Ukraine’s premier law enforcement and counterintelligence agency on Thursday disclosed the real identities of five individuals allegedly involved in cyberattacks attributed to a cyber-espionage group named Gamaredon, linking the members to Russia’s Federal Security Service (FSB). Calling the hacker group “an FSB special project, which specifically targeted Ukraine,” the Security Service of Ukraine (SSU) said
by Paul Ducklin [00’21”] Norbert (huzzah for Norbert!) does tech support. [02’38”] Europol digs into the ransomware scene. [09’21”] Microsoft finds a wacky bug in Apple’s shell. [18’09”] The Morris worm turns 33. [21’57”] Edge on Linux phans the phlames. [26’18”] Ola! Gibberish peculiarity textual solvage. With Paul Ducklin and Doug Aamoth. Intro and outro
A 22-year-old man from Britain has been indicted by the United States in connection with the 2019 theft of crypto-currency worth approximately $784,000. It is alleged that Joseph James O’Connor, also known as “PlugwalkJoe,” conspired with others to carry out SIM swap attacks against at least three individuals, all of whom were executives employed by the same
Your Cyber Security Comic Relief Apache server version 2.4.50 (CVE-2021-42013) Why am I here? Regardless of the origins, you’ve arrived at Advanced Threat Research team’s monthly bug digest – an overview of what we believe to be the most noteworthy vulnerabilities over the last month. We don’t rely on a single scoring system like CVSS
Security and privacy get a leg up in Proton’s legal challenge against data retention and disclosure obligations Privacy and security fans have long flocked to Swiss security enclaves, hoping for maximum protection against prying government eyes, much to the ire of those seeking to poke legal holes to get access to information on bad actors.
Cybersecurity researchers have disclosed a security flaw in the Linux Kernel’s Transparent Inter Process Communication (TIPC) module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines. The heap overflow vulnerability “can be exploited locally or remotely within a network to
by Paul Ducklin No more facial recognition on Facebook! Is it a publicity stunt? Is it an admission that it simply doesn’t work very well? Or is it a genuine attempt to disavow the sort of technology that gives both privacy advocates and cybersecurity experts the heebie-jeebies? As Facebook, or more precisely the new holding
A company that handles the membership data of Britain’s Labour Party has been affected by a “cyber-incident.” Labour said that the event at the third-party firm has rendered “a significant quantity” of party data “inaccessible on their systems.” The incident has been reported to the UK’s National Cyber Security Centre (NCSC), National Crime Agency (NCA),
It’s little surprise that a digital currency scam based on the popular Squid Games series on Netflix is making the news. If you haven’t caught wind of it yet, the story goes along the following lines: Note that this Squid Game cryptocurrency had no relationship to the show or to Netflix, aside from hijacking the Squid Game name without permission so that the
On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000 A 30-year-old Minnesota man has been charged with breaching the computer systems of top sports leagues in the United States and illegally streaming their content on his website for monetary gain, according to
An analysis of new samples of BlackMatter ransomware for Windows and Linux has revealed the extent to which the operators have continually added new features and encryption capabilities in successive iterations over a three-month period. No fewer than 10 Windows and two Linux versions of the ransomware have been observed in the wild to date,
by Paul Ducklin This is the third in our collection of Naked Security Podcast minisodes for Week 4 of Cybersecurity Awareness month. To access all four presentations on one page, please go to:https://nakedsecurity.sophos.com/tag/sos-2021 This time, we talk to Dr Jason Nurse, Associate Professor in Cybersecurity at the University of Kent, about the controversial topic of
New research published today by Javelin Strategy & Research puts the annual cost of child identity theft and fraud in the United States at nearly $1bn. The 2021 Child Identity Fraud study authored by Tracy Kitten, director of fraud & security at Javelin Strategy & Research, analyzed factors that put children at the highest risk of identity theft and
The holidays are almost here! That means it’s time to start making your list and checking it twice. To help prepare you for this year’s holiday shopping spree, McAfee is providing you with the ultimate holiday shopping list for every Tech lover in your family. Here are the devices to keep on your radar this holiday shopping season and what you
