Cyber Security

The US Department of Defense (DoD) has launched a website to accompany its Hack the Pentagon (HtP) program. The Chief Digital and Artificial Intelligence Office (CDAO) Directorate for Digital Services (DDS), Craig Martell, unveiled the website last Thursday. It will be a resource for DoD organizations, vendors and security researchers to understand how to conduct a

by Paul Ducklin Cybersecurity researchers in Belgium and the US recently published a paper scheduled for presentation later this year at the USENIX 2023 conference. The three co-authors couldn’t resist a punning title, dubbing their attack Framing Frames, with a slightly easier-to-follow strapline that says Bypassing Wi-Fi encryption by manipulating transmit queues. As security researchers

A new vulnerability has been discovered in Microsoft’s Azure Service Fabric Explorer (SFX) that would enable unauthenticated, remote threat actors to execute code on a container hosted on a Service Fabric node. Dubbed Super FabriXss by the Orca Security team, the cross-site scripting (XSS) flaw (CVE-2023-23383) has a CVSS score of 8.2 and affects SFX version 9.1.1436.9590 or

by Paul Ducklin Gordon Moore, co-founder of Intel, has died at 94. Academically, Moore was both a chemist and physicist, earning a Bachelor’s degree in chemistry from the University of California at Berkeley in 1950, and a Doctorate in physical chemistry and physics from the California Institute of Technology in 1954. After a brief interlude

A new malware toolset has been discovered and analyzed by security experts at SentinelOne. Dubbed “AlienFox” by the team, the toolkit can harvest credentials for multiple cloud service providers. An advisory published on Thursday by SentinelOne threat researcher Alex Delamotte shows that attackers used AlienFox to successfully harvest API keys and secrets from various services, including

by Paul Ducklin HOW TO TURN YOURSELF IN No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of

The Italian Data Protection Authority (Garante per la protezione dei dati personali) has temporarily suspended the use of the artificial intelligence (AI) service ChatGPT in the country. The privacy watchdog opened a probe into OpenAI’s chatbot and blocked the use of the service due to allegations that it failed to comply with Italian data collection rules.

by Paul Ducklin In the early days of personal computers, everyone knew why backups were important. Computer storage simply wasn’t as reliable as it is today, and it wasn’t a question of if you’d lose vital files through no fault of your own, but when it would happen. (Possibly today; probably tomorrow; almost certainly by

Threat actors suspected to be operating for the North Korean government have been observed trojanizing versions of the voice and video calling desktop client 3CX DesktopApp to launch attacks against several victims. The Symantec threat intelligence team shared the findings in an advisory published earlier today, explaining the attackers’ tactics were similar to those used against

by Paul Ducklin NB. Detection names you can check for if you use Sophos products and servicesare available from the Sophos X-Ops team on our sister site Sophos News. Internet telephony company 3CX is warning its customers of malware that was apparently weaseled into the company’s own 3CX Desktop App by cybercriminals who seem to

Google’s Threat Analysis Group (TAG) has revealed tracking over 30 commercial spyware vendors that facilitate the spread of malware by government-backed threat actors. Writing in a blog post published earlier today, TAG’s Clement Lecigne said these vendors are arming countries that would otherwise not be able to develop these tools. “While the use of surveillance

by Naked Security writer The UK’s National Crime Agency (NCA) has recently announced work that it’s been doing as an ongoing part of a multinational project dubbed Operation PowerOFF. The idea seems to be to use fake cybercrime-as-a-service sites to attract the attention of impressionable youngsters who are hanging around on the fringes of cybercrime

A malware campaign targeting cryptocurrency wallets has been recently discovered by security researchers at Kaspersky. Discussing the findings in an advisory published today, the company said the attacks were first observed in September 2022 and relied on malware replacing part of the clipboard contents with cryptocurrency wallet addresses. “Despite the attack being fundamentally simple, it

by Paul Ducklin Apple’s latest update blast is out, including an extensive range of security patches for all devices that Apple officially supports. There are fixes for iOS, iPadOS, tvOS and watchOS, along with patches for all three supported flavours of macOS, and even a special update to the firmware in Apple’s super-cool external Studio

Microsoft announced a new information disclosure vulnerability on Friday, for a bug affecting its screenshot editing tools in both Windows 10 and Windows 11.  The vulnerability (CVE-2023-28303) is called aCropalypse and could enable malicious actors to recover sections of screenshots, potentially revealing sensitive information.  Read more on screenshot-supported malware here: New Threat Group Reviews Screenshots Before Striking

by Paul Ducklin Last week was aCropalypse week, where a bug in the Google Pixel image cropping app made headlines, and not just because it had a funky name. (We formed the opinion that the name was a little bit OTT, but we admit that if we’d thought of it ourselves, we’d probably have wanted