by Paul Ducklin Remember those Exchange zero-days that emerged in a blaze of publicity back in September 2022? Those flaws, and attacks based on them, were wittily but misleadingly dubbed ProxyNotShell because the vulnerabilities involved were reminiscent of the ProxyShell security flaw in Exchange that hit the news in August 2021. Fortunately, unlike ProxyShell, the
The Russia-linked APT29 nation-state actor has been found leveraging a “lesser-known” Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity. “The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting,” Mandiant researcher Thibault Van Geluwe de Berlaere said in a technical write-up. APT29,
Twelve percent of all employees take sensitive intellectual property (IP) with them when they leave an organization. The data comes from workforce cyber intelligence and security company Dtex, which published a report about top insider risk trends for 2022 earlier today. “Customer data, employee data, health records, sales contacts, and the list goes on,” reads
by Paul Ducklin Here’s an important thing to remember about jurisprudential arithmetic, where two negatives definitely don’t make a positive: stealing money from someone who originally acquired it through criminal means doesn’t “cancel out” the criminality. You can still go to prison for a very lengthy stretch, and here’s one way. Remember Silk Road? Not
Malicious software, or “malware,” refers to any program designed to infect and disrupt computer systems and networks. The risks associated with a malware infection can range from poor device performance to stolen data. However, thanks to their closed ecosystem, built-in security features, and strict policies on third-party apps, Apple devices tend to be less prone
Make sure that the device that’s supposed to help you keep tabs on your little one isn’t itself a privacy and security risk We’ve probably all read horror stories online: a parent is woken in the middle of the night by strange noises coming from their child’s bedroom. They open the door, only to find
The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. “Amadey bot, the malware that is used to install LockBit, is being distributed through two methods: one using a malicious Word document file, and the other using an executable that takes the disguise of the Word file icon,”
Australia’s largest health insurer Medibank has announced it will not pay a ransom to the threat actors behind the October data breach affecting 9.7 million customers. Writing on LinkedIn over the weekend, Medibank CEO David Koczkar said that, based on the advice the company has received from cybercrime experts, they believe that there is only a
by Paul Ducklin Well-known cybersecurity researcher Fabian Bräunlein has featured not once but twice before on Naked Security for his work in researching the pros and cons of Apple’s AirTag products. In 2021, he dug into the protocol devised by Apple for keeping tags on tags and found that the cryprography was good, making it
There’s no doubt that cyber bullying ranks towards the top of most parents ‘worry list’. As a mum of 4, I can tell you it always came in my top five, usually alongside driving, drugs, cigarettes and alcohol! But when McAfee research in May revealed that Aussie kids experience the 2nd highest rate of cyberbullying
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was “consistent with the precursors to a ransomware
A business email compromise (BEC) group dubbed ‘Crimson Kingsnake’ has recently been spotted impersonating well-known international law firms to trick recipients into approving overdue invoice payments. As outlined in a technical write-up by cloud email security platform Abnormal, 92 malicious domains of 19 law firms and debt collection agencies across the US, UK and Australia have been
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it imperative that organizations
The LockBit hacking group has claimed responsibility for the August cyber-attack against the multinational automotive group Continental. The ransomware gang made the announcement on its leak site on Wednesday and is threatening to publish the company’s data unless the ransom is paid over the next few hours of today (Friday). On the dark web blog
by Paul Ducklin Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week. The OpenSSL team announced in advance, as it usually does, that a new version of its popular cryptographic library would soon be released. This notification stated that the update would patch against a security hole
This week’s news offered fresh reminders of the threat that ransomware poses for businesses and critical infrastructure worldwide A number of reports published this week offered a reminder of the threat that ransomware poses for organizations and critical infrastructure worldwide, and were also an indication of the enormous repercussions that a successful ransomware attack can
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer. “The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22,”
The individuals behind the Black Basta ransomware have been linked to hacking operations conducted by the FIN7 threat actors. According to a new advisory by SentinelLabs, Black Basta actors have used a custom defense impairment tool (found exclusively in incidents by this specific threat actor) in several instances. “Our investigation led us to a further
by Naked Security writer It’s only a week since Elon Musk’s take-private of Twitter on 28 October 2022… …but if you take into account the number of news stories about it (and, perhaps ironically under the circumstances, the volume of Twitter threadspace devoted to it), it probably feels a lot longer. There’s been plenty to
What you paid for your home, who lives there with you, your age, your children, your driving record, education, occupation, estimated income, purchasing habits, and any political affiliations you may have—all pretty personal information, right? Well, there’s a good chance that anyone can find it online. All it takes is your name and address.
The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. “This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications,” Zscaler ThreatLabz researcher Sudeep Singh said in a Thursday
To mark Antimalware Day, we’ve rounded up some of the most pressing issues for cybersecurity now and in the future Organizations large and small have never been more at risk from cyberattacks, to the point that the litany of evolving and escalating cyberthreats have made cybersecurity a key boardroom-level agenda item. As security is the
The European Cybersecurity Agency (ENISA)’s threat landscape annual report 2022 is heavily influenced by the impact of the Russian invasion of Ukraine on the cyber landscape. Covering the period from July 2021 up to July 2022, the report was presented under the title Volatile Geopolitics Shake the Trends of the 2022 Cybersecurity Threat Landscape during
by Paul Ducklin WE DON’T KNOW HOW BAD WE WERE, BUT PERHAPS THE CROOKS WEREN’T ANY GOOD? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple
A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group. This link “could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups,” cybersecurity firm SentinelOne said
On Black Friday and Cyber Monday, the deals roll out. So do some of the worst Black Friday and Cyber Monday scams. Hackers, scammers, and thieves look to cash in this time of year by blending in with the holiday rush, spinning up their own fake shipping notices, phony deals, and even bogus charities that
Do you find reports of spy cams found in vacation rentals unsettling? Try these tips for spotting hidden cameras to put your worries to rest. Thanks to technology advances, travel has become faster, cheaper and more streamlined for many of us. We can book flights via smartphone apps, check in online, easily overcome language barriers
The US Department of Justice (DoJ) has published a document highlighting charges against eight individuals for their participation in a Racketeer Influenced and Corrupt Organizations (RICO) conspiracy that involved hacking and tax fraud. US attorney Roger B. Handberg announced the partial unsealing of the indictment on Tuesday, charging Andi Jacques, Monika Shauntel Jenkins, Louis Noel
by Paul Ducklin You’ve probably seen story after story in the media in the past week about a critical bug in OpenSSL, though at the time of writing this article[2022-11-01T11:30:00Z], no one covering OpenSSL actually knows what to tell you about the bug, because the news is about an update that is scheduled to come
Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers. “These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain code execution on the server running Checkmk version 2.1.0p10 and lower,” SonarSource researcher Stefan Schiller
- « Previous Page
- 1
- …
- 69
- 70
- 71
- 72
- 73
- …
- 116
- Next Page »