Security

by Paul Ducklin You’ve probably heard of Zlib, but even if you haven’t, you’ve almost certainly used it. Zlib’s unashamedly 1990s-style website describes the product as A Massively Spiffy Yet Delicately Unobtrusive Compression Library (Also Free, Not to Mention Unencumbered by Patents). Data compression software (and, of course, the matching code to decompress it later)

by Paul Ducklin Last time we reported on a Chrome zero-day flaw was back in February 2022. Back then, Google noted that the Chrome browser – and, by implication, all other browsers based on the Chromium-project code and its underlying Blink rendering engine – had been patched against a range of memory mismanagement bugs that

Ukraine’s national telecommunications provider has been hit by a significant cyber-attack, leading to the “most severe” disruption to internet connectivity in the region since the start of the conflict with Russia. Ukrtelecom, the country’s biggest provider of fixed internet in terms of geographic coverage, confirmed the incident yesterday and said it is gradually restoring connectivity

An Estonian man has been sentenced to over five years behind bars for his role in a wide-ranging online fraud and ransomware campaign. Maksim Berezan, 37, was arrested in Latvia and extradited to the US, where he pleaded guilty in April 2021 to conspiracy to commit wire fraud affecting a financial institution and conspiracy to

A patrolman at a Sheriff’s Office in Florida has been arrested on suspicion of sending sexually explicit images to a 16-year-old high school student. Clay County resident Alejandro Carmona-Fonseca had worked for the Jacksonville Sheriff’s Office for 15 years before his arrest on March 15. During that time, he was the subject of 28 complaints from his

A United States Senate committee has questioned whether a new data label created to protect sensitive information is being abused by the Pentagon to prevent the disclosure of important information to the public. The Senate Armed Services Committee, which authorizes defense spending, asked William LaPlante to review the increasing use of the freshly concocted Controlled Unclassified Information (CUI) label

by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.

A London nightclub owner has been forced to surrender hundreds of thousands of pounds worth of equipment seized by police after being linked to a notorious cybercrime money laundering group. The QQAAZZ group provided money-laundering services to many organized cybercrime groups over the years. According to the National Crime Agency (NCA), the transnational gang was managed from

by Naked Security writer You’ve almost certainly heard of the LAPSUS$ hacking crew. That’s lapsus, which is as good a Latin word as any for “data breach”, followed by a dollar sign, like a text variable in BASIC. Microsoft refers to this cybergang by the more pedestrian moniker of “the DEV-5037 actor”, and noted, in

Nearly two-thirds (62%) of cybersecurity teams are understaffed, and 63% have unfilled vacancies. This is according to ISACA’s State of Cybersecurity 2022 report, which highlighted organizations’ ongoing struggles to hire and retain skilled cybersecurity professionals. This year’s survey included insights from over 2000 cybersecurity professionals worldwide. A fifth of respondents admitted it takes more than six months

by Paul Ducklin In January 2021, reports surfaced of a backup-busting ransomware strain called Deadbolt, apparently aimed at small businesses, hobbyists and serious home users. As far as we can see, Deadbolt deliberately chose a deadly niche in which to operate: users who needed backups and were well-informed enough to make them, but who didn’t

Network defenders have just 43 minutes to mitigate ransomware attacks once encryption has begun, a new study from Splunk has warned. The security monitoring and data analytics vendor evaluated the speed at which 10 ransomware variants encrypt data to compile its report, An Empirically Comparative Analysis of Ransomware Binaries. Using a controlled Splunk Attack Range lab

The current cyber dimension of the Russia-Ukraine conflict and how it may escalate were discussed by Ciaran Martin, founding CEO of the UK’s National Cyber Security Centre (NCSC), during the keynote address at the Infosecurity Magazine Online Summit – EMEA 2022. Martin began by noting that so far, “the cyber dimension has been quieter than many of us might have

by Paul Ducklin CafePress is a web service that lets artists, shops, businesses, fan clubs – anyone who signs up, in fact – turn designs, corporate slogans, logos and the like into fun merchandise they can give away or sell on to others. The days when you had to put in an order for several hundred coffee

Several US authorities have released a new alert warning of the threat to critical infrastructure (CNI) providers from the AvosLocker ransomware group. The ransomware-as-a-service affiliate operation is targeting financial services, manufacturing and government entities, as well as organizations in other sectors, the report revealed. Victims reportedly hail from all over the globe, including the US,

by Paul Ducklin Ever wanted or needed to buy or sell cryptocoins on a whim, without going online? Ever felt like cashing in 100,000 Satoshis or so at 3am to treat your party buddies to a kebab-fest on the way home from a big night out? Well, if you live in the UK, you can’t

