Showing only posts in Ars Technica. Show all posts.

Prominent cryptocurrency exchange infected with previously unseen Mac malware

Source

Enlarge (credit: Getty Images) Researchers have discovered previously unknown Mac malware infecting a cryptocurrency exchange. It contains a full suite of capabilities, including the ability to steal private data and download and execute new malicious files. Dubbed JokerSpy, the malware is written in the Python programming language and makes …

The US Navy, NATO, and NASA are using a shady Chinese company’s encryption chips

Source

Enlarge (credit: Bet_Noire/Getty ) From TikTok to Huawei routers to DJI drones, rising tensions between China and the US have made Americans—and the US government—increasingly wary of Chinese-owned technologies. But thanks to the complexity of the hardware supply chain, encryption chips sold by the subsidiary of a …

Millions of Americans’ personal DMV data exposed in massive MOVEit hack

Source

Enlarge (credit: Getty Images) As part of a massive ongoing cyberattack that exploits flaws in MOVEit file transfer software, the personal data of millions of US citizens, including those residing in Louisiana and Oregon, have been exposed to criminal organizations, according to CNN. In the wider attack, hackers targeted …

Russia-backed hackers unleash new USB-based malware on Ukraine’s military

Source

Enlarge (credit: Getty Images) Hackers working for Russia’s Federal Security Service have mounted multiple cyberattacks that used USB-based malware to steal large amounts of data from Ukrainian targets for use in its ongoing invasion of its smaller neighbor, researchers said. “The sectors and nature of the organizations and …

Dozens of popular Minecraft mods found infected with Fracturiser malware

Source

Enlarge (credit: Getty Images) A platform that provides plugin software for the wildly popular Minecraft game is advising users to immediately stop downloading or updating mods after discovering malware has been injected into dozens of offerings it makes available online. The mod-developer accounts were hosted by CurseForge, a platform …

Google’s Android and Chrome extensions are a very sad place. Here’s why

Source

Enlarge (credit: Photo Illustration by Miguel Candela/SOPA Images/LightRocket via Getty Images) No wonder Google is having trouble keeping up with policing its app store. Since Monday, researchers have reported that hundreds of Android apps and Chrome extensions with millions of installs from the company’s official marketplaces …

“Clickless” iOS exploits infect Kaspersky iPhones with never-before-seen malware

Source

Enlarge Moscow-based security firm Kaspersky has been hit by an advanced cyberattack that used clickless exploits to infect the iPhones of several dozen employees with malware that collects microphone recordings, photos, geolocation, and other data, company officials said. “We are quite confident that Kaspersky was not the main target …

Millions of PC motherboards were sold with a firmware backdoor

Source

Enlarge (credit: BeeBright/Getty Images) Hiding malicious programs in a computer’s UEFI firmware, the deep-seated code that tells a PC how to load its operating system, has become an insidious trick in the toolkit of stealthy hackers. But when a motherboard manufacturer installs its own hidden backdoor in …

Researchers tell owners to “assume compromise” of unpatched Zyxel firewalls

Source

Enlarge (credit: Getty Images) Firewalls made by Zyxel are being wrangled into a destructive botnet, which is taking control of them by exploiting a recently patched vulnerability with a severity rating of 9.8 out of a possible 10. “At this stage if you have a vulnerable device exposed …

Critical Barracuda 0-day was used to backdoor networks for 8 months

Source

Enlarge (credit: Getty Images ) A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The vulnerability has been used to install multiple pieces of malware inside large organization networks and steal data, Barracuda said …

Inner workings revealed for “Predator,” the Android malware that exploited 5 0-days

Source

Enlarge Smartphone malware sold to governments around the world can surreptitiously record voice calls and nearby audio, collect data from apps such as Signal and WhatsApp, and hide apps or prevent them from running upon device reboots, researchers from Cisco’s Talos security team have found. An analysis Talos …

Unearthed: CosmicEnergy, malware for causing Kremlin-style power disruptions

Source

Enlarge (credit: Getty Images) Researchers have uncovered malware designed to disrupt electric power transmission and may have been used by the Russian government in training exercises for creating or responding to cyberattacks on electric grids. Known as CosmicEnergy, the malware has capabilities that are comparable to those found in …

