China’s internet regulator, the Ministry of Industry and Information Technology (MIIT), has suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months for failing to promptly report a critical security vulnerability affecting the broadly used Log4j logging library. The development was reported by Reuters and South China
Month: December 2021
by Paul Ducklin This story isn’t quite as dramatic as if the Feds had managed to reverse tens of thousands of separate Bitcoin (BTC) transactions used in a global online scam to defraud tens of thousands of separate and vulnerable victims… …but it’s spectacular nevertheless, given that the stolen-but-recovered amount came to BTC 3,879.16, which
A United States court has sentenced a Russian national who admitted being involved in a conspiracy to launder money stolen from American victims of computer fraud. Maksim Boiko, also known as Maxim Boyko, and online as “gangass,” was one of 20 individuals indicted by the US in connection with the transnational criminal organization QQAAZZ. With members
How does that information get collected in the first place? We share personal information with companies for multiple reasons simply by going about our day—to pay for takeout at our favorite restaurant, to check into a hotel, or to collect rewards at the local coffee shop. Of course, we use our credit and debit cards too, sometimes as part
Transportation industry and government agencies related to the sector are the victims of an ongoing campaign since July 2020 by a sophisticated and well-equipped cyberespionage group in what appears to be yet another uptick in malicious activities that are “just the tip of the iceberg.” “The group tried to access some internal documents (such as
by Paul Ducklin Pick a random person, and ask them these two questions: Q1. Have you heard of Apache? Q2. If so, can you name an Apache product? We’re willing to wager that you will get one of two replies: A1. No. A2. (Not applicable.) A1. Yes. A2. Log4j. Two weeks ago, however, we’d suggest
Detectives investigating a hacking incident at a Florida college have charged a former nurse with possessing child sexual abuse material (CSAM). An investigation was launched in June 2021 when two IT accounts belonging to a program coordinator and an instructor at Polk State College were hacked. The employees were locked out of their labs and scheduling accounts,
The internet provides plenty of fun and exciting opportunities for you and your family, from sharing on social media to online shopping. To help you enjoy every minute of it, though, it’s good to be aware of what less savory characters are up to. And they sure have been busy. In fact, the U.S. Federal
As you down tools for the holiday season, be sure to also switch off the standby lights – it’s both cost effective and better for the environment Depending on who you talk to, climate change can sometimes be a contentious topic, but even the sceptics should accept that there is little point in wasting energy.
Researchers have disclosed security vulnerabilities in handover, a fundamental mechanism that undergirds modern cellular networks, which could be exploited by adversaries to launch denial-of-service (DoS) and man-in-the-middle (MitM) attacks using low-cost equipment. The “vulnerabilities in the handover procedure are not limited to one handover case only but they impact all different handover cases and scenarios
by Paul Ducklin ‘Twas the night before Christmas When all through the house Not a creature was stirring, not even a mouse… As Christmas 2021 approaches, spare a thought for your sysamins, for your IT team, and for your cybersecurity staff. There may be plenty of mice stirring all through the IT house right up
Data belonging to an Illinois-based accountancy firm has been exposed in a cyber-attack. Bansley and Kiener, which is also known as B&K, is a 99-year-old full-service accounting firm headquartered in Chicago. Earlier this month, B&K issued a security notice stating that it had been successfully targeted by cyber-criminals using ransomware a year ago. “On December 10, 2020, B&K
The issues with Log4j continued to stack up as the Apache Software Foundation (ASF) on Friday rolled out yet another patch — version 2.17.0 — for the widely used logging library that could be exploited by malicious actors to stage a denial-of-service (DoS) attack. Tracked as CVE-2021-45105 (CVSS score: 7.5), the new vulnerability affects all
Seven students at the University of Mississippi have been charged with cyber-stalking a fellow student who blew the whistle on their fraternity’s hazing activities. College hazing is an initiation ceremony in which freshmen undertake humiliating and sometimes dangerous feats to gain admittance into a fraternity or sorority. Ole Miss Pi Kappa Alpha fraternity members Baylor Reynolds, aged
Last week, I waved my 18-year-old off as he embarked on the Aussie school leaver’s rite of passage – Schoolies!! A week spent kicking up your heels and living life to the max without any parental supervision at all! Oh, the sleepless nights many of us parents have had! And once Christmas and New Year
Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. “This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the vulnerability,” Matthew
Cybersecurity official Anne Neuberger has implored American businesses to actively prepare for a seasonal surge in cybercrime. In a statement issued through the White House on Thursday, the deputy assistant to the president and deputy national security advisor for cyber and emerging technology explained why threat actors like to time their attacks with the holidays. “Historically we have seen
Meta Platforms on Thursday revealed it took steps to deplatform seven cyber mercenaries that it said carried out “indiscriminate” targeting of journalists, dissidents, critics of authoritarian regimes, families of opposition, and human rights activists located in over 100 countries, amid mounting scrutiny of surveillance technologies. To that end, the company said it alerted 50,000 users
by Paul Ducklin Amidst the ongoing brouhaha created by the apparently omnipresent Log4Shell insecurity featuresecurity vulnerability, it’s easy to lose track of all the other things that you should, and normally would, be working on anyway. Indeed, the UK’s National Cyber Security Centre (NCSC) is warning that: Remediating [the Log4Shell] issue is likely to take
A trio of healthcare providers in New Jersey has agreed to pay $425,000 and adopt new security measures to settle a legal claim involving a double data breach. The state of New Jersey alleged that Regional Cancer Care Associates LLC, RCCA MSO LLC, and RCCA MD LLC (collectively “RCCA”) failed to adequately safeguard the personal data and
Cybercriminals make people uneasy about the safety of their identity and online accounts. McAfee is your partner who’ll work tirelessly to restore your confidence in your online activities. Check out this roundup of privacy protection, identity protection, and device security best practices to boost your confidence in the safety of your personal information and technology. Privacy Protection Privacy protection means keeping the information you’d rather keep to yourself from getting
The grand finale of our series dedicated to demystifying Latin American banking trojans ESET started this blogpost series dedicated to demystifying Latin American banking trojans in August 2019. Since then, we have covered the most active ones, namely Amavaldo, Casbaneiro, Mispadu, Guildma, Grandoreiro, Mekotio, Vadokrist, Ousaban and Numando. Latin American banking trojans share a lot
Cybersecurity researchers have demonstrated a new attack technique that makes it possible to leverage a device’s Bluetooth component to directly extract network passwords and manipulate traffic on a Wi-Fi chip. The novel attacks work against the so-called “combo chips,” which are specialized chips that are equipped to handle different types of radio wave-based wireless communications,
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.
Virginia is fighting cyber-fires on two fronts after ransomware attacks affected both its state legislature and an agency within its executive branch. In an attack that struck on the evening of December 12, key IT systems under the Division of Legislative Automated Systems (DLAS) were rendered inaccessible. The attack was focused on certain internal servers, impacting the
Before you take the fun-looking quiz that popped up in your social media feed, think twice. The person holding the answers may be a hacker. Where people go, hackers are sure to follow. So it’s no surprise hackers have set up shop on social media. This has been the case for years, yet now social media-based crime is on the rise. In 2019, total reported losses to this
Hundreds of thousands of attempts to exploit the vulnerability are under way In many cases, updating IT systems and patching security vulnerabilities is a quiet matter that business leaders may be little concerned with other than knowing that they have approved a budget for the IT team to get it done. That quiet approach is
Meta Platforms, the company formerly known as Facebook, has announced that it’s expanding its bug bounty program to start rewarding valid reports of scraping vulnerabilities across its platforms as well as include reports of scraping data sets that are available online. “We know that automated activity designed to scrape people’s public and private data targets
Hundreds of financial applications are being targeted by a threat campaign featuring a new strain of the Anubis Android banking trojan malware. The malicious campaign was detected by researchers at cybersecurity company and integrated endpoint-to-cloud provider Lookout. Researchers observed the banking malware masquerading as an account management application created by France’s largest telecommunications company, Orange S.A., to target customers of
By Sriram P & Lakshya Mathur Hancitor, a loader that provides Malware as a Service, has been observed distributing malware such as FickerStealer, Pony, CobaltStrike, Cuba Ransomware, and many more. Recently at McAfee Labs, we observed Hancitor Doc VBA (Visual Basic for Applications) samples dropping the payload using the Windows clipboard through Selection.Copy method. This blog focuses on