Uganda has arrested an author and activist and a TV journalist for allegedly cyber stalking the country’s President, Yoweri Museveni. Author Norman Tumuhimbise and his colleague Farida Bikobere were reportedly bundled into a van by armed security personnel last week. The pair’s lawyer, Eron Kiiza, confirmed their arrest on Thursday to the news agency Agence France-Presse (AFP).

by Paul Ducklin The latest raft of non-emergency Apple security updates are out, patching a total of 87 different CVE-rated software bugs across all Apple products and plaforms. There are 10 security bulletins for this bunch of updates, as follows: APPLE-SA-2022-03-14-1: iOS 15.4 and iPadOS 15.4 (HT213182) APPLE-SA-2022-03-14-2: watchOS 8.5 (HT213193) APPLE-SA-2022-03-14-3: tvOS 15.4 (HT213186)

A spear-phishing study by security company Barracuda has found that a third of malicious logins into compromised accounts in 2021 came from Nigeria. The finding was included in the Spear Phishing: Top Threats and Trends Vol. 7 – Key findings on the latest social engineering tactics and the growing complexity of attacks  report, released by the company on Wednesday. The

by Paul Ducklin OpenSSL published a security update this week. The new versions are 3.0.2 and 1.1.1n, corresponding to the two currently-supported flavours of OpenSSL (3.0 and 1.1.1). The patch includes a few general fixes, such as error reporting that’s been tidied up, along with an update for CVE-2022-0778, found by well-known bug eliminator Tavis

The UK’s National Cyber Security Centre (NCSC) has launched a significant public awareness campaign to encourage stronger security practices for emails and other digital accounts. The campaign offers actionable cybersecurity guidance to the public, in line with the UK government’s Cyber Aware advice. The first of these recommends using passwords containing three random words, ensuring they are unique, strong

by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Paul Ducklin and Chester Wisniewski. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.

The UK’s landmark Online Safety Bill has been introduced to Parliament today. The legislation was drafted in May last year and contained measures to tackle a range of digital harms, including child sexual abuse, terrorist material, fraud and online abuse. New obligations will be placed on social media firms and other services hosting user-generated content to prevent

by Paul Ducklin Last year, we wrote about a research paper from SophosLabs that investigated malware known as CryptoRom, an intriguing, albeit disheartening, nexus in the cybercrime underworld. This “confluence of criminality” saw cybercrooks adopting the same techniques as romance scammers to peddle fake cryptocurrency apps instead of false love, and fleece victims out of

Mobile applications with tens of millions of downloads are leaking sensitive user data due to the misconfiguration of back-end cloud databases, according to Check Point. The security vendor’s three-month study began with a simple query on VirusTotal for mobile apps listed on the malware scanning service that communicates with the Firebase cloud database. Throughout the study,

by Paul Ducklin The US Cybersecurity and Infrastructure Security Agency (CISA) has just put out a bulletin numbered AA22-074A, with the dramatic title Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability. To sidestep rumours based on the title alone (which some readers might interpret as an attack

More than two million mobile malware samples were detected in the wild last year, with threats impacting over 10 million devices globally, according to new data from Zimperium. The mobile security vendor compiled its 2022 Global Mobile Threat Report based on insight collected from its security research team and a survey of global tech leaders. It claimed

by Paul Ducklin As almost everyone who doesn’t live in North America knows… …American dates are weird! Those of us who care about these things use YYYY-MM-DD, because writing 2022-03-14 is undoubtedly the easiest way of avoiding ambiguity in dates, givem that the four-digit part is obviously the year, and everyone who writes the year

Strong customer authentication (SCA) rules for e-commerce have come into force in the UK today following delays due to the COVID-19 pandemic. The new measures mean UK shoppers will have to provide a combination of two forms of identification at checkout when making an online purchase. These will be two of the following forms of verification: knowledge

French bank BNP Paribas has reportedly blocked its Russian-based employees from accessing its internal computer systems. According to a Reuters source, the bank rescinded the access privileges of its Russian workforce over fears that connections to the local network could leave BNP Paribas vulnerable to cyber-attacks by Russian threat actors.  The restriction is reportedly part of the French lender’s