Month: June 2022

0 Comments
Security researchers have uncovered a likely state-sponsored information-stealing operation targeting SOHO workers over the past two years. Coinciding with the shift to mass remote working during the pandemic, the operation was focused on accessing corporate resources via less well-protected home routers, according to Lumen Technologies. It targeted at least scores of SOHO devices from manufacturers including
0 Comments
War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security posture European business leadership, especially CISOs, CTOs, and chief data officers (CDOs), are adjusting to the fact that the war in Ukraine is a war in Europe and has global implications. Sanctions, military aid, and even incoming refugees are
0 Comments
Security researchers have uncovered a new Chinese influence operation targeting Western rare earth producers, which could set the tone for future campaigns in other sectors. The Dragonbridge campaign has been operating since 2019, using a network of thousands of inauthentic accounts on multiple social media platforms, websites and forums to promote Chinese interests abroad. However, Mandiant
0 Comments
by Paul Ducklin Sadly, over the years, we’ve needed to write numerous Naked Security warnings about romance scammers and sextortionists. Although those are general-sounding terms, they’ve come to refer to two specific sorts of online crime: Romance scamming. This typically refers to a long-game confidence trick in which cybercriminals court your online friendship under a
0 Comments
UK critical national infrastructure (CNI) organizations could face an exodus of cybersecurity leaders over the next 12 months due to stress and burnout, according to new research from Bridewell Consulting. The survey of 521 UK cybersecurity decision-makers in communications, utilities, finance, government, transport and aviation found that 95% of respondents are experiencing factors that would make them likely
0 Comments
by Paul Ducklin Another day, another De-Fi (decentralised finance) attack. This time, online smart contract company Harmony, which pitches itself as an “open and fast blockchain”, has been robbed of more than $80,000,000’s worth of Ether cryptocoins. Surprisingly (or unsurprisingly, depending on your point of view), if visit Harmony’s website, you’ll probably end up totally
0 Comments
Police from Europe and South America have teamed up to take action against an organized crime group involved in human trafficking for sexual exploitation. Between 20-23 June, they swooped on 14 locations, arrested 10 and interviewed eight victims. Among items seized in the searches were vehicles, electronic equipment, hard drives, over 40 mobile phones, SIM
0 Comments
A malware-as-a-service (Maas) dubbed Matanbuchus has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines. Matanbuchus, like other malware loaders such as BazarLoader, Bumblebee, and Colibri, is engineered to download and execute second-stage executables from command-and-control (C&C) servers on infected systems without detection. Available on Russian-speaking cybercrime forums
0 Comments
The second day of InfoSecurity Europe 2022 saw Geoff White, investigative journalist and author of Penguin Books’ The Lazarus Heist, discuss how government-sponsored cyber-attackers increasingly interact with organized crime gangs, operating seamlessly on a global scale. White also touched upon the emerging world of cryptocurrency theft. In illuminating the increasing connection between cybersecurity and geopolitical
0 Comments
The internet makes it easy to get a lot done, but not all of it needs to be public. That’s where incognito mode comes in, letting you hide your search history from others who are using your internet-connected device. For example, imagine searching online for “ideas for a surprise birthday party.” You wouldn’t want the
0 Comments
In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management Framework — a U.S. government guideline for taking care of data. The NIST Cybersecurity &
0 Comments
If you’re one of the countless Apple iPhone owners out there, there’s a good chance that one of the reasons you love your smartphone is because you’ve heard that Apple devices tend to have fewer vulnerabilities to viruses.   Because of their shared operating system, iOS devices enjoy Apple’s security measures, which keeps them protected from
0 Comments
The closing keynote discussion of the InfoSecurity Europe 2022 conference was titled ‘Next Generation, Next Challenges, New Opportunities’ and was moderated by Eleanor Dallaway, editorial director of Infosecurity Magazine. Dallaway was joined onstage by specialists Marc Avery, CISO & director, Cyber Chain Alliance, Jonathan Kidd, global CISO, Computershare and Chris Green, head of PR and
0 Comments
by Paul Ducklin If you’re an OpenSSL user, you’re probably aware of the most recent high-profile bugfix release, which came out back in March 2022. That fix brought us OpenSSS 3.0.2 and 1.1.1n, updates for the two current fully-supported flavours of the product. (There’s a legacy version, 1.0.2, but updates to that version are only
0 Comments
Global businesses could be exposing themselves to billions in annual losses because they aren’t properly securing their APIs, according to new research from Imperva. The security firm teamed up with the Marsh McLennan Cyber Risk Analytics Center to analyze nearly 117,000 unique cybersecurity incidents for their report, Quantifying the Cost of API Insecurity. It revealed that vulnerable and
0 Comments
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. [00’22”] Duck gets behind the Ducks. [01’34”] 2000 phone scammers arrested in Interpol action. [11’12”] A three-year-old hacking case ends in conviction. [17’13”] Canadian financial company picks up enormous data breach fine. With
0 Comments
Summary Since at least 2015, threat actors have used HUI Loader to load remote access trojans (RATs) on compromised hosts. Secureworks® Counter Threat Unit™ (CTU) researchers link two HUI Loader activity clusters exclusively to China-based threat groups. The BRONZE RIVERSIDE threat group is likely responsible for one cluster, which focuses on stealing intellectual property from
0 Comments
A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze Starlight by Secureworks, involves the deployment of post-intrusion ransomware such as LockFile, Atom Silo, Rook, Night Sky,
0 Comments
In today’s connected world, you can do so much on the internet. It’s never been easier to stay entertained (Netflix, anyone?), informed, and productive. But it’s important to keep your online activities private and safe, whether you’re checking social media, using a streaming service, or banking online.   With the right solutions, you can have a