Month: June 2023

0 Comments
National Hazard Agency, a sub-group of the LockBit ransomware gang, posted the name of Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest chip manufacturer, on LockBit’s dark web leak site on June 29, 2023. The threat actor has demanded TSCM pay a $70m ransom to prevent them from leaking the data they allegedly possess. The
0 Comments
by Paul Ducklin PONG FOR ONE!? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS
0 Comments
Jun 30, 2023Ravie LakshmananPrivacy / Tech Meta’s WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can be shared in conversations. This includes the ability to send and receive images, voice notes, files, stickers and GIFs, WhatsApp told The Hacker News. The new features were first
0 Comments
by Naked Security writer The latest high-profile cybercrime exploits attributed to the Clop ransomware crew aren’t your traditional sort of ransomware attacks (if “traditional” is the right word for an extortion mechanism that goes back only to 1989). Conventional ransomware attacks are where your files get scrambled, your business gets totally derailed, and a message
0 Comments
Jun 29, 2023Ravie LakshmananWebsite Security / Vulnerability A critical security flaw has been disclosed in miniOrange’s Social Login and Register plugin for WordPress that could enable a malicious actor to log in as any user-provided information about email address is already known. Tracked as CVE-2023-2982 (CVSS score: 9.8), the authentication bypass flaw impacts all versions
0 Comments
The dismantling of an encrypted chat platform used by organized crime gangs (OCGs) has led to 6558 arrests in the past three years, including 197 “high-value targets,” according to Europol. EncroChat was used by tens of thousands of criminals to communicate without fear of being snooped on by law enforcers. Special devices were sold for
0 Comments
Jun 28, 2023Ravie LakshmananEndpoint Security / RCE Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems. “These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements,” SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE
0 Comments
Security experts have warned that a majority of the UK’s leading lenders are failing to protect their customers from email fraud, through patchy implementation of DMARC. The Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol helps prevent email-based fraud and impersonation attempts by authenticating sender identity before a message is delivered. However, there are three
0 Comments
The UK government has responded to several concerns about its Cyber Essentials scheme, noting that just 35,000 organizations have been certified across the country. Operated by the Department for Science, Innovation and Technology (DSIT) and the National Cyber Security Centre (NCSC), and delivered through the IASME Consortium, Cyber Essentials was launched nine years ago in
0 Comments
Security researchers have discovered a sophisticated attack campaign that exploits custom and open-source tools to target Linux-based systems and Internet of Things (IoT) devices. According to a new blog post by Microsoft, the attackers utilized a patched version of OpenSSH to gain control of compromised devices and install cryptomining malware. Read more on this type
0 Comments
Jun 24, 2023Ravie LakshmananThreat Intel / Zero Day The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware (CVE-2023-20867 and CVE-2023-20887), and
0 Comments
Service members across the US military have reported receiving smartwatches unsolicited in the mail.  These smartwatches have Wi-Fi auto-connect capabilities and can connect to cell phones unprompted, gaining access to user data. According to the US Criminal Investigation Division (CID), the smartwatches may also contain malware granting the sender access to saved data, including banking information,
0 Comments
by Paul Ducklin The Australian Prime Minister, Anthony Albanese, has apparently advised people Down Under to turn off their mobile phones once a day, for the surprisingly precise period of five minutes, as a cybersecurity measure. UK newspaper The Guardian quotes the PM as saying: We all have a responsibility. Simple things, turn your phone
0 Comments
Jun 23, 2023Ravie LakshmananSocial Engineering / Phishing A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that leverage advanced social engineering ploys to gain initial access. “The attack style defining Muddled Libra appeared on the cybersecurity radar in late 2022 with the release of the 0ktapus
0 Comments
A primer on how to use this powerful tool for uncovering and connecting information from publicly available sources It’s a truism that personal data is a valuable asset for cybercriminals, as it allows them to tailor and otherwise improve their phishing and other social engineering attacks. The wealth and variety of personal data that is
0 Comments
The UK’s National Cyber Security Centre (NCSC) has released updated guidance to help law firms mitigate the latest cyber-threats. Worth an estimated £44bn ($56bn), the sector employs over 320,000 people and consists of roughly 33,000 businesses, according to the report. However, the size of these organizations and the amount of resources they dedicate to cybersecurity
0 Comments
by Paul Ducklin LISTEN AND LEARN Gee Whizz BASIC (probably). Think you know ransomware? Megaupload, 11 years on. ASUS warns of critical router bugs. MOVEit mayhem Part III. No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on
0 Comments
by Paul Ducklin Right at the start of June 2023, well-known Russian cybersecurity outfit Kaspersky reported on a previously unknown strain of iPhone malware. Most notable about the original story was its strapline: Targeted attack on [Kaspersky] management with the Triangulation Trojan. Although the company ultimately said, “We’re confident that Kaspersky was not the main