The enormous global costs of ransomware attacks on the manufacturing sector have been laid bare in a new analysis by Comparitech. The firm reviewed 478 confirmed ransomware attacks on the manufacturing companies from 2018 to July 2023, using its worldwide tracker to understand the true cost of such incidents. This includes the amount of downtime
by Paul Ducklin Another week, another BWAIN! As you’ll know if you listened to last week’s podcast (hint, hint!), BWAIN is short for Bug With An Impressive Name: It’s a nickname we apply when the finders of a new cybersecurity attack get so excited about their discovery that they give it a PR-friendly moniker, register
Aug 03, 2023THNCyber Attack / Phishing Microsoft on Wednesday disclosed that it identified a set of highly targeted social engineering attacks mounted by a Russian nation-state threat actor using credential theft phishing lures sent as Microsoft Teams chats. The tech giant attributed the attacks to a group it tracks as Midnight Blizzard (previously Nobelium). It’s
A new and sophisticated malware campaign named “P2Pinfect” has been observed targeting publicly-accessible deployments of the Redis data store. According to a technical write-up published on Monday by Cado Security Labs, the malware is written in Rust, making it challenging to analyze due to the programming language’s complexities. For context, in the time between Cado Security
by Paul Ducklin The latest full new version of Firefox is out, marking the first of two “monthly” upgrades you’ll see this month. Just as there will be a blue moon in August 2023 (that’s the name applied to a second full moon in the same calendar month, rather than reference to an atmospheric phenomenon
Aug 02, 2023THNVulnerability / Cyber Attack Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint advisory released by the Cybersecurity
The Android spyware known as SpyNote has been targeting financial institutions since late 2022 while expanding its capabilities to carry out bank fraud. Security researchers at Cleafy have recently shared new findings about SpyNote, saying the malware exploits Accessibility services and various Android permissions to conduct multiple malicious activities. SpyNote distribution occurs through email phishing
by Paul Ducklin Last week, the US Securities and Exchange Commission (SEC) announced new and fairly strict rules about cybersecurity breach disclosures for any people or companies that fall under its regulatory remit. The SEC, by the way, was founded at the height of the US Great Depression in the 1930s, with the aim of
Aug 01, 2023THNCyber Attack / Malware Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi). “It is a sophisticated downloader with the objective of installing a second malware
New research has highlighted the severe risks posed by forged certificate attacks, which can lead to unauthorized access to important company resources. These attacks, known as the Shadow Credentials technique, involve attackers exploiting certain parts of a system called Active Directory (AD) that manages user access to various services. Kaspersky cybersecurity expert Alexander Rodchenko conducted
Jul 29, 2023THNData Security / Privacy Apple has announced plans to require developers to submit reasons to use certain APIs in their apps starting later this year with the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 to prevent their abuse for data collection. “This will help ensure that apps
Nominations are open for the eighth annual Security Serious Unsung Heroes Awards to be held in London and run by Eskenzi PR. The awards are all about celebrating the UK’s cybersecurity professionals, teachers, lecturers, leaders and those working to make the industry not only more secure, but also more diverse and healthier for employees. Whether educating the
Jul 29, 2023THNAndroid / Malware A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal cryptocurrency wallet-related credentials and act as
The UK’s Ministry of Defence (MoD) is launching an investigation after a typing error reportedly led to classified emails being sent to a close ally of Russia instead of the intended recipients. The emails were meant for the US military, identifiable by the domain “.mil.” However, due to a simple mistake omitting the letter “i,” the messages
Jul 29, 2023The Hacker NewsBrowser Security / Data Security Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop “The Definitive Browser Security RFP Template.” This resource helps streamline
CardioComm Solutions, a Canadian medical provider of consumer heart monitoring and medical ECG software solutions, has disclosed a cybersecurity incident on Tuesday that occurred on the company’s servers. To address the situation, CardioComm said it is collaborating closely with KPMG-EGYDE, relevant authorities and third-party cybersecurity experts. The company assures its customers that there is no evidence
by Paul Ducklin ONE WEEK, TWO BWAINS Apple patches two zero-days, one for a second time. How a 30-year-old cryptosystem got cracked. All your secret are belong to Zenbleed. Remembering those dodgy PC/Mac ads. No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge.
