by Paul Ducklin It’s been a newsworthy few weeks for password managers – those handy utilities that help you come up with a different password for every website you use, and then to keep track of them all. At the end of 2022, it was the turn of LastPass to be all over the news,
Lose what you don’t use and other easy ways to limit your digital footprint and strengthen your online privacy and security In case you missed it, last week was Data Privacy Week, an awareness campaign to remind everybody that any of our online activities creates a trail of data and that, therefore, we need to
Over the past few years, cybersecurity has become a major concern for businesses around the globe. With the total cost of cybercrime in 2023 forecasted to reach $8 Trillion – with a T, not a B – it’s no wonder that cybersecurity is top of mind for leaders across all industries and regions. However, despite
Security researchers have discovered underground cybercrime sites selling cheating services, leaked courses and fake certificates to help unscrupulous individuals gain security qualifications and/or a leg up in their careers. Dov Lerner, head of threat research at Cybersixgill, said in a new report out today that his team found fake CompTIA CySA+ diplomas, among other security-related
by Paul Ducklin Another day, another access-token-based database breach. This time, the victim (and in some ways, of course, also the culprit) is Microsoft’s GitHub business. GitHub claims that it spotted the breach quickly, the day after it happened, but by then the damage had been done: On December 6, 2022, repositories from our atom,
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T3 2022 ESET APT Activity Report T3 2022 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from September until the end of December 2022. In the monitored timespan,
Feb 01, 2023Ravie LakshmananPayment Security / Risk The Brazilian threat actors behind an advanced and modular point-of-sale (PoS) malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions. Russian cybersecurity firm Kaspersky said it detected three versions of Prilex (06.03.8080, 06.03.8072, and 06.03.8070) that
Russian hacktivists appear to have been busy again after reports suggested several hospital websites across the US and the Netherlands were downed by distributed denial of service (DDoS) attacks. University of Michigan Hospital and Stanford Health Care Center were among the targeted facilities in the current campaign, which hit a handful of hospitals in the
by Paul Ducklin Samba, simply put, is a super-useful, mega-popular, open-source reimplementation of the networking protocols used in Microsoft Windows, and its historical importance in internetworking (connecting two different sorts of network together) cannot be underestimated. In the late 1990s, Microsoft networking shed its opaque, proprietary nature and became an open standard known as CIFS,
Jan 31, 2023Ravie LakshmananData Security / Vulnerability Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1
Security experts have warned of several new apps available on Google Play which purport to help the user develop healthy habits in return for rewards, but in reality just bombard them with irritating ads. Lucky Habit: health tracker, Lucky Step-Walking Tracker and WalkingJoy have garnered over 20 million downloads for what appears to be the same
Jan 30, 2023Ravie LakshmananInternet of Things / Malware Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of
An operation responding to a Black Basta ransomware compromise has revealed the use of a new PlugX malware variant that can automatically infect any attached removable USB media devices. Palo Alto Networks Unit 42 shared the findings with Infosecurity earlier today, adding that the new PlugX variant is “wormable” and can infect USB devices in
by Paul Ducklin BREACHES, PATCHES, LEAKS AND TWEAKS Latest epidode – listen now. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify,
Sandworm continues to conduct attacks against carefully chosen targets in the war-torn country ESET researchers have uncovered a new wiper attack in Ukraine that they attribute to the Sandworm APT group. Dubbed SwiftSlicer, the destructive malware was spotted on the network of a targeted organization on January 25th. It was deployed through Group Policy, which suggests
Jan 29, 2023Ravie LakshmananCyber Threat / Malware The threat actors associated with the Gootkit malware have made “notable changes” to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is “exclusive to this group.” Gootkit,
Researchers have found three separate vulnerabilities in OpenEMR, an open-source software for electronic health records and medical practice management. Clean code experts at Sonar published an advisory Wednesday about the discovered flaws by security researcher Dennis Brinkrolf. “During our security research of popular web applications, we discovered several code vulnerabilities in OpenEMR,” Brinkrolf wrote. “A combination of
by Naked Security writer Six months ago, according to the US Department of Justice (DOJ), the Federal Bureau of Investigation (FBI) infiltrated the Hive ransomware gang and started “stealing back” the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two
Data Privacy Week is a reminder to protect your data – all year round. Here are three privacy-boosting habits you can start today. Every action we take on the internet generates data that is shared with online services and other parties. It stands to reason, then, that we need to assert control over how much
Jan 28, 2023Ravie LakshmananServer Security / DNS The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. “A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and
Global law enforcers celebrated this week after revealing a coordinated operation to disrupt the Hive ransomware variant. The ransomware-as-a-service (RaaS) outfit has targeted more than 1500 victims in over 80 countries since June 2021, making an estimated $100m in the process, according to the Department of Justice (DoJ). Victims included hospitals, schools, financial firms and critical infrastructure
by Paul Ducklin The Public Prosecution Service in the Netherlands [Dutch: Openbaar Ministerie] has just released information about an unnamed suspect arrested back in December 2022 for allegedly stealing and selling personal data about tens of millions of people. The victims are said to live in countries as far apart as Austria, China, Columbia, the
The data trail you leave behind whenever you’re online is bigger – and more revealing – than you may think “The lampposts are listening to me; I am sure that the adverts I see online are from a conversation I had walking down the street.” Yes, someone I know claims this is happening to them.
In what’s a case of hacking the hackers, the darknet infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. “Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying
The volume of publicly reported data breaches and leaks remained at a near-record level in 2022, although consumers and businesses are being let down by the paucity of information provided by breached companies, according to the Identity Theft Resource Center (ITRC). The non-profit’s 2022 Data Breach Report is compiled from company announcements, mainstream news media,
by Paul Ducklin Over the years, we’ve written and spoken on Naked Security many times about the thorny problem of DNS hijacking. DNS, as you probably know, is short for domain name system, and you’ll often hear it described as the internet’s “telephone directory” or “gazetteer”. If you’re not familiar with the word gazeteer, it
Looking for an alternative to Twitter and thinking about joining the folks flocking to Mastodon? Here’s how the two platforms compare to each other. From restructuring their workforces to facing big fines, big tech companies have been on a roller coaster ride recently – but certainly none quite as much as Twitter. Indeed, Twitter has
Jan 26, 2023Ravie LakshmananThreat Detection / Endpoint Security Cybersecurity researchers have unearthed a new Python-based attack campaign that leverages a Python-based remote access trojan (RAT) to gain control over compromised systems since at least August 2022. “This malware is unique in its utilization of WebSockets to avoid detection and for both command-and-control (C2) communication and
A leading US gaming company is primed to respond to any new cheats that may emerge for its titles following a ransomware compromise last week. California-based Riot Games said yesterday that it had received a ransom demand, which it would not pay. However, the data taken by its extorters may create problems for the firm in
by Paul Ducklin GoTo is a well-known brand that owns a range of products, including technologies for teleconferencing and webinars, remote access, and password management. If you’ve ever used GoTo Webinar (online meetings and seminars), GoToMyPC (connect and control someone else’s computer for management and support), or LastPass (a password manangement service), you’ve used a
- « Previous Page
- 1
- …
- 61
- 62
- 63
- 64
- 65
- …
- 118
- Next Page »