Potentially millions of Android TVs and phones come with malware preinstalled

Source

Enlarge / Cybercriminals or anonymous hackers use malware on mobile phones to hack personal and business passwords online. (credit: Getty Images) Overall, Android devices have earned a decidedly mixed reputation for security. While the OS itself and Google's Pixels have stood up over the years against software exploits, the never-ending …

Google pushes .zip and .mov domains onto the Internet, and the Internet pushes back

Source

Enlarge (credit: Aurich Lawson | Getty Images) A recent move by Google to populate the Internet with eight new top-level domains is prompting concerns that two of the additions could be a boon to online scammers who trick people into clicking on malicious links. Frequently abbreviated as TLD, a top-level …

Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense

Source

Enlarge (credit: Aurich Lawson | Getty Images) Federal authorities, tech pundits, and news outlets want you to be on the lookout for a scary cyberattack that can hack your phone when you do nothing more than plug it into a public charging station. These warnings of “juice jacking,” as the …

Sensitive data is being leaked from servers running Salesforce software

Source

Enlarge (credit: Getty Images ) Servers running software sold by Salesforce are leaking sensitive data managed by government agencies, banks, and other organizations, according to a post published Friday by KrebsOnSecurity. At least five separate sites run by the state of Vermont permitted access to sensitive data to anyone, Brian …

ChatGPT now allows disabling chat history, declining training, and exporting data

Source

Enlarge (credit: OpenAI / Stable Diffusion) On Tuesday, OpenAI announced new controls for ChatGPT users that allow them to turn off chat history, simultaneously opting out of providing that conversation history as data for training AI models. Also, users can now export chat history for local storage. The new controls …

Pro-Russian hackers target elected US officials supporting Ukraine

Source

Enlarge / Locked out. (credit: Sean Gladwell / Getty Images ) Threat actors aligned with Russia and Belarus are targeting elected US officials supporting Ukraine, using attacks that attempt to compromise their email accounts, researchers from security firm Proofpoint said. The campaign, which also targets officials of European nations, uses malicious JavaScript …

Hackers drain bitcoin ATMs of $1.5 million by exploiting 0-day bug

Source

Enlarge / A BATM sold by General Bytes. (credit: General Bytes) Hackers drained millions of dollars in digital coins from cryptocurrency ATMs by exploiting a zero-day vulnerability, leaving customers on the hook for losses that can’t be reversed, the kiosk manufacturer has revealed. The heist targeted ATMs sold by …

Ransomware attacks have entered a heinous new phase

Source

Enlarge (credit: Don Farrall/Getty Images) In February, attackers from the Russia-based BlackCat ransomware group hit a physician practice in Lackawanna County, Pennsylvania, that's part of the Lehigh Valley Health Network (LVHN). At the time, LVHN said that the attack “involved” a patient photo system related to radiation oncology …

Malware infecting widely used security appliance survives firmware updates

Source

Enlarge (credit: Getty Images ) Threat actors with a connection to the Chinese government are infecting a widely used security appliance from SonicWall with malware that remains active even after the device receives firmware updates, researchers said. SonicWall’s Secure Mobile Access 100 is a secure remote access appliance that …

Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

Source

Enlarge (credit: Aurich Lawson | Getty Images) Researchers on Wednesday announced a major cybersecurity find—the world’s first-known instance of real-world malware that can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows. Dubbed …

Ukraine suffered more data-wiping malware than anywhere, ever

Source

Enlarge (credit: Celestino Arce/Getty Images) Amidst the tragic toll of Russia's brutal and catastrophic invasion of Ukraine, the effects of the Kremlin's long-running campaign of destructive cyberattacks against its neighbor have often—rightfully—been treated as an afterthought. But after a year of war, it's becoming clear that …

Twitter’s two-factor authentication change “doesn’t make sense”

Source

Enlarge (credit: Bloomberg via Getty Images ) Twitter announced Friday that as of March 20, it will only allow its users to secure their accounts with SMS-based two-factor authentication if they pay for a Twitter Blue subscription. Two-factor authentication, or 2FA, requires users to log in with a username and …

« newer articles | page 14 | older articles »