Putting a precision payload on top of more generic malware makes perfect sense for malware operators Virus Bulletin this year brought a fresh batch of amped-up, refreshed malware with lots more horsepower and devilish amounts of custom-tailored targeting. From singled-out political activist individual targets to regionalized targets, malware’s aim is getting better. Putting a precision
A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva. The findings come following the discovery of rogue domains distributing an ad injection script in late August
by Paul Ducklin If you’re a Naked Security Podcast listener (and if you aren’t, please give it a try and subscribe if you like it!), you may remember a humorous remark about ‘sideband’ attacks and sneaky data exfiltration tricks that Sophos expert Chester Wisniewski made in a recent episode. We were talking about how to
Apple’s plans to implement new phone-scanning features have been heavily criticized by more than a dozen cybersecurity experts. The tech company announced in August its intention to start scanning iPhone users’ iCloud Photos libraries. Apple presented the move under the pretext that it would locate users’ caches of illicit content, including child sexual abuse material (CSAM). In
Take a roll call of all your devices that connect to the internet. These include the obvious ones – laptops, tablets, and your smartphone. But they also include the ones you may not immediately think about, such as routers, smart TVs and thermostats, virtual assistant technology, and connected fitness watches and equipment. Each of these devices is known as an endpoint to you. To a cybercriminal, they’re an
There are various ways a departing employee could put your organization at risk of a data breach. How do you offboard employees the right way and ensure your data remains safe? The COVID-19 pandemic has created the perfect conditions for insider risk. Financial crises have in the past led to a spike in fraud and
The operators behind the pernicious TrickBot malware have resurfaced with new tricks that aim to increase its foothold by expanding its distribution channels, ultimately leading to the deployment of ransomware such as Conti. The threat actor, tracked under the monikers ITG23 and Wizard Spider, has been found to partner with other cybercrime gangs known Hive0105,
by Paul Ducklin [04’04”] Apple (you guessed it!) fixes yet another iPhone 0-day. [08’38”] Apache patches an embarrassing bug and then has to patch the patch. [20’01”] It’s Fight The Phish week. [28’42”] Oh! No! The computer that punched a user in the face. With Paul Ducklin and Doug Aamoth. Intro and outro music by
The Metropolitan Police has lost or had stolen 2280 electronic devices over the past two years, official figures have revealed. The data obtained under a Freedom of Information (FoI) by law firm Griffin law has raised fears that substantial personal and government data, including that of crime victims, has been accessed by nefarious actors. In
Many people have heard of the GDPR (General Data Protection Regulation), legislation that became law across the EU in May 2018. It was designed to regulate how businesses protect personal data, notably how personal data is processed, and granted rights to individuals to exercise more control over their personal data. GDPR is a framework which
If it looks like a duck, swims like a duck, and quacks like a duck, then it’s probably a duck. Now, how do you apply the duck test to defense against phishing? The fall is an awesome time of year to get away and spend some time in the great outdoors. The criminally-inclined, meanwhile, seem
Google’s Threat Analysis Group (TAG) on Thursday said it’s tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33% increase from 2020, the internet giant said, with the
by Paul Ducklin Sadly, we’ve needed to write and warn about romance scams and romance scammers many times in recent years. Indeed, in February 2021 we published an article entitled Romance scams at all-time high: here’s what you need to know, following a report from the US Federal Trade Commission (FTC), America’s official consumer protection
Dutch police have written to customers of an on-demand booter service to dissuade them from committing cybercrimes. Booter services, also known as booters, are on-demand DDoS (Distributed-Denial-of-Service) attack services that can be used to bring down websites and networks by overloading or “stressing” IP addresses with data traffic. During an ongoing investigation into www.minesearch.rip, Dutch
Kids engage online far differently than adults. Between group chats, social apps, and keeping up with digital trends, their interests, and attention spans constantly shift, which means online privacy concerns get sidelined. That’s why, throughout October—Cybersecurity Awareness Month—we will be doubling up on resources and insights your family needs to be safer and more secure online. Ready to roll? Here are a few ways to move online privacy center stage.
