Episode 257 of the Transatlantic Cable kicks off with discussions about a concerning story of hacking airplanes and cargo ships – is it possible or just FUD? From there, the team discuss news about an office man in Japan (not much more is known about this mysterious gentleman) who went out for a drink after work and show more ...
Federal Civilian Executive Branch agencies were also advised to block Basic auth after migrating to Modern Auth, which, according to Microsoft, will make it harder for hackers to pull off successful password spray and credential stuffing attacks.
In less than six months since raising €3.8 million (~$4 million) in a seed funding round, Paris-based Stoïk has now pocketed €11 million (~$11.5 million) in a Series A round led by industry legends Andreessen Horowitz.
Russian hacker group Killnet told Reuters that it was continuing a major cyber attack on Lithuania on Tuesday in retaliation for Vilnius's decision to cease the transit of some goods under European Union sanctions to Russia's Kaliningrad exclave.
Threat actors are sharing malspam messages with the subject ‘Free Primary Legal Aid’ to disseminate the DarkCrystal RAT or DCRat onto victims’ systems.
Dubbed "YTStealer" by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it being distributed using fake installers that also drop RedLine Stealer and Vidar.
A federal judge on Tuesday said a former Uber Technologies Inc security chief must face wire fraud charges over his alleged role in trying to cover up a 2016 hacking that exposed the personal information of 57 million passengers and drivers.
The threat of firmware attacks is a growing concern for IT leaders now that hybrid workers are connecting from home networks more frequently, according to HP Wolf Security.
LockBit ransomware affiliates are sending fake copyright infringement emails to propagate the malware. The email contains a compressed file, containing an executable disguised as a PDF doc, which actually is an NSIS installer. Not just LockBit but, in the past, BazarLoader or the Bumblebee malware loader has also carried out similar operations.
Researchers with the security firm WatchGuard report that unique ransomware detections in the first three months of the year were triple the volume of the same time period in 2021.
According to Broadcom, the Brocade SANnav storage area network (SAN) management application is affected by nine vulnerabilities. Patches have been made available for these security holes.
Agencies should test post-quantum cryptography algorithms with their software and decide whether information security benefits outweigh the efficiency losses ahead of a federally mandated transition, according to security experts.
OpenSea, the largest non-fungible token (NFT) marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days.
Developed in C++, SessionManager is a malicious native-code IIS module whose aim is to be loaded by some IIS applications, to process legitimate HTTP requests that are continuously sent to the server.
Cisco Talos researchers developed three techniques to identify ransomware operators' dark websites hosted on public IPs, allowing them to uncover previously unknown infrastructure for the DarkAngels, Snatch, Quantum, and Nokoyawa ransomware groups.
Ukrainian “cyber-police” have arrested nine alleged members of a prolific phishing gang that made 100 million hryvnias ($3.4m) by luring locals with the promise of financial support from the EU.
Wednesday’s cyberattack on Norway came two days after a similar attack temporarily knocked out public and private websites in Lithuania with a pro-Moscow hacker group reportedly claiming responsibility.
The Nebraska Department of Labor announced that the NEworks.nebraska.gov website is currently unavailable due to a national outage with their web vendor: Geographic Solutions, Inc.
On June 27, the culprit is said to have begun moving funds amounting to $39 million through the Tornado Cash mixer service in an attempt to obscure the ill-gotten gains and make it difficult to trace the transaction trail back to the original theft.
The flaw, discovered as a zero-day at the end of May and fixed with Microsoft’s Windows update on June 14, enables the execution of PowerShell commands simply by opening a Word document.
Microsoft has called out recent work from the so-called "8220 gang" group, which has recently been spotted exploiting the critical bug affecting Atlassian Confluence Server and Data Center, tracked as CVE-2022-26134.
A recently-patched security hole in Chromium browsers allowed attackers to bypass safeguards against dangling markup injection’, an attack that extracts sensitive information from webpages.
Ubuntu Security Notice 5497-1 - It was discovered that Libjpeg6b was not properly performing bounds checks when compressing PPM and Targa image files. An attacker could possibly use this issue to cause a denial of service. Chijin Zhou discovered that Libjpeg6b was incorrectly handling the EOF character in input data show more ...
Ubuntu Security Notice 5496-1 - Mike Stroyan discovered that cloud-init could log password hashes when reporting schema failures. An attacker with access to these logs could potentially use this to gain user credentials.
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure show more ...
Backdoor.Win32.Coredoor.10.a malware suffers from an authentication bypass vulnerability.
Backdoor.Win32.EvilGoat.b malware suffers from a hardcoded credential vulnerability.
Backdoor.Win32.Cafeini.b malware suffers from a hardcoded credential vulnerability.
launchd suffers from a heap corruption vulnerability due to incorrect rounding in launch_data_unpack.
A former Canadian government employee this week agreed to plead guilty in the U.S. to charges related to his involvement with the NetWalker ransomware syndicate. Sebastien Vachon-Desjardins, who was extradited to the U.S. on March 10, 2022, is accused of conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, and transmitting a demand in relation to
The notorious North Korea-backed hacking collective Lazarus Group is suspected to be behind the recent $100 million altcoin theft from Harmony Horizon Bridge, citing similarities to the Ronin bridge attack in March 2022. The finding comes as Harmony confirmed that its Horizon Bridge, a platform that allows users to move cryptocurrency across different blockchains, had been breached last week.
One of the commissioners of the U.S. Federal Communications Commission (FCC) has renewed calls asking for Apple and Google to boot the popular video-sharing platform TikTok from their app stores citing "its pattern of surreptitious data practices." "It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing's apparently
Shadow IT refers to the practice of users deploying unauthorized technology resources in order to circumvent their IT department. Users may resort to using shadow IT practices when they feel that existing IT policies are too restrictive or get in the way of them being able to do their jobs effectively. An old school phenomenon Shadow IT is not new. There have been countless examples of
Google's Threat Analysis Group (TAG) on Thursday disclosed it had acted to block as many as 36 malicious domains operated by hack-for-hire groups from India, Russia, and the U.A.E. In a manner analogous to the surveillanceware ecosystem, hack-for-hire firms equip their clients with capabilities to enable targeted attacks aimed at corporates as well as activists, journalists, politicians, and
A new version of the LockBit ransomware offers a bug bounty, women uninstall period-tracking apps in fear of how their data might be used against them, and Microsoft's facial recognition tech no longer wants to know how you're feeling. All this and much more is discussed in the latest edition of the show more ...
Although only active for the past couple of months, the Black Basta ransomware is thought to have already hit almost 50 organisations. Read more in my article on the Tripwire State of Security blog.
Graham Cluley Security News is sponsored this week by the folks at SolCyber. Thanks to the great team there for their support! If the bad guys don’t discriminate when it comes to who they are attacking, how can your business settle for anything less than the very best security? SolCyber has brought to market a … Continue reading "How to get Fortune 500 cybersecurity without the hefty price tag"
Popular NFT marketplace OpenSea has warned users that they might be targeted with phishing attacks following a data breach that exposed the email addresses of its users and newsletter subscribers.
