A new paper explains how ransomware has become one of the top cyberthreats of the day and how your organization can avoid becoming the next victim The infosec community has long been warning that ransomware has the potential to grow into the number one cyberthreat for business. However, since ransom demands were low and malware
admin
Over one-third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months, according to new research. In a survey conducted by the International Data Corporation (IDC), it was found that many organizations that fell victim to ransomware experienced multiple ransomware events. In the
by Paul Ducklin [02’31”] Home and small business routers under attack. [16’22”] A hacking tool favoured by crooks gets hacked. [23’56”] The Navajo Nation’s selfless cryptographic contribution to America. [29’43”] A cybercrook gets aggrieved at being ripped off by cybercrooks. [38’33”] Oh! No! The steaming CEO with the flashing phone. With Doug Aamoth and Paul
Co-written by Catherine Huang, Ph.D. and Abhishek Karnik Artificial Intelligence (AI) continues to evolve and has made huge progress over the last decade. AI shapes our daily lives. Deep learning is a subset of techniques in AI that extract patterns from data using neural networks. Deep learning has been applied to image segmentation, protein structure, machine translation, speech recognition and robotics. It has outperformed human champions in the game of Go. In recent years, deep
As employees split their time between office and off-site work, there’s a greater potential for company devices and data to fall into the wrong hands Over the past few pieces of this mini-series on hybrid working, we’ve explored the potential cyber-risks posed by humans and their use of cloud and other services. But what about
Ransomware operators such as Magniber and Vice Society are actively exploiting vulnerabilities in Windows Print Spooler to compromise victims and spread laterally across a victim’s network to deploy file-encrypting payloads on targeted systems. “Multiple, distinct threat actors view this vulnerability as attractive to use during their attacks and may indicate that this vulnerability will continue
A Virginia businessman who conned his victims out of more than a million dollars has been sentenced to prison. Glen Allen resident Gordon G. Miller III was the owner and operator of software engineering company G3 Systems and of purported venture capital company, G3i Ventures, LLC. From 2017, the 56-year-old began running multiple fraud schemes
As outlined in Executive Order on Improving the Nation’s Cybersecurity (EO 14028), Section 3: Modernizing Federal Government Cybersecurity, CISA has been tasked with developing a Federal cloud-security strategy to aid agencies in the adoption of a Zero Trust Architecture to meet the EO Requirements. While the government awaits the completion of that effort, I think
by Paul Ducklin Remember Mt. Gox? Sure you do! Although it’s usually said aloud as “Mount Gox”, as if it were a topographic feature, it actually started life as MTGOX, short for Magic: The Gathering Online Exchange, where MTG fans could trade cards via the internet. The web domain was eventually repurposed for what was,
The last in our series on IIS threats introduces a malicious IIS extension used to manipulate page rankings for third-party websites ESET researchers have discovered and analyzed a previously undocumented server-side trojan that manipulates search engine results by hijacking the reputation of the websites it compromises. We named the trojan IISerpent to highlight its two
Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post made by the operators on their dark web portal, likely filling a void left in the wake of DarkSide and REvil shutdown. “These people are beyond privacy and security. I really hope that
Consumer cybersecurity companies NortonLifeLock and Avast have announced an agreement for the Tempe-based cyber safety company to buy the digital security privacy company. NortonLifeLock’s closing share price was $27.20 as of July 13, 2021 — the last trading day before market speculation began — meaning the merger values between $8.1 bn and $8.6 bn. According
This month’s Patch Tuesday brings us a relatively small number of CVEs being patched, but an abnormally high percentage of noteworthy critical vulnerabilities. Vulnerability Analysis: CVE-2021-34535 One such vulnerability is identified as CVE-2021-34535, which is a remote code execution flaw in the Remote Desktop client software, observed in mstscax.dll, which is used by Microsoft’s built-in
by Paul Ducklin Evan Grant, a researcher at network security scanning company Tenable, recently decided to have a go at hacking a home router. The idea, it seems, was more to learn about the general techniques, tools and procedures available to router hackers than to conduct a security assessment of any particular product. Understandably, therefore,
As fraud involving highly believable synthetic media soars, what can you do to avoid getting scammed? Deepfake renditions of loved ones saying they’ve been kidnapped paint a grim picture of what future deepfakes – specially constructed videos from real data – purport to bring next to technology. After machine learning ingests the droves of images
