by Naked Security writer He was sentenced under his real-life name of Ramon, but in back in his boastful days of pretending to be a seriously successful real estate agent based in Dubai, you may have seen and heard of him as Ray, or, to give him his full nickname, Ray Hushpuppi. To be clear,
Month: November 2022
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T2 2022 Today ESET Research publishes the very first ESET APT Activity Report, which summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from May until the end of
Internet giant Google has agreed to pay a record $391.5 million to settle with 40 states in the U.S. over charges the company misled users about the collection of personal location data. “Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect
Several of Twitter’s C-level security and privacy executives have resigned following the chaos that ensued from the Elon Musk acquisition of the social media platform. “I’ve made the hard decision to leave Twitter,” said the company’s now-former chief information security officer Lea Kissner in a tweet on Thursday. “I’ve had the opportunity to work with
A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team (SIRT), the Golang-based malware has been found targeting a variety of companies ranging from gaming
A Russian and Canadian national has been charged with conspiracy to intentionally damage protected computers and to transmit ransom demands in connection with the LockBit global campaign. Mikhail Vasiliev, 33, was apprehended in Bradford, Ontario yesterday and is currently in custody in Canada, awaiting extradition to the US. “This arrest is the result of over
by Paul Ducklin Remember those Exchange zero-days that emerged in a blaze of publicity back in September 2022? Those flaws, and attacks based on them, were wittily but misleadingly dubbed ProxyNotShell because the vulnerabilities involved were reminiscent of the ProxyShell security flaw in Exchange that hit the news in August 2021. Fortunately, unlike ProxyShell, the
When in doubt, kick it out, plus other tips for hardening your cyber-defenses against World Cup-themed phishing and other scams The FIFA World Cup 2022 in Qatar is just about to kick off! From November 20th through December 18th, one of this year’s most important global events will attract hundreds of millions of football (or
Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. “Xenomorph is a trojan that steals credentials from banking applications on users’ devices,” Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new guide on Stakeholder-Specific Vulnerability Categorization (SSVC). This vulnerability management methodology is designed to assess vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts on safety and prevalence of the affected product in a singular system. SSVC was first created by CISA in collaboration
by Paul Ducklin A bug bounty hunter called David Schütz has just published a detailed report describing how he crossed swords with Google for several months over what he considered a dangerous Android security hole. According to Schütz, he stumbled on a total Android lockscreen bypass bug entirely by accident in June 2022, under real-life
New ESET report shows how ever-growing threats impact SMB sentiment and why many SMBs are underprepared to defend against attacks Three in four SMBs believe that they are more vulnerable to cyberattacks than enterprises, ESET’s 2022 SMB Digital Security Sentiment Report published this week has found. This doesn’t always seem to be reflected in their
Two long-running surveillance campaigns have been found targeting the Uyghur community in China and elsewhere with Android spyware tools designed to harvest sensitive information and track their whereabouts. This encompasses a previously undocumented malware strain called BadBazaar and updated variants of an espionage artifact dubbed MOONSHINE by researchers from the University of Toronto’s Citizen Lab
Smishing and vishing are scams where criminals attempt to get users to click a fraudulent link through a phone text message, email, or voicemail. These scams are becoming increasingly popular as cybercriminals try to take advantage of people who are more likely to fall for them, such as those who aren’t as familiar with technology
Three vulnerabilities have been discovered in the UEFI firmware of several Lenovo notebooks. Tracked CVE-2022-3430, CVE-2022-3431 and CVE-2022-3432, the flaws have been found by security researchers at ESET and affect various Lenovo Yoga, IdeaPad and ThinkBook devices. The first of the vulnerabilities is a flaw in the WMI Setup driver, which may allow an attacker with elevated privileges to modify
by Paul Ducklin THREE BILLION DOLLARS IN A POPCORN TIN? Radio waves so mysterious they’re known only as X-Rays. Were there six 0-days or only four? The cops who found $3 billion in a popcorn tin. Blue badge confusion. When URL scanning goes wrong. Tracking down every last unpatched file. Why even unlikely exploits can
Survey finds SMBs, weary of security failures, curious about detection and response How a company sees its digital security preparedness is critical. Conservative companies might follow the crowd, implementing a necessary minimum to ensure nominal security, and perhaps that’s the right choice for their business. Margins could be tight, or growth might not call for
Microsoft on Thursday attributed the recent spate of ransomware incidents targeting transportation and logistics sectors in Ukraine and Poland to a threat cluster that shares overlaps with the Russian state-sponsored Sandworm group. The attacks, which were disclosed by the tech giant last month, involved a strain of previously undocumented malware called Prestige and is said
Authored by: Christy Crimmins and Oliver Devane Football (or Soccer as we call it in the U.S.) is the most popular sport in the world, with over 3.5 billion fans across the globe. On November 20th, the men’s World Cup kicks off (pun intended) in Qatar. This event, a tournament played by 32 national teams
A path-traversal vulnerability has been discovered in ABB Totalflow flow computers and controllers that could lead to code injection and arbitrary code execution (ACE). The high-risk vulnerability (tracked CVE-2022-0902) has a CVSS v3 of 8.1 and affected several ABB G5 products. It has been discovered by security experts at Team82, Claroty’s research arm. “Attackers can exploit this
by Paul Ducklin No sooner had we stopped to catch our breath after reviewing the latest 62 patches (or 64, depending on how you count) dropped by Microsoft on Patch Tuesday… …than Apple’s latest security bulletins landed in our inbox. This time there were just two reported fixes: for mobile devices running the latest iOS
Do you make these security mistakes and put yourself at greater risk for successful attacks? How much of your personal time do you spend online? The answer may be a lot more than you think. One recent study estimated that Brits spend five hours on average each day glued to their screens, not including work
PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. “The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx): all simply from an OS,” Slovak cybersecurity firm ESET explained in a series
Twelve percent of all employees take sensitive intellectual property (IP) with them when they leave an organization. The data comes from workforce cyber intelligence and security company Dtex, which published a report about top insider risk trends for 2022 earlier today. “Customer data, employee data, health records, sales contacts, and the list goes on,” reads
by Paul Ducklin Here’s an important thing to remember about jurisprudential arithmetic, where two negatives definitely don’t make a positive: stealing money from someone who originally acquired it through criminal means doesn’t “cancel out” the criminality. You can still go to prison for a very lengthy stretch, and here’s one way. Remember Silk Road? Not
Make sure that the device that’s supposed to help you keep tabs on your little one isn’t itself a privacy and security risk We’ve probably all read horror stories online: a parent is woken in the middle of the night by strange noises coming from their child’s bedroom. They open the door, only to find
Microsoft’s latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days. 12 of the issues are rated Critical, two are rated High, and 55 are rated Important in severity. This also includes the weaknesses that were closed out by OpenSSL
There’s no doubt that cyber bullying ranks towards the top of most parents ‘worry list’. As a mum of 4, I can tell you it always came in my top five, usually alongside driving, drugs, cigarettes and alcohol! But when McAfee research in May revealed that Aussie kids experience the 2nd highest rate of cyberbullying
Australia’s largest health insurer Medibank has announced it will not pay a ransom to the threat actors behind the October data breach affecting 9.7 million customers. Writing on LinkedIn over the weekend, Medibank CEO David Koczkar said that, based on the advice the company has received from cybercrime experts, they believe that there is only a
by Paul Ducklin Well-known cybersecurity researcher Fabian Bräunlein has featured not once but twice before on Naked Security for his work in researching the pros and cons of Apple’s AirTag products. In 2021, he dug into the protocol devised by Apple for keeping tags on tags and found that the cryprography was good, making it