Jul 28, 2023THNSoftware Security / Zero Day Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an “extremely severe” flaw that could result in pre-authenticated remote code execution on affected installations. Tracked as CVE-2023-38646, the issue impacts open-source editions
The threat of vendor email compromise (VEC) attacks has escalated, with recent data showing a sharp increase in such cyber-threats. According to a new report published by cybersecurity firm Abnormal Security earlier today, VEC attacks – a variant of business email compromise (BEC) – pose a significant risk to organizations worldwide. These attacks impersonate trusted
by Paul Ducklin If you’d been quietly chasing down cryptographic bugs in a proprietary police radio system since 2021, but you’d had to wait until the second half of 2023 to go public with your research, how would you deal with the reveal? You’d probably do what researchers at boutique Dutch cybersecurity consultancy Midnight Blue
Jul 26, 2023THNMalware / Cyber Threat A deeper analysis of a recently discovered malware called Decoy Dog has revealed that it’s a significant upgrade over the Pupy RAT, an open-source remote access trojan it’s modeled on. “Decoy Dog has a full suite of powerful, previously unknown capabilities – including the ability to move victims to
Infoblox has unveiled crucial updates on the “Decoy Dog” remote access trojan (RAT) toolkit in a new threat report published today. Initially discovered and disclosed in April 2023, Decoy Dog has proven to be more sophisticated than previously thought, using DNS for command-and-control (C2) and is suspected to be employed in ongoing nation-state cyber-attacks. Following Infoblox’s
by Paul Ducklin Remember Heartbleed? That was the bug, back in 2014, that introduced the suffix -bleed for vulnerabilities that leak data in a haphazard way that neither the attacker nor the victim can reliably control. In other words, a crook can’t use a bleed-style bug for a precision attack, such as “Find the shadow
Jul 26, 2023THNNetwork Security / Vulnerability A severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799 (CVSS score: 9.1), the shortcoming is expected to put approximately 500,000 and 900,000 RouterOS systems at risk of exploitation via
Tampa General Hospital (TGH) has revealed a data breach that may have affected the information of approximately 1.2 million patients. Writing in a notice on its website last week, TGH said it first detected unusual activity on its computer systems on May 31 2023. The hospital also explained that the cyber-criminals’ encryption attempts were foiled thanks to
by Paul Ducklin Two weeks ago, we urged Apple users with recent hardware to grab the company’s second-ever Rapid Response patch. As we pointed out at the time, this was an emergency bug fix to block off a web-browsing security hole that had apparently been used in real-world spyware attacks: Component: WebKit Impact: Processing web
Jul 25, 2023THNServer Security / Zero Day Atlassian has released updates to address three security flaws impacting its Confluence Server, Data Center, and Bamboo Data Center products that, if successfully exploited, could result in remote code execution on susceptible systems. The list of the flaws is below – CVE-2023-22505 (CVSS score: 8.0) – RCE (Remote
The Russian state prosecution asked the Moscow City Court to impose 18 years in a strict colony regime on Ilya Sachkov, the founder of cybersecurity and threat intelligence provider Group-IB, his lawyer Sergei Afanasyev told Russian press agency Interfax on July 21, 2023. This has been confirmed by the French press agency AFP. Sachkov was
Jul 21, 2023THNMalware / Software Security A new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. “HotRat malware equips attackers with a wide array of capabilities, such as stealing login credentials, cryptocurrency wallets,
Generative AI tools have conquered the workplace, especially large language model-based (LLM) chatbots like OpenAI’s ChatGPT and Google’s Bard. These powerful tools are capable of performing a broad range of tasks, from helping to draft perfect emails to providing digestible summaries, freeing up the time-strapped worker to focus on more strategic activities. However, using LLMs
- « Previous Page
- 1
- …
- 42
- 43
- 44
- 45
- 46
- …
- 119
- Next Page »