Online Pitstop

An operation responding to a Black Basta ransomware compromise has revealed the use of a new PlugX malware variant that can automatically infect any attached removable USB media devices. Palo Alto Networks Unit 42 shared the findings with Infosecurity earlier today, adding that the new PlugX variant is “wormable” and can infect USB devices in

by Paul Ducklin BREACHES, PATCHES, LEAKS AND TWEAKS Latest epidode – listen now. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify,

Researchers have found three separate vulnerabilities in OpenEMR, an open-source software for electronic health records and medical practice management. Clean code experts at Sonar published an advisory Wednesday about the discovered flaws by security researcher Dennis Brinkrolf. “During our security research of popular web applications, we discovered several code vulnerabilities in OpenEMR,” Brinkrolf wrote. “A combination of

by Naked Security writer Six months ago, according to the US Department of Justice (DOJ), the Federal Bureau of Investigation (FBI) infiltrated the Hive ransomware gang and started “stealing back” the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two

Global law enforcers celebrated this week after revealing a coordinated operation to disrupt the Hive ransomware variant. The ransomware-as-a-service (RaaS) outfit has targeted more than 1500 victims in over 80 countries since June 2021, making an estimated $100m in the process, according to the Department of Justice (DoJ). Victims included hospitals, schools, financial firms and critical infrastructure

by Paul Ducklin The Public Prosecution Service in the Netherlands [Dutch: Openbaar Ministerie] has just released information about an unnamed suspect arrested back in December 2022 for allegedly stealing and selling personal data about tens of millions of people. The victims are said to live in countries as far apart as Austria, China, Columbia, the

The volume of publicly reported data breaches and leaks remained at a near-record level in 2022, although consumers and businesses are being let down by the paucity of information provided by breached companies, according to the Identity Theft Resource Center (ITRC). The non-profit’s 2022 Data Breach Report is compiled from company announcements, mainstream news media,

by Paul Ducklin Over the years, we’ve written and spoken on Naked Security many times about the thorny problem of DNS hijacking. DNS, as you probably know, is short for domain name system, and you’ll often hear it described as the internet’s “telephone directory” or “gazetteer”. If you’re not familiar with the word gazeteer, it

A leading US gaming company is primed to respond to any new cheats that may emerge for its titles following a ransomware compromise last week. California-based Riot Games said yesterday that it had received a ransom demand, which it would not pay. However, the data taken by its extorters may create problems for the firm in

by Paul Ducklin GoTo is a well-known brand that owns a range of products, including technologies for teleconferencing and webinars, remote access, and password management. If you’ve ever used GoTo Webinar (online meetings and seminars), GoToMyPC (connect and control someone else’s computer for management and support), or LastPass (a password manangement service), you’ve used a

The UK’s data protection regulator has shared seven tips for SMBs, designed to save them time and money and boost customer confidence. The UK’s SMB community numbers over 5.5 million firms – amounting to over 99% of all businesses in the country. Yet many don’t have the in-house knowledge and resources to ensure they stay

by Paul Ducklin Last year, on the last day of August 2022, we wrote with mild astonishment, and perhaps even a tiny touch of excitement, about an unexpected but rather important update for iPhones stuck back on iOS 12. As we remarked at the time, we’d already decided that iOS 12 had slipped (or perhaps

A leading California-based gaming developer has admitted that a serious cyber-attack on its systems has halted all updates. Tencent-owned Riot Games, which produces popular titles like League of Legends and Valorant, explained briefly what happened in a series of tweets on Friday. “Earlier this week, systems in our development environment were compromised via a social

UK postal service Royal Mail announced on January 18, 2022, that it has resumed some “limited” international shipping following the ransomware attack that hit the company on January 11. These limited services include “International Standard and International Economy letters which do not require a customs declaration” and “International Business Standard (untracked) and International Business Economy

WhatsApp has been hit with a €5.5m ($5.9m) fine for GDPR violations by Ireland’s Data Protection Commission (DPC). In addition to the fine, WhatsApp Ireland has been directed to bring its data processing operations into compliance within six months. The case showcased significant disagreements between European data protection authorities about the extent of WhatsApp’s liability.

by Paul Ducklin US mobile phone provider T-Mobile has just admitted to getting hacked, in a filing known as an 8-K that was submitted to the Securities and Exchange Commission (SEC) yesterday, 2023-01-19. The 8-K form is described by the SEC itself as “the ‘current report’ companies must file […] to announce major events that