Month: February 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new Cybersecurity Advisory (CSA) on Thursday warning critical infrastructure sector entities against ongoing North Korean state-sponsored ransomware activity. Part of the #StopRansomware campaign, the new advisory is a result of a collaboration between CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department

by Paul Ducklin CAN YOU GET HACKED AND THEN PROSECUTED FOR IT? Cryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL. Medical breacher busted. Is that a bug or a feature? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro

Large-scale supply chain attacks have become a huge challenges for information security professionals. The past three years has seen a staggering 742% surge of supply chain attacks , according to cybersecurity firm Sonatype. To evolve software supply chain security, organizations should start by using the tools the open source community offers, said Thomas Steenbergen, head

by Paul Ducklin Cybersecurity news, in Europe at least, is currently dominated by stories about “VMWare ESXi ransomware” that is doing the rounds, literally and (in a cryptographic sense at least) figuratively. CERT-FR, the French government’s computer emergency response team, kicked off what quickly turned into a mini-panic at the tail end of last week,

A British Member of Parliament (MP) has revealed his personal email account was hacked by suspected Russian threat actors. Stewart McDonald from the Scottish National Party (SNP) highlighted the spearphishing incident in a tweet published on February 8. It read: “Over the past couple of weeks I have been dealing with a sophisticated and targeted

by Paul Ducklin OpenSSL, probably the best-known if not the most widely-used encryption library in the world, has just release a trifecta of security updates. These patches cover the two current open-source versions that the organisation supports for everyone, plus the “old” 1.0.2-version series, where updates are only available to customers who pay for premium

For small and medium-sized businesses (SMBs) the evolving cyber insurance landscape can be particularly challenging to navigate. With the rise in ransomware attacks and their associated costs for many organizations there is a place for cyber insurance as part of their business coverage. IMB’s 2022 Data Breach Report noted that the average cost of a

by Naked Security writer In October 2022, we asked you to imagine being stuck in the following awful situation: Imagine that you’d spoken in what you thought was total confidence to a psychotherapist, but the contents of your sessions had been saved for posterity, along with precise personal identification details such as your unique national

The Iranian threat actor called Neptunium by Microsoft has been associated by the tech giant with a recent hacking operation targeting the satirical French magazine Charlie Hebdo. Microsoft’s Digital Threat Analysis Center (DTAC) shared the findings last Friday in a blog post, adding that Neptunium is likely the same group that has been identified by

by Paul Ducklin DO WE REALLY NEED A NEW “WAR AGAINST CRYPTOGRAPHY”? We talk to renowned cybersecurity author Andy Greenberg about his tremendous new book, Tracers in the Dark. Hear Andy’s thoughtful commentary on cybercrime, law enforcement, anonymity, privacy, and whether we really need a “war against cryptography” – codes and ciphers that the government

A malicious campaign targeting organizations in the Middle East with a new backdoor malware has been spotted by security researchers. Describing the activity in a Thursday advisory, Trend Micro researchers Mohamed Fahmy, Sherif Magdy and Mahmoud Zohdy have attributed it to the advanced persistent threat (APT) group the company refers to as APT34. “The main

Threat actors have been observed using malvertising attacks to distribute virtualized .NET malware loaders dubbed “MalVirt.” According to a Thursday advisory by SentinelOne, the new loaders leverage obfuscated virtualization techniques to avoid detection. “The loaders are implemented in .NET and use virtualization, based on the KoiVM virtualizing protector of .NET applications, in order to obfuscate

by Paul Ducklin The open source operating system distribution OpenBSD is well-known amongst sysadmins, especially those who manage servers, for its focus on security over speed, features and fancy front-ends. Fittingly, perhaps, its logo is a puffer fish – inflated, with its spikes ready to repel any wily hackers who might come along. But the

Atlassian has released multiple patches to fix a critical security vulnerability in Jira Service Management Server and Data Center. The flaw (tracked CVE-2023-22501) has a CVSS score of 9.4 and can reportedly be exploited by attackers to impersonate other users and obtain unauthorized access to affected instances. “With write access to a User Directory and

by Paul Ducklin WHY DID THAT TAKE SO LONG? Latest epidode – listen now. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts,