A new wave of attacks involving a notorious macOS adware family has evolved to leverage around 150 unique samples in the wild in 2021 alone, some of which have slipped past Apple’s on-device malware scanner and even signed by its own notarization service, highlighting the malicious software ongoing attempts to adapt and evade detection. “AdLoad,”
Nearly half (48%) of US hospitals have disconnected their networks in the past six months due to ransomware, according to a new study from Philips and CyberMDX. The Perspectives in Healthcare Security Report is based on interviews with 130 IT and cybersecurity hospital executives and biomedical engineers and technicians. The findings revealed the outsized impact ransomware continues to have on
Texts purporting to be from parcel and delivery companies are the most prevalent form of ‘smishing’ scams, according to new data provided to UK Finance by cybersecurity firm Proofpoint. The data showed that over two-thirds (67.4%) of all UK texts reported as spam to the NCSC’s 7726 text messaging system, operated by Proofpoint, during the 30
The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers ESET researchers have discovered and analyzed a previously undocumented backdoor, implemented as an extension for Internet Information Services (IIS), Microsoft’s web server software. The backdoor, which we
American tech-driven beauty brand IL MAKIAGE has acquired Israeli deep-tech AI-based computational imaging startup Voyage81 for $40m. IL MAKIAGE, which is based in New York City’s Soho area, was relaunched in 2018 by brother and sister duo Oran Holtzman and Shiran Holtzman-Erel. Two years later, the company became the fastest-growing online beauty brand in the United States. Voyage81
We’ve all been there. It’s the middle of the night and you wake up to a sad and sniffly kiddo shuffling into your room. Yup, looks like someone has a temperature. You phone the on-call doctor to make sure it’s nothing serious and then set an alarm so you can make an appointment when the
A new paper explains how ransomware has become one of the top cyberthreats of the day and how your organization can avoid becoming the next victim The infosec community has long been warning that ransomware has the potential to grow into the number one cyberthreat for business. However, since ransom demands were low and malware
Microsoft has disclosed details of an evasive year-long social engineering campaign wherein the operators kept changing their obfuscation and encryption mechanisms every 37 days on average, including relying on Morse code, in an attempt to cover their tracks and surreptitiously harvest user credentials. The phishing attacks take the form of invoice-themed lures mimicking financial-related business
Over one-third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months, according to new research. In a survey conducted by the International Data Corporation (IDC), it was found that many organizations that fell victim to ransomware experienced multiple ransomware events. In the
by Paul Ducklin [02’31”] Home and small business routers under attack. [16’22”] A hacking tool favoured by crooks gets hacked. [23’56”] The Navajo Nation’s selfless cryptographic contribution to America. [29’43”] A cybercrook gets aggrieved at being ripped off by cybercrooks. [38’33”] Oh! No! The steaming CEO with the flashing phone. With Doug Aamoth and Paul
Co-written by Catherine Huang, Ph.D. and Abhishek Karnik Artificial Intelligence (AI) continues to evolve and has made huge progress over the last decade. AI shapes our daily lives. Deep learning is a subset of techniques in AI that extract patterns from data using neural networks. Deep learning has been applied to image segmentation, protein structure, machine translation, speech recognition and robotics. It has outperformed human champions in the game of Go. In recent years, deep
As employees split their time between office and off-site work, there’s a greater potential for company devices and data to fall into the wrong hands Over the past few pieces of this mini-series on hybrid working, we’ve explored the potential cyber-risks posed by humans and their use of cloud and other services. But what about
Ransomware operators such as Magniber and Vice Society are actively exploiting vulnerabilities in Windows Print Spooler to compromise victims and spread laterally across a victim’s network to deploy file-encrypting payloads on targeted systems. “Multiple, distinct threat actors view this vulnerability as attractive to use during their attacks and may indicate that this vulnerability will continue
A Virginia businessman who conned his victims out of more than a million dollars has been sentenced to prison. Glen Allen resident Gordon G. Miller III was the owner and operator of software engineering company G3 Systems and of purported venture capital company, G3i Ventures, LLC. From 2017, the 56-year-old began running multiple fraud schemes
by Paul Ducklin Remember Mt. Gox? Sure you do! Although it’s usually said aloud as “Mount Gox”, as if it were a topographic feature, it actually started life as MTGOX, short for Magic: The Gathering Online Exchange, where MTG fans could trade cards via the internet. The web domain was eventually repurposed for what was,
As outlined in Executive Order on Improving the Nation’s Cybersecurity (EO 14028), Section 3: Modernizing Federal Government Cybersecurity, CISA has been tasked with developing a Federal cloud-security strategy to aid agencies in the adoption of a Zero Trust Architecture to meet the EO Requirements. While the government awaits the completion of that effort, I think
The last in our series on IIS threats introduces a malicious IIS extension used to manipulate page rankings for third-party websites ESET researchers have discovered and analyzed a previously undocumented server-side trojan that manipulates search engine results by hijacking the reputation of the websites it compromises. We named the trojan IISerpent to highlight its two
Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post made by the operators on their dark web portal, likely filling a void left in the wake of DarkSide and REvil shutdown. “These people are beyond privacy and security. I really hope that
Consumer cybersecurity companies NortonLifeLock and Avast have announced an agreement for the Tempe-based cyber safety company to buy the digital security privacy company. NortonLifeLock’s closing share price was $27.20 as of July 13, 2021 — the last trading day before market speculation began — meaning the merger values between $8.1 bn and $8.6 bn. According
by Paul Ducklin Evan Grant, a researcher at network security scanning company Tenable, recently decided to have a go at hacking a home router. The idea, it seems, was more to learn about the general techniques, tools and procedures available to router hackers than to conduct a security assessment of any particular product. Understandably, therefore,
This month’s Patch Tuesday brings us a relatively small number of CVEs being patched, but an abnormally high percentage of noteworthy critical vulnerabilities. Vulnerability Analysis: CVE-2021-34535 One such vulnerability is identified as CVE-2021-34535, which is a remote code execution flaw in the Remote Desktop client software, observed in mstscax.dll, which is used by Microsoft’s built-in
As fraud involving highly believable synthetic media soars, what can you do to avoid getting scammed? Deepfake renditions of loved ones saying they’ve been kidnapped paint a grim picture of what future deepfakes – specially constructed videos from real data – purport to bring next to technology. After machine learning ingests the droves of images
Adobe on Tuesday shipped security updates to remediate multiple critical vulnerabilities in its Magento e-commerce platform that could be abused by an attacker to execute arbitrary code and take control of a vulnerable system. The issues affect 2.3.7, 2.4.2-p1, 2.4.2, and earlier versions of Magento Commerce, and 2.3.7, 2.4.2-p1, and all prior versions of Magento
The owner of a martial arts academy in Florida is in custody after allegedly installing hidden cameras in the restroom to spy on students. Police in Broward County arrested 64-year-old martial arts instructor Robert Danilo Franco on Friday. An investigation was launched after a 17-year-old female student spotted the devices and tipped off police. Investigators said the
Every organization has data moving to the multi-cloud; digital transformation is occurring rapidly, is here to stay, and is impacting every major industry. Organizations are working hard to adopt Zero Trust architectures as their critical information, trade secrets, and business applications are no longer stored in a single datacenter or location. As a result, there
How peering into the innards of a future satellite can make cybersecurity in space more palatable Here at DEF CON 29, the Aerospace Village is alive and well, and aside from the repeated wailing of the neighboring car hacking village setting the car alarm off every 30 seconds, the hardware sitting here, called a Flat
A critical vulnerability has been disclosed in hardware random number generators used in billions of Internet of Things (IoT) devices whereby it fails to properly generate random numbers, thus undermining their security and putting them at risk of attacks. “It turns out that these ‘randomly’ chosen numbers aren’t always as random as you’d like when
Autonomous farming equipment that can be controlled remotely now helps to feed humanity. But what if that farming equipment were hacked? On August 8, at the DEF CON 29 conference, an Australian researcher known only as ‘Sick Codes‘ detailed what he referred to as a “tractor load of vulnerabilities” that, if exploited by an attacker,
by Paul Ducklin [00’26”] Timezone curiosities – when modular arithmetic gets weird [04’38”] Microsoft researcher found Apple 0-day in March, didn’t report it [13’18”] Retro computing – the TRS-80 arrived in August 1977 [19’17”] BazarCaller – the crooks who talk you into infecting yourself [33’02”] Oh! No! A billionaire… but only for 5 minutes With
In the last week there has been change, but a lot remains the same, too. First, we are now McAfee Enterprise, a pure-play enterprise cybersecurity company under the new ownership of Symphony Technology Group (STG). It’s an exciting change and true focus for our company, allowing us to concentrate on enterprise and commercial business needs.