by Naked Security writer A Florida man who was part of a cybercrime gang who went after cryptocoin wallets has been sentenced for his part in a cyberheist that allegedly netted the participants more than $20,000,000. The scammers, including one Nicholas Truglia, 25, got control of various online accounts belonging to the victim by using
Month: December 2022
Dec 07, 2022Ravie LakshmananCryptocurrency / Threat Intelligence Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups to seek out potential victims. Microsoft’s Security Threat Intelligence Center (MSTIC) is tracking the activity under the name DEV-0139, and builds upon a recent report from Volexity that attributed the same set of
Without doubt, the biggest criticism we all have of social media is that everyone always looks fabulous! And while we all know that everyone is only sharing the best version of themselves, let’s be honest – it can be a little wearing. Well, there’s a new social media platform that is determined to uproot our
A large proportion of young internet users are engaging in some form of cyber-related crimes, including money muling, digital piracy and posting hate speech, according to a major new EU-funded study. The University of East London (UEL) research was financed by the bloc’s Horizon fund and undertaken in collaboration with Europol’s cybercrime center. It polled
by Paul Ducklin One of the first low-level network tools that any computer user learns about is the venerable ping utility. Named after the eponymous sound effect from any and every old-school war movie scene involving submarines, the command is a metaphorical echo (see what we did there?) of the underwater version of RADAR known
Forget pests for a minute. Modern farms also face another – and more insidious – breed of threat. While I was in the UK police force and part of the National Cyber Crime Unit in 2018, I was asked to give a talk on cybersecurity at a National Farmers’ Union (NFU) meeting in southern England.
Dec 06, 2022Ravie LakshmananEndpoint Security / Data Security A version of an open source ransomware toolkit called Cryptonite has been observed in the wild with wiper capabilities due to its “weak architecture and programming.” Cryptonite, unlike other ransomware strains, is not available for sale on the cybercriminal underground, and was instead offered for free by
You flick through some reels and an ad for “a more private phone” crops up. You scroll through your news feed and catch wind of yet another data breach at a major retailer. You see a post from a friend who says their social media account was hacked. Maybe you don’t think about security every
Microsoft has warned that countries outside of Ukraine deemed to be helping its war effort may increasingly be targeted by Russian cyber-attacks this winter. Clint Watts, general manager of Microsoft’s Digital Threat Analysis Center, said the Prestige ransomware attacks on Polish infrastructure in October could be a sign of things to come. That campaign
by Paul Ducklin It’s just under two weeks since Google rushed out a Chrome patch for the then-current version 107 to seal off a bug that was already being used in real-life attacks. The company said nothing more about that bug than to describe it as a “heap buffer overflow in GPU” [sic], and to
Dec 05, 2022Ravie Lakshmanan The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow
This time of year, the air not only gets chillier but a bit cheerier for everyone … including online scammers. Holiday scams are a quick way to make a buck, and cybercriminals employ several holiday-themed schemes to weasel money and personally identifiable information (PII) from gift givers. Here are three common holiday scams to watch
Threat actors have been spotted using criminal proxy networks to obfuscate their illegal activities by hiding behind hijacked IP addresses and using the same to create an appearance of legitimacy. The findings come from security researchers at DomainTools, who have said that while these networks were initially used as part of botnets, their lucrative nature
by Paul Ducklin Forget Sergeant Pepper and his Lonely Hearts Club Band, who taught the band to play a mere 20 years ago today. December 2022 sees the 35th anniversary of the first major self-spreading computer virus – the infamous CHRISTMA EXEC worm that temporarily crushed the major mainframe networks of the day… … not
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first discovered and reported by Google reverse engineer Łukasz Siewierski on Thursday. “A platform certificate is the application signing certificate used to sign the ‘android’ application on the system image,”
Whether you’re standing around the water cooler at work, waiting for your kids at the school gate or sitting around the dinner table, data breaches are without doubt the hot topic of conversation. In late September, we were all shaken when news of the biggest Australian data breach to date broke – a record 10
The annual number of memory safety vulnerabilities in Android dropped from 223 in 2019 to 85 in 2022 as Google gradually transitioned towards memory-safe languages. The tech giant made the announcement in a blog post on Thursday, where it wrote that for over a decade, 65% of all vulnerabilities across products and the industry were
by Paul Ducklin It’s just under a month since iOS 16.1.1 came out for Apple iPhone users, fixing a pair of bugs that were listed with the worrying words “a remote user may be able to cause unexpected app termination or arbitrary code execution”. Both macOS 13 Ventura and iPadOS got updated at the same
Deployed against carefully selected targets, the new backdoor combs through the drives of compromised systems for files of interest before exfiltrating them to Google Drive This week, ESET researchers published their analysis of a previously undocumented backdoor that the ScarCruft APT group has used against carefully selected targets. ScarCruft is an espionage group that has
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the issue on
Even with the holidays in full swing, scammers won’t let up. In fact, it’s high time for some of their nastiest cons as people travel, donate to charities, and simply try to enjoy their time with friends and family. Unfortunate as it is, scammers see this time of year as a tremendous opportunity to profit.
A newly discovered Trojan has stolen Facebook logins from over 300,000 users in a campaign lasting four years, according to Zimperium. The security vendor claimed to have found the “Schoolyard Bully” malware hidden in several applications available on both Google Play and third-party app stores. “Even though these apps have now been removed from Google
by Paul Ducklin Back in August 2022, popular password manager company LastPass admitted to a data breach. The company, which is owned by sofware-as-a-service business GoTo, which used to be LogMeIn, published a very brief but nevertheless useful report about that incident about a month later: Briefly put, LastPass concluded that the attackers managed to
With the rapidly rising energy prices putting a strain on many households, what are some quick wins to help reduce the power consumption of your gadgets? This time last year few of us were concerned about how much energy we used. Even fewer probably bothered to check how much we were spending annually. That calculus
The threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), the agencies highlighted a “sharp
Security researchers analyzing a prolific botnet managed to accidentally kill it due to the coding equivalent of a typing error, according to Akamai. The cloud security firm detected the “KmsdBot” last month. The Golang-based bot is designed to conscript machines via SSH and weak credentials, and has the functionality to launch DDoS and cryptomining campaigns
by Paul Ducklin In a fascinating legal deliberation handed down by the French data protection regulator CNIL (Commission Nationale de l’Informatique et des Libertés), the energy company Électricité de France, or EDF for short, has been fined EUR 600,000 (about $600,000). The legal declaration is, in the manner of such things, rather long and (to
ESET researchers uncover Dolphin, a sophisticated backdoor extending the arsenal of the ScarCruft APT group ESET researchers have analyzed a previously unreported backdoor used by the ScarCruft APT group. The backdoor, which we named Dolphin, has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and
The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. “The backdoor […] has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing