Google researchers note similarities, can't find smoking-gun link Google's Threat Analysis Group (TAG) has spotted an interesting pattern: A Kremlin-linked cyber-espionage crew and commercial spyware makers exploiting specific security vulnerabilities in pretty much the same way.... [...]
Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. [...]
Sordid search history 'evidence' in case that could see him spend 35 years for extortion and wire fraud A former infrastructure engineer who allegedly locked IT department colleagues out of their employer's systems, then threatened to shut down servers unless paid a ransom, has been arrested and charged after …
Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further. [...]
Google revises Chrome Vulnerability Rewards Program with higher payouts for bug hunters Google's Chrome Vulnerability Rewards Program (VRP) is now significantly more rewarding – with a top payout that's at least twice as substantial.... [...]
Welcome to the second Cloud CISO Perspectives for August 2024. Today Google Cloud Security’s Peter Bailey talks about our upcoming Mandiant Worldwide Information Security Exchange (mWISE) Conference, and why mWISE can be one of the most valuable events this year for CISOs, security leaders, and those looking to …
The “ long lost lecture ” by Adm. Grace Hopper has been published by the NSA. (Note that there are two parts.) It’s a wonderful talk: funny, engaging, wise, prescient. Remember that talk was given in 1982, less than a year before the ARPANET switched to TCP/IP and the …
The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. [...]
The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and July 2024. [...]
French police reckon financial system targeted during Summer Games Nearly four weeks after the cyberattack on dozens of French national museums during the Olympic Games, the Brain Cipher ransomware group claims responsibility for the incident and says 300 GB of data will be leaked later today.... [...]
Total revenue for Q2 grew 32 percent CrowdStrike's major meltdown a month ago doesn't look like affecting the cyber security vendor's market dominance anytime soon, based on its earnings reported Wednesday.... [...]
Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of …
The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East Asian targets. [...]
CrowdStrike, other vendors, friendly govt reps...but not anyone who would tell you what happened op-ed Microsoft will host a security summit next month with CrowdStrike and other "key" endpoint security partners joining the fun — and during which the CrowdStrike-induced outage that borked millions of Windows machines will undoubtedly …
Enlarge (credit: Getty Images ) Malicious hackers are exploiting a critical vulnerability in a widely used security camera to spread Mirai, a family of malware that wrangles infected Internet of Things devices into large networks for use in attacks that take down websites and other Internet-connected devices. The attacks target …
If you haven't deployed August's patches, get busy before others do Windows users who haven't yet installed the latest fixes to their operating systems will need to get a move on, as code now exists to exploit a critical Microsoft vulnerability announced by Redmond two weeks ago.... [...]
The government-backed crew also enjoys ransomware as a side hustle Iranian government-backed cybercriminals have been hacking into US and foreign networks as recently as this month to steal sensitive data and deploy ransomware, and they're breaking in via vulnerable VPN and firewall devices from Check Point, Citrix, Palo Alto …
Authorities probing unwanted intrusion; hard questions ahead Dick's Sporting Goods, America's largest retail chain for outdoorsy types, has admitted that it suffered a cyberattack last week.... [...]
Prompt injection, ASCII smuggling, and other swashbuckling attacks on the horizon Microsoft has fixed flaws in Copilot that allowed attackers to steal users' emails and other personal data by chaining together a series of LLM-specific attacks, beginning with prompt injection.... [...]
Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not. EDITED TO ADD (8/28): Another good explainer from Kaspersky. [...]
Sword or plowshare? That depends on whether you're an attacker or a defender Sponsored Feature Artificial intelligence: saviour for cyber defenders, or shiny new toy for online thieves? As with most things in tech, the answer is a bit of both.... [...]
Phew! Consumer-grade tracking devices are good for more than finding your keys and stalking Theft of packages is an ongoing problem, so one California woman tried a high tech solution to the problem – and her use of Apple’s consumer-grade AirTags tracking devices led to two arrests.... [...]
Ground stations are the perfect place for the Great Firewall to block things China finds unpleasant The multiple constellations of broadband-beaming satellites planned by Chinese companies could conceivably run the nation's "Great Firewall" content censorship system, according to think tank The Australian Strategic Policy Institute. And if they do …
More of a storm in a teacup Today's news that Intel's Software Guard Extensions (SGX) security system is open to abuse may be overstated.... [...]