Adobe on Tuesday shipped security updates to remediate multiple critical vulnerabilities in its Magento e-commerce platform that could be abused by an attacker to execute arbitrary code and take control of a vulnerable system. The issues affect 2.3.7, 2.4.2-p1, 2.4.2, and earlier versions of Magento Commerce, and 2.3.7, 2.4.2-p1, and all prior versions of Magento
The owner of a martial arts academy in Florida is in custody after allegedly installing hidden cameras in the restroom to spy on students. Police in Broward County arrested 64-year-old martial arts instructor Robert Danilo Franco on Friday. An investigation was launched after a 17-year-old female student spotted the devices and tipped off police. Investigators said the
Every organization has data moving to the multi-cloud; digital transformation is occurring rapidly, is here to stay, and is impacting every major industry. Organizations are working hard to adopt Zero Trust architectures as their critical information, trade secrets, and business applications are no longer stored in a single datacenter or location. As a result, there
How peering into the innards of a future satellite can make cybersecurity in space more palatable Here at DEF CON 29, the Aerospace Village is alive and well, and aside from the repeated wailing of the neighboring car hacking village setting the car alarm off every 30 seconds, the hardware sitting here, called a Flat
A critical vulnerability has been disclosed in hardware random number generators used in billions of Internet of Things (IoT) devices whereby it fails to properly generate random numbers, thus undermining their security and putting them at risk of attacks. “It turns out that these ‘randomly’ chosen numbers aren’t always as random as you’d like when
Autonomous farming equipment that can be controlled remotely now helps to feed humanity. But what if that farming equipment were hacked? On August 8, at the DEF CON 29 conference, an Australian researcher known only as ‘Sick Codes‘ detailed what he referred to as a “tractor load of vulnerabilities” that, if exploited by an attacker,
In the last week there has been change, but a lot remains the same, too. First, we are now McAfee Enterprise, a pure-play enterprise cybersecurity company under the new ownership of Symphony Technology Group (STG). It’s an exciting change and true focus for our company, allowing us to concentrate on enterprise and commercial business needs.
by Paul Ducklin [00’26”] Timezone curiosities – when modular arithmetic gets weird [04’38”] Microsoft researcher found Apple 0-day in March, didn’t report it [13’18”] Retro computing – the TRS-80 arrived in August 1977 [19’17”] BazarCaller – the crooks who talk you into infecting yourself [33’02”] Oh! No! A billionaire… but only for 5 minutes With
The first in our series on IIS threats looks at a malicious IIS extension that intercepts server transactions to steal credit card information ESET researchers have discovered and analyzed a previously undocumented trojan that steals payment information from e-commerce websites’ customers. The trojan, which we named IIStealer, is detected by ESET security solutions as Win64/BadIIS.
Koo, India’s homegrown Twitter clone, recently patched a serious security vulnerability that could have been exploited to execute arbitrary JavaScript code against hundreds of thousands of its users, spreading the attack across the platform. The vulnerability involves a stored cross-site scripting flaw (also known as persistent XSS) in Koo’s web application that allows malicious scripts
There may be little if any argument about the vast impact that social media platforms have on the lives of hundreds of millions of people around the world. Social media has also had a profound influence on elections. In a session at the DEF CON 29 conference on August 7, Sebastian Bay, a researcher at
This is the third in a series of blogs on the Cybersecurity EO, and I encourage you to read those you may have missed. (Part 1, Part 2). Between the initial publication of the Executive Order (EO) for Improving the Nation’s Cybersecurity on May 12 and late July, a flurry of activity by departments and
Is the net closing in on cyber-extortionists and can bounties on their collective heads ultimately help stem the ransomware scourge? Here at Black Hat, the CISA keynote promises to deliver increased cooperation within government agencies over cybercriminals, especially those focused on critical infrastructure and ransoms against systems that might cripple the country. But that’s not
Amazon earlier this April addressed a critical vulnerability in its Kindle e-book reader platform that could have been potentially exploited to take full control over a user’s device, resulting in the theft of sensitive information by just deploying a malicious e-book. “By sending Kindle users a single malicious e-book, a threat actor could have stolen
No attack type has been as impactful as ransomware in 2021. According to a panel of experts at the DEF CON 29 conference, the rising notoriety and impact of ransomware in 2021 has accelerated the need for both government and the private sector to act—though there was no clear consensus on the panel on exactly