A now-patched critical remote code execution (RCE) vulnerability in GitLab’s web interface has been detected as actively exploited in the wild, cybersecurity researchers warn, rendering a large number of internet-facing GitLab instances susceptible to attacks. Tracked as CVE-2021-22205, the issue relates to an improper validation of user-provided images that results in arbitrary code execution. The
by Paul Ducklin Here’s the second in our series of Naked Security Podcast minisodes for Week 4 of Cybersecurity Awareness month. To access all four presentations on one page, please go to:https://nakedsecurity.sophos.com/tag/sos-2021 This article is an interview with Sophos expert Chester Wisniewski, Principal Research Scientist at Sophos, and it’s full of useful and actionable advice
Cyber-criminals may have accessed the protected health information (PHI) of hundreds of thousands of patients of a network of community health centers based in California. Nonprofit Community Medical Centers (CMC), which is headquartered in the city of Stockton, primarily serves low-income patients, migrants, and homeless people in the Northern California counties of San Joaquin, Solano,
McAfee Enterprise and FireEye recently released its 2022 Threat Predictions. In this blog, we take a deeper dive into the continuingly aggressive role Nation States will play in 2022. Prediction: Lazarus Wants to Add You as a Friend By Raj Samani We love our social media. From beefs between popstars and professional pundits, to an
Multiple vulnerabilities have been disclosed in Hitachi Vantara’s Pentaho Business Analytics software that could be abused by malicious actors to upload arbitrary data files and even execute arbitrary code on the underlying host system of the application. The security weaknesses were reported by researchers Alberto Favero from German cybersecurity firm Hawsec and Altion Malka from
by Paul Ducklin [00’29”] Don’t miss our cybersecurity podcast minisodes! [01’46”] Bliss is a hill in wine country. [03’37”] Lessons from a cryptotrading hamster. [08’46”] Ransomware gang hacked back. [20’27”] Docusign phishers go after 2FA codes. [30’23”] Oh! No! Sleep mode considered harmful. With Paul Ducklin and Doug Aamoth. Intro and outro music by Edith
Law enforcement agencies in the United States have searched the Florida premises of a Chinese payment-terminal provider. A warehouse and offices belonging to multinational Pax Technology were scoured by the Federal Bureau of Investigation, the Department of Homeland Security, and other agencies on Tuesday after concerns were reportedly raised over the company’s security. The FBI said that
Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed “Shrootless” and tracked as CVE-2021-30892, the “vulnerability lies in how Apple-signed packages with
by Paul Ducklin When we wrote about Apple’s latest security patches earlier this week, we noted that: There are 37 listed fixes covering everything from AppKit to zsh. 15 of these were of the “malicious application may be able to execute arbitrary code” sort, with 9 of those bugs dealing with code execution bugs in
A man from Minnesota has been charged with hacking four major American professional sports leagues and defrauding them of millions of dollars by illegally streaming copyrighted live games. St. Louis Park resident Joshua Streit, who is also known as Josh Brody, allegedly intruded into the computer systems of the National Basketball Association (NBA), the National Football League
What do social media companies really know about you? It’s a fair question. And the quick answer is this: the more you use social media, the more those companies likely know. The moment you examine the question more closely, the answer takes on greater depth. Consider how much we use social media for things other than connecting with friends.
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor ESET researchers have discovered a unique and previously undescribed loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory. We have named this new malware Wslink
12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups. The arrests were made earlier this week on October 26 in Ukraine and Switzerland, resulting
by Naked Security writer In an intriguingly worded news statement issued today, Europol has announced police action in both Switzerland and Ukraine against 12 cybercrime suspects. The document doesn’t actually use words such as a “arrested” or “charged with criminal offences”, saying merely that: A total of 12 individuals wreaking havoc across the world with
RED74, a managed security services provider based in New Jersey, has been acquired by cybersecurity consulting and managed services firm Cerberus Cyber Sentinel Corporation. The financial terms of the acquisition were not disclosed when the deal was announced on Thursday. RED74 is a privately held company whose clientele are primarily in the financial services and distribution/warehouse management sectors.
What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet? Halloween, the scariest day of the year, is upon us. That can mean only one thing: children donning costumes of either their heroes or the scariest thing