Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies. With news of data breaches and hacking crusades filling
Month: August 2022
A new hacking campaign is exploiting the notorious deep field image taken from the James Webb telescope alongside obfuscated Go programming language payloads to infect systems. The malware was spotted by the Securonix Threat research team, who is tracking the campaign as GO#WEBBFUSCATOR. “Initial infection begins with a phishing email containing a Microsoft Office attachment,”
by Paul Ducklin Google’s latest Chrome browser, version 105, is out, though the full version number is annoyingly different depending on whether you are on Windows, Mac or Linux. On Unix-like systems (Mac and Linux), you want 105.0.5195.52, but on Windows, you’re looking for 105.0.5195.54. According to Google, this new version includes 24 security fixes,
Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users’ browsing activity and profit of retail affiliate programs. “The extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website,” McAfee researchers Oliver Devane
Using a VPN on your smartphone can boost your privacy in a big way, particularly with all the data tracking that’s happening out there today. For some time now, we’ve recommended a VPN when using public Wi-Fi in airports, libraries, hotels, and coffee shops. Given that these are public networks, a determined hacker can snoop
Three connected campaigns delivered a variety of threats, including the ModernLoader bot, RedLine information-stealer and cryptocurrency-mining malware to victims between March and June 2022. The association between the three apparently unrelated campaigns was made by security researchers at Cisco Talos, who said the aforementioned threat actors compromised vulnerable web applications to deliver threats via fake Amazon
by Paul Ducklin Here’s an interesting paper from the recent 2022 USENIX conference: Mining Node.js Vulnerabilities via Object Dependence Graph and Query. We’re going to cheat a little bit here by not digging into and explaining the core research presented by the authors of the paper (some mathematics, and knowledge of operational semantics notation is
Are you aware of the perils of the world’s no. 1 social media? Do you know how to avoid scams and stay safe on TikTok? TikTok continues to shock us all by breaking records and widening its audience, yet unfortunately with such a broad reach, scammers inevitably remain not too far behind. In only six
As many as three disparate but related campaigns between March and Jun 2022 have been found to deliver a variety of malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. “The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread across a targeted network, eventually dropping other pieces of malware,
Authored by Oliver Devane and Vallabh Chole A few months ago, we blogged about malicious extensions redirecting users to phishing sites and inserting affiliate IDs into cookies of eCommerce sites. Since that time, we have investigated several other malicious extensions and discovered 5 extensions with a total install base of over 1,400,000 The extensions offer
Nearly half of breaches during the first six months of 2022 involved stolen credentials, Switzerland-based cybersecurity company Acronis reported in its Mid-Year Cyberthreat Report, published on August 24, 2022. It will come as no surprise to learn that the cybercriminals’ prime goal in using these credentials is to launch ransomware attacks, which “continue to be
by Paul Ducklin As you no doubt already know, because the story has been all over the news and social media recently, the widely-known and widely-used password manager LastPass last week reported a security breach. The breach itself actually happened two weeks before that, the company said, and involved attackers getting into the system where
A Turkish-speaking entity called Nitrokod has been attributed to an active cryptocurrency mining campaign that involves impersonating a desktop application for Google Translate to infect over 111,000 victims in 11 countries since 2019. “The malicious tools can be used by anyone,” Maya Horowitz, vice president of research at Check Point, said in a statement shared
Our phones store a lot of personal data, including contacts, social media account details, and bank account logins. We use our smartphones for everything under the sun, from work-related communication to online shopping. However, like computer viruses, our phones can be vulnerable to malware. Viruses are a type of malware that replicate themselves and spread
Security researchers have revealed a new phishing campaign targeting Okta identity credentials and connected two-factor authentication (2FA) codes. The analysis comes from the Group-IB, who said it was particularly interesting because despite using low-skill methods, the campaign was able to compromise a large number of well-known companies. In fact, attackers sent employees of the targeted companies text
Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that could lead to the execution of malicious code on vulnerable installations. Tracked as CVE-2022-36804 (CVSS score: 9.9), the issue has been characterized as a command injection vulnerability in multiple endpoints that could be exploited via specially crafted HTTP
Data brokers are companies that collect your information from a variety of sources to sell or license it out to other businesses. Before they can pass your data along, brokers analyze it to put you into specific consumer profiles. Consumer profiles help businesses suggest products you might like and create targeted marketing campaigns based on
The threat actor known as TeamTNT has been targeting cloud instances and containerized environments on systems around the world for at least two years. The findings come from CloudSEK security researchers, who posted an advisory on Thursday detailing a timeline of TeamTNT attacks from February 2020 until July 2021. According to the report, the group’s Github
Doxing can happen to anyone – here’s how you can reduce the odds that your personal information will be weaponized against you How harmful can it be to have your social media accounts set to public? Or to tag the restaurant where you’re having that delicious meal? Almost everyone does it! Let’s turn the questions
Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability’s long tail for remediation. Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater (aka Cobalt Ulster, Mercury, Seedworm, or Static Kitten), which is linked to the Iranian intelligence
In this career-journey series, Internal Audit Manager Chris shares his recent journey joining the McAfee finance team and why he is always learning something new in his role. A typical day I’m an Internal Audit Manager. Essentially, I work with my McAfee colleagues to understand the processes we follow and run tests to confirm everything
Iran-based threat actor MuddyWater (tracked by Microsoft as MERCURY) has been leveraging the exploitation of Log4j 2 vulnerabilities in SysAid applications to target organizations in Israel. The news comes from a new advisory from Microsoft’s security researchers, who said on Thursday they could assess with high confidence that MERCURY’s observed activity was affiliated with Iran’s Ministry
by Paul Ducklin Recent updates to Apple Safari and Google Chrome made big headlines because they fixed mysterious zero-day exploits that were already being used in the wild. But this week also saw the latest four-weekly Firefox update, which dropped as usual on Tuesday, four weeks after the last scheduled full-version-number-increment release. We haven’t written
As another hospital falls victim to ransomware, Tony weighs in on the much-debated issue of banning ransomware payouts A major hospital near Paris has been hit by a ransomware attack that crippled its computer and medical systems and forced it to send patients to other healthcare facilities. The criminals demand $10 million from the hospital
Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed. “An unauthorized party gained access to portions of the LastPass development environment
“Congratulations, you’re a winner!” “Did you know this public figure is trying to make your life worse? Click here for what they don’t want you to know.” “Save thousands today with just one click!” Spam and bot accounts on social media are everywhere. You’ve likely encountered messages like these that attempt to get you to
Cybersecurity researchers from Microsoft Threat Intelligence Center (MSTIC) have discovered a new, post-compromise capability allowing a threat actor to maintain persistent access to compromised environments. Dubbed ‘MagicWeb’ by the tech giant, the capability has been attributed to Nobelium, a group commonly associated with the SolarWinds and USAID attacks. “Nobelium remains highly active, executing multiple campaigns in parallel
by Paul Ducklin LISTEN NOW With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.
The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative compromise of 9,931 accounts. The activity has been condemned 0ktapus by Group-IB because the initial goal of the attacks was to “obtain Okta identity credentials
Today, we publish our annual Impact Report. In our 2021 report, we highlight initiatives and share stories about our progress in creating a more inclusive workplace, supporting our communities, and protecting the planet. Reflecting on 2021, it’s easy to see it was a monumental year for McAfee. Our business underwent an incredible transformation — we
- 1
- 2
- 3
- …
- 5
- Next Page »