Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. “Based on our findings, we believe
by Naked Security writer Well-known email tracking organisation Spamhaus, which maintains lists of known senders of spams and scams, is warning of a fraudulent “FBI/Homeland Security” alert that has apparently been widely circulated to network administrators and other IT staff in North America. Indeed, some of our own colleagues have reported receiving messages like this:
A Russian cyber-criminal has been sent to prison in the United States for defrauding American companies out of millions of dollars. Aleksandr Zhukov ran a sophisticated digital advertising scam through purported advertising network Media Methane. In June, he was convicted of wire fraud conspiracy, wire fraud, money laundering conspiracy, and money laundering. Zhukov, the self-styled “king of
November 11 marks Veterans Day in the United States and Remembrance Day across Europe and beyond. Wherever you may be on this 11th day of the 11th month, on the 11th hour, please be thankful to all our Veterans for their service and sacrifice. We would like to take a moment to reflect and honor
Researchers from Qihoo 360’s Netlab security team have released details of a new evolving botnet called “Abcbot” that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service (DDoS) attacks against targets. While the earliest version of the botnet dates back to July 2021, new variants observed
by Paul Ducklin If you use the venerable Samba open source tool anywhere on your network, you’ll want to read up on the latest update, version 4.15.2. Samba is the closest pronounceable word to SMB that Andrew Tridgell, who created the project back in the 1990s, could come up with. SMB, short for Server Message
A program set up to teach cybersecurity skills to autistic and neurodiverse young people in the United Kingdom has received a sizable injection of cash. The UK chancellor of the exchequer, Rishi Sunak, has awarded £100,000 (approximately $135K) to the Cybersecurity Neurodiversity Skills Development Program, described by Native Newspost as “ground-breaking.” The program, which is based in
It would be impossible nowadays to separate our everyday lives from technology. We travel well-worn, comfortable paths online and engage in digital activities that work for us. But could those seemingly harmless habits be putting out the welcome to cyber criminals out to steal our data? It’s a given that our “digital-first mindset” comes with inherent risks. With
It’s often said that data breaches are no longer a matter of ‘if’, but ‘when’ – here’s what your organization should do, and avoid doing, in the case of a breach Globally, data breaches are estimated to cost in excess of $4.2m per incident today. And they’re happening on an unprecedented scale as organizations build
Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy an array of threats, including banking malware, remote administration trojans (RATs), and ransomware payloads. Microsoft 365 Defender Threat Intelligence Team, in a new report published Thursday, disclosed that it identified infiltrations distributing
by Paul Ducklin [00’21”] We enjoy the Sophos 2022 Threat Report. [02’10”] The world’s {oldest, coolest} continously maintained browser. [03’39”] Facebook folds up its Face Recognition feature. [08’24”] Crooks combine a new social engineering scam with a new way of packaging malware. [23’11”] Kaseya ransomware suspect busted in Poland. [28’00”] Oh! No! How to block
The skills-to-job consortium CyberVetsUSA is launching a new pilot program in Nebraska that aims to fast-track military veterans into new cybersecurity careers. CyberVetsUSA exists as a public-private partnership between non-profit and Veteran Service Organizations (VSOs), tech employers, institutions of higher education, and local government agencies. It was launched in 2017 with the mission to increase the available
Spyware is tricky. Some types notify users that they’re monitoring activity. Others function in stealth mode and use the information they collect for nefarious purposes. Spyware is a type of software that collects data about online users and reports it to a company or an individual. What just about everyone can agree on is that anonymous browsing is looking more and more appealing
The tech giant wins an appeal against a claim that it unlawfully collected personal data of millions of iPhone users Google has just scored a major court win after the United Kingdom’s Supreme Court has thrown out a mass action lawsuit where the company could have ended up paying billions in compensation to millions of
A new cyber mercenary hacker-for-hire group dubbed “Void Balaur” has been linked to a string of cyberespionage and data theft activities targeting thousands of entities as well as human rights activists, politicians, and government officials around the world at least since 2015 for financial gain while lurking in the shadows. Named after a many-headed dragon
by Paul Ducklin The November 2021 Patch Tuesday updates from Microsoft and Adobe are out. Microsoft documented 34 different bugs that were worrisome enough to get CVE numbers, while Adobe listed three (the Adobe products with bugs of CVE-level seriousness are RoboHelp Server, InCopy and Creative Cloud, in case you were wondering). You can read
