundation. If you’ve ever written software of any sort, from the simplest BAT file on a Windows laptop to

North Korean threat actors are targeting small and mid-sized businesses with ransomware, according to Microsoft Security researchers. The group of actors, going by the name H0lyGh0st, have been developing and conducting cross-national malware attacks for over a year, performing successful attacks as early as September 2021.  As well as using a ransomware payload, the group – tracked

This week the US Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report into the December 2021 Log4j event, where a number of vulnerabilities were reported with this Java-based logging framework. The report’s methodology included a mixture of interviews and requests for information over a 90-day period, engaging with approximately 80 organizations and individuals

Data generated by OnePoll from April 28 to May 3 2022 on behalf of AT&T shows that the average person happens upon a suspicious online site or social media account 6.5 times a day. The recent survey of 2000 general population Americans also found that 54% of consumers said they were unaware of the difference between active and passive

by Paul Ducklin It’s prime vacation season in the Northern Hemipshere, and in some countries, July and August aren’t just months when some people take some days off, but a period of extended family holidays, often involving weeks away from home or on the road. The good news, of course, is that if you’ve had

The Virginia Commonwealth University Health System (VCU) has warned almost 4500 transplant participants about a privacy breach affecting their healthcare information. The company warned that some transplant recipients’ medical records contained their donor’s information, while recipient information also showed up in some donors’ records. It has been inappropriately exposing this information since 2006 in some

by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.

Microsoft patched a zero-day bug in its latest Patch Tuesday update this week that allowed remote execution on Windows machines and which is already being exploited in the wild. CVE-2022-22047 is an elevation of privilege vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS), which is responsible for Windows features, including console windows and the shutdown process.

by Paul Ducklin Have you ever come really close to clicking a phishing link simply through coincidence? We’ve had a few surprises, such as when we bought a mobile phone from a click-and-collect store a couple of years back. Having lived outside the UK for many years before that, this was our first-ever purchase from