The attack, which clocked in at 2.4 Tbps, targeted one of Azure customers based in Europe Microsoft has revealed that it thwarted a Distributed Denial-of-Service (DDoS) attack that clocked in at a whopping 2.4 terabytes per second (Tbps). The onslaught, which targeted an Azure customer in Europe, surpasses the previous record holder – a 2.3
A now-patched critical vulnerability in OpenSea, the world’s largest non-fungible token (NFT) marketplace, could’ve been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following
by Paul Ducklin It’s the second week of Cybersecurity Awareness Month 2021, and this week’s theme is an alliterative reminder: Fight the Phish! Unfortunately, anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it’s what computer scientists or mathematical analysts call
Antivirus and anti-malware brand STOPzilla has been acquired by California holding company RealDefense. The deal was announced earlier today and marks RealDefense’s fourth acquisition in the security sector. Other brands in the RealDefense portfolio include IOLO, MyCleanID, MyCleanPC, USTechSupport, CyberDefender, VirusFix, and WarrantyStar. To complete the acquisition of STOPzilla, RealDefense partnered with Corbel Capital Partners, a $500m structured
We’re closing McAfee Enterprise’s Hispanic Heritage Month with Solutions Architect, Gus Arias. Read the full interview below to see how his heritage impacted his life and career in technology. What do you enjoy most about your heritage and what is one of your favorite memories growing up? I love the food and music. To this
The victims lost an average of nine days to downtime and two-and-a-half months to investigations, an analysis of disclosed attacks shows An analysis of 186 successful ransomware attacks against businesses in the United States in 2020 has shown that the companies lost almost US$21 billion due to attack-induced downtime, according to technology website Comparitech. Compared to
The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a trusted source. The list of the three flaws is as follows — Successful exploitation of
by Paul Ducklin It’s been a wild few weeks for Apple, or perhaps an “in-the-wild” few weeks, with several zero-day bugs necessitating emergency updates. We were going to say “unexpected updates”, but all (or almost all) Apple security patches are, of course, unexpected by design. Apple deliberately announces security fixes only after they’ve been published,
Data belonging to patients of a hospital in New Mexico has been deleted by an unknown cyber-attacker. The IT network of San Juan Regional Medical Center in Farmington was breached by an unauthorized individual in September last year. The attack was reported to the United States Department of Health and Human Services’ Office for Civil Rights on June 4
Although Hispanic Heritage Month is coming to an end on October 15th, it doesn’t mean we have to stop celebrating our employee’s and learning about their heritage and what led them to their career in cybersecurity. Take a look at the conversation below with McAfee Enterprise, Joyce Moros-Nahim, LTAM Legal Director What do you enjoy
Although organizations commonly go to great lengths to address security vulnerabilities that may exist within their IT infrastructure, an organization’s helpdesk might pose a bigger threat due to social engineering attacks. Social engineering is “the art of manipulating people so they give up confidential information,” according to Webroot. There are many different types of social
An authentication error left the personal data of hundreds of thousands of BrewDog customers and Equity for Punks shareholders exposed for a year and a half. The gaffe involving an API bearer token was discovered by researchers at security consulting and testing company Pen Test Partners. “Every mobile app user was given the same hard-coded API Bearer Token,
McAfee Enterprise is prepared to protect our customers from day 1 of their journey with the new Windows 11 release. This summer Microsoft announced planned changes to its Windows platform with the release of Windows 11. McAfee Enterprise is proud to announce that we have delivered day 1 support for the benefit of our current
The Apache Software Foundation on Thursday released additional security updates for its HTTP Server product to remediate what it says is an “incomplete fix” for an actively exploited path traversal and remote code execution flaw that it patched earlier this week. CVE-2021-42013, as the new vulnerability is identified as, builds upon CVE-2021-41773, a flaw that
A student at East Carolina University has been charged with cyber-stalking after allegedly posing as a member of a rival fraternity to upload a racist post to social media. A police investigation was launched after an offensive message, purporting to be from the university’s Theta Chi chapter, was uploaded anonymously to Yik Yak in August.