Visitors to the website of Britain’s biggest angling outfitter were redirected to an adult website based in Canada in a recent cyber-attack. Angling Direct PLC discovered that something fishy was going on with their website late on Friday when unauthorized activity was detected. On Monday, it was determined that attackers had hacked into the Angling
Authored By Kiran Raj Due to their widespread use, Office Documents are commonly used by Malicious actors as a way to distribute their malware. McAfee Labs have observed a new threat “Squirrelwaffle” which is one such emerging malware that was observed using office documents in mid-September that infects systems with CobaltStrike. In this Blog, we
An attacker gained access to some of Robinhood’s customer support systems and stole the personal data of around a third of the app’s userbase Robinhood, the highly popular trading platform, has revealed that it suffered a cybersecurity breach on November 3rd that affected some 7 million of its users. “An unauthorized third party obtained access
An ongoing mobile spyware campaign has been uncovered snooping on South Korean residents using a family of 23 malicious Android apps to siphon sensitive information and gain remote control of the devices. “With more than a thousand South Korean victims, the malicious group behind this invasive campaign has had access to all the data, communications,
by Naked Security writer The name “Kaseya” has become one of the biggest words in ransomware infamy. Cybercriminals penetrated the IT management business Kaseya earlier this year and used the company’s own remote management tools to wreak simultaneous ransomware havoc across its customer base. Unfortunately for the many victims of the attack, Kaseya’s software required
Small and mid-sized businesses (SMBs) were today granted free access to a virtual security awareness training program. The program was put together by six-year-old security awareness training company Curricula, which is based in Atlanta, Georgia. In a statement released Tuesday, Curricula said: “Our team at Curricula is proud to announce a free security awareness training program designed to
The Robinhood trading platform recently disclosed a data breach that exposed the information of millions of its customers. News of the attack was released on Monday, November 8th along with word the hackers behind it had demanded an extortion payment from the company. According to Robinhood’s disclosure, the attack occurred on November 3rd, which allowed an unauthorized party to obtain the following: Email addresses for some 5 million people. Full names
Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free. For such a clumsy sounding word, “passwordless” actually promises to make life a lot easier – for both users and security teams. It offers the tantalizing prospect of cutting admin costs,
No business is out of danger of cyberattacks today. However, specific industries are particularly at risk and a favorite of attackers. For years, the healthcare industry has taken the brunt of ransomware attacks, data breaches, and other cyberattacks. Why is the healthcare industry particularly at risk for a cyberattack? What are the unique challenges to
by Paul Ducklin It’s that time of year again, just after Cybersecurity Awareness Month and just before Black Friday… …time for the latest Sophos Threat Report. We know what lots of you are thinking. Here come pages and pages of thinly disguised product pitches, setting aside science for sensationalism and advice for advertising. Well, it’s
Apple fans will have the opportunity to purchase a rare piece of cyber history when an Apple-1 computer is auctioned off tomorrow. The machine was hand-built by Steve Wozniak, Steve Jobs, and others in garage in Los Altos, California, in 1976 and 1977. It has been listed by California-based auction house John Moran Auctioneers in their Postwar and Contemporary
You’re not the only one looking forward to the big holiday sales like Black Friday and Cyber Monday. Hackers are too. As people flock to retailers big and small in search of the best deals online, hackers have their shopping scams ready. One aspect of cybercrime that deserves a fair share of attention is the
At least nine entities across the technology, defense, healthcare, energy, and education industries were compromised by leveraging a recently patched critical vulnerability in Zoho’s ManageEngine ADSelfService Plus self-service password management and single sign-on (SSO) solution. The spying campaign, which was observed starting September 22, 2021, involved the threat actor taking advantage of the flaw to
A ransomware attack on a laboratory based in Florida has exposed the personal health information (PHI) of more than 30,000 patients. Nationwide Laboratory Services, which is based in Boca Raton, identified suspicious activity on its network on May 19, 2021. An examination of the activity revealed that attackers had used ransomware to encrypt files across