by Paul Ducklin CAN WE STOP WITH THE “SOPHISTICATED” ALREADY? The birth of ENIAC. A “sophisticated attack” (someone got phished). A cryptographic hack enabled by a security warning. Valentine’s Day Patch Tuesday. Apple closes spyware-sized 0-day hole. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With
Month: February 2023
Spoiler alert: it turned me down. But that’s far from the only thing I learned while playing around with the bot that the world has fallen in love with so badly. When it was unleashed into an astonished world on November 30th 2022, ChatGPT became the fastest-growing web app ever, reaching a million users in the
Don’t be their next victim – here’s a handy round-up of some the most common signs that should set your alarm bells ringing We all spend so much of our time online these days. It’s estimated that the average adult spends the best part of seven hours per day glued to their screens. When we’re
Feb 16, 2023Ravie LakshmananAdvanced Persistent Threat The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan, Myanmar, Nepal, and Sri Lanka between June and November 2021. Targets included government, military, law enforcement, banks, and other organizations, according to an exhaustive report published by Group-IB, which
Feb 16, 2023Ravie LakshmananSupply Chain / Software Security A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. “The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password,” software supply chain security company Illustria
Check Point has released its Global Threat Index report for January 2023, which shows AgentTesla returning to the third spot (from the ninth in December 2022) in the January 2023 Most Wanted Malware list. The Lokibot infostealer has also grown substantially, from not being in the top 10 list to second place. Further, the infostealer Vidar has
by Paul Ducklin Apple has just released updates for all supported Macs, and for any mobile devices running the very latest versions of their respective operating systems. In version number terms: iPhones and iPads on version 16 go to iOS 16.3.1 and iPadOS 16.3.1 respectively (see HT213635). Apple Watches on version 9 go to watchOS
Small and medium-sized businesses have good reason to be concerned about the loss of data and financial impacts While tech advancements have enabled small and medium businesses (SMBs) to grow their business and allowed them to evolve their operational models, cybersecurity risks and threats can cancel any progress that has been made so far. Underlying
Feb 14, 2023Ravie LakshmananAd Fraud / Online Security The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites. “The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense
A package called “aabquerys” has been spotted on the open-source JavaScript npm repository using typosquatting techniques to enable the download of malicious components. The findings come from security researchers at ReversingLabs, who have said aabquerys was able to download second- and third-stage malware payloads to infected systems. “The package name, aabquerys, is also similar to the name
by Naked Security writer In October 2022, we asked you to imagine being stuck in the following awful situation: Imagine that you’d spoken in what you thought was total confidence to a psychotherapist, but the contents of your sessions had been saved for posterity, along with precise personal identification details such as your unique national
Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers “use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma stealer,” Trend Micro researchers Aliakbar Zahravi
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new Cybersecurity Advisory (CSA) on Thursday warning critical infrastructure sector entities against ongoing North Korean state-sponsored ransomware activity. Part of the #StopRansomware campaign, the new advisory is a result of a collaboration between CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department
by Paul Ducklin DO WE REALLY NEED A NEW “WAR AGAINST CRYPTOGRAPHY”? We talk to renowned cybersecurity author Andy Greenberg about his tremendous new book, Tracers in the Dark. Hear Andy’s thoughtful commentary on cybercrime, law enforcement, anonymity, privacy, and whether we really need a “war against cryptography” – codes and ciphers that the government
What is behind the drop in ransomware and what should still be done for containing the ransomware scourge? Ransomware detections fell by 20% between 2021 and 2022, according to ESET’s latest Threat Report. What is behind the drop, why is ransomware still a huge problem, and what has yet to be done before the ransomware
Feb 11, 2023Ravie LakshmananRansomware / Endpoint Security After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on
Reddit suffered a cyber-attack after its internal systems were breached on February 05 due to a “sophisticated” and “highly-targeted” phishing attack that led to employee credential compromise. “The attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway in an attempt to steal credentials and second-factor tokens,”
by Paul Ducklin Popular social media site Reddit – “orange Usenet with ads”, as we’ve somewhat ungraciously heard it described – is the latest well-known web property to suffer a data breach in which its own source code was stolen. In recent weeks, LastPass and GitHub have confessed to similar experiences, with cyercriminals apparently breaking
Your smart speaker is designed to listen, but could it be eavesdropping too? Ever since Amazon came under fire for being able to potentially listen in on people through its Echo smart speakers, and even transcribe what they were saying, I have been intrigued by the idea of how IoT could be used to snoop
Feb 10, 2023Ravie LakshmananSupply Chain / Software Security Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file. The packages in question are aptx, bingchilling2, httops, and tkint3rs, all of which
Large-scale supply chain attacks have become a huge challenges for information security professionals. The past three years has seen a staggering 742% surge of supply chain attacks , according to cybersecurity firm Sonatype. To evolve software supply chain security, organizations should start by using the tools the open source community offers, said Thomas Steenbergen, head
by Paul Ducklin CAN YOU GET HACKED AND THEN PROSECUTED FOR IT? Cryptocurrency crimelords. Security patches for VMware, OpenSSH and OpenSSL. Medical breacher busted. Is that a bug or a feature? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin Intro
A view of the T3 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts In 2022, an unprovoked and unjustified attack on Ukraine shocked the world, bringing devastating effects on the country and its population. The war continues to impact everything from energy prices and
Feb 09, 2023Ravie LakshmananNetwork Security / IoT Security A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things (IIoT) devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology (OT) environments. “Threat actors can exploit vulnerabilities in Wireless IIoT devices
A British Member of Parliament (MP) has revealed his personal email account was hacked by suspected Russian threat actors. Stewart McDonald from the Scottish National Party (SNP) highlighted the spearphishing incident in a tweet published on February 8. It read: “Over the past couple of weeks I have been dealing with a sophisticated and targeted
by Paul Ducklin OpenSSL, probably the best-known if not the most widely-used encryption library in the world, has just release a trifecta of security updates. These patches cover the two current open-source versions that the organisation supports for everyone, plus the “old” 1.0.2-version series, where updates are only available to customers who pay for premium
No internet, perfect security? Two ESET researchers perform a thought experiment where they consider the implications of being plunged into digital darkness. Not every computer problem is due to a war in Ukraine, or the failure of the power grid in Texas. But let’s say your network access gets shut off from the rest of
Feb 08, 2023Ravie LakshmananEncryption / IoT Security The U.S. National Institute of Standards and Technology (NIST) has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography applications. “The chosen algorithms are designed to protect information created and transmitted by the Internet of Things (IoT), including
For small and medium-sized businesses (SMBs) the evolving cyber insurance landscape can be particularly challenging to navigate. With the rise in ransomware attacks and their associated costs for many organizations there is a place for cyber insurance as part of their business coverage. IMB’s 2022 Data Breach Report noted that the average cost of a
by Paul Ducklin Cybersecurity news, in Europe at least, is currently dominated by stories about “VMWare ESXi ransomware” that is doing the rounds, literally and (in a cryptographic sense at least) figuratively. CERT-FR, the French government’s computer emergency response team, kicked off what quickly turned into a mini-panic at the tail end of last week,