The same Beijing-backed cyber spy crew the feds say burrowed into US critical infrastructure update It looks like China's Volt Typhoon has found a new way into American networks as Versa has disclosed a nation-state backed attacker has exploited a high-severity bug affecting all of its SD-WAN customers using …
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability …
Enlarge (credit: Getty Images) Malicious hackers likely working on behalf of the Chinese government have been exploiting a high-severity zero-day vulnerability that allowed them to infect at least four US-based ISPs with malware that steals credentials used by downstream customers, researchers said Tuesday. The vulnerability resides in the Versa …
Cracked Labs examines how workplace surveillance turns workers into suspects Software designed to address legitimate business concerns about cyber security and compliance treats employees as threats, normalizing intrusive surveillance in the workplace, according to a report by Cracked Labs.... [...]
Ars Technica has a good article on what’s happening in the world of television surveillance. More than even I realized. [...]
Amazon Web Services (AWS) successfully completed an onboarding audit with no findings for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, and Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. Ernst and Young CertifyPoint auditors conducted the audit …
Legitimate emails misclassified in software snafu Updated Many administrators have had a trying Monday after getting spammed out with false malware reports by Microsoft.... [...]
National security data up for grabs, Office of the Inspector General finds update The FBI has made serious slip-ups in how it processes and destroys electronic storage media seized as part of investigations, according to an audit by the Department of Justice Office of the Inspector General.... [...]
No word yet on if ransomware is to blame The Port of Seattle, which operates the Seattle-Tacoma International Airport, is investigating a "possible cyberattack" after computer outages disrupted the airport's operations and delayed flights.... [...]
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that the Summer 2024 System and Organization Controls (SOC) 1 report is now available. The report covers 177 services over the 12-month period of July 1, 2023–June 30 …
Second sensitive info theft claimed by the same crims since June Digital data thieves have reportedly breached AMD's internal communications and are offering the allegedly stolen goods for sale.... [...]
Unprotected database with 12 years of biz records yanked offline Exclusive Nearly 2.7 TB of sensitive data — 31.5 million invoices, contracts, HIPPA patient consent forms, and other business documents regarding numerous companies across industries — has been exposed to the public internet in a non-password protected database for …
This is a big deal. A US Appeals Court ruled that geofence warrants—these are general warrants demanding information about all people within a geographical boundary—are unconstitutional. The decision seems obvious to me, but you can’t take anything for granted. [...]
Sueball suggests outsourcer went out of bounds by developing competing product A subsidiary of IT outsourcer Cognizant filed a lawsuit on Friday in Texas federal court alleging that rival Infosys was involved in stealing trade secrets and engaging in anticompetitive behavior.... [...]
Plus: Microsoft issues workaround for dual-boot crashes; ARRL cops to ransom payment, and more Infosec in brief Deniss Zolotarjovs, a suspected member of the Russian Karakurt ransomware gang, has been charged in a US court with allegedly conspiring to commit money laundering, wire fraud and Hobbs Act extortion.... [...]
Making self-healing materials based on the teeth in squid suckers. Blog moderation policy. [...]
Enlarge (credit: d3sign ) Newly discovered Android malware steals payment card data using an infected device’s NFC reader and relays it to attackers, a novel technique that effectively clones the card so it can be used at ATMs or point-of-sale terminals, security firm ESET said. ESET researchers have named …
Rap sheet spells out major no-nos after disgruntled staff blow whistle The US is suing one of its leading research universities over a litany of alleged failures to meet cybersecurity standards set by the Department of Defense (DoD) for contract awardees.... [...]
The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names …
This site will let you take a selfie with a New York City traffic surveillance camera. EDITED TO ADD: BoingBoing post. [...]
Immerse is Cloudflare’s premier annual conference in Southeast Asia Partner Content Cloudflare is excited to present Immerse, our flagship event designed to connect attendees directly with the ideas, technologies and business leaders driving network and security transformation.... [...]
This is a fantastic project mapping the global surveillance industry. [...]
Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive data... [...]
Not related to the massive outage in July, security biz spokesperson told us Some IT administrators suffered a moment of deja vu on Thursday morning as CrowdStrike blamed a cloud service issue for performance problems and lagging boot times affecting some of European customers.... [...]
What could the problem be? Reportedly, a cyberattack Updated American oil giant Halliburton is investigating an "issue," reportedly a cyberattack, that has disrupted some business operations and global networks.... [...]
In today's digital landscape, data reliability, availability, and performance are paramount. Businesses and organizations rely on cloud storage solutions that not only ensure that data is safe, but that also provide uninterrupted access and low latency. Cloud Storage is a robust solution to these challenges, offering three distinct types …