Cybersecurity researchers on Thursday disclosed details of a previously undiscovered in-memory Windows backdoor developed by a hacker-for-hire operation that can execute remotely malicious code and steal sensitive information from its targets in Asia, Europe, and the US. Dubbed “PowerPepper” by Kaspersky researchers, the malware has been attributed to the DeathStalker group (formerly called Deceptikons), a
Month: December 2020
ESET experts look back at some of the key themes that defined the cybersecurity landscape in the year that’s ending and give their takes on what to expect in 2021 2020 has been a year like no other in living memory. It will go down in history for many things, but they all pale in
A cybersecurity company has urged the rising number of smart sex toy owners to think about protection. Sales of internet-connected sex toys, also known as teledildonics, have increased since lockdown measures were introduced to slow the spread of COVID-19. In March alone, sex toy revenue in France, Italy, and Spain, where lockdown measures were particularly stringent, exceeded
Santa will soon come down the chimney, but there are potential entry points into your home and digital life that you should never leave open Many of us associate early December with the first snowfall, Holiday preparations and the beginning of Advent. And what better way to celebrate the preparations for the most wonderful time
There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment. Why would an attacker take the long, complicated way if they have the keys to the front door? No matter how extensive your security solutions are, protecting the various
A trio of companies is launching a new research institute whose intended purpose is to strengthen privacy and trust for decentralized artificial intelligence (AI). The Private AI Collaborative Research Institute, originally established by Intel‘s University Research & Collaboration Office (URC), is launching as a joint project involving digital security and privacy products vendor Avast and AI software-defined secure computing
Security operations, or SecOps, has had a direct, if increasingly challenging, mandate since the dawn of enterprise networking: detect, respond to, predict and prevent cyberattacks. But SecOps roles and responsibilities are shifting to accommodate growing interest in an offensive, rather than defensive, approach to cybersecurity. By staying ahead of threats and anticipating bad actors’ next
Using a zero-click exploit, an attacker could have taken complete control of any iPhone within Wi-Fi range in seconds Earlier this year, Apple patched a severe security loophole in an iOS feature that could have allowed attackers to remotely gain complete control over any iPhone within Wi-Fi range. However, details about the flaw, which was
by Paul Ducklin In this episode: we look at a network intrusion where the crooks tried to take over dozens of different online accounts from every user, we discuss the potential dangers of digital doorbells, and we give you some handy hints for improving your wireless security at home. With Kimberly Truong, Doug Aamoth and
A global spear-phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, according to new research. Attributing the operation to a nation-state actor, IBM Security X-Force researchers said the attacks took aim at the vaccine cold chain, companies responsible for storing and delivering the COVID-19 vaccine at safe temperatures.
Universities and colleges around the world are being targeted by a new phishing campaign, according to fresh research published by RiskIQ. Among the educational establishments to be hit by the Shadow Academy campaign are Louisiana State University (LSU) in the United States and Oxford, Brighton, and Wolverhampton Universities in the United Kingdom. RiskIQ researchers got wind
ESET researchers discover a new backdoor used by Turla to exfiltrate stolen documents to Dropbox ESET researchers found a previously undocumented backdoor and document stealer. Dubbed Crutch by its developers, we were able to attribute it to the infamous Turla APT group. According to our research, it was used from 2015 to, at least, early
by Paul Ducklin Well-known Google Project Zero researcher Ian Beer has just published a blog post that is attracting a lot of media attention. The article itself has a perfectly accurate and interesting title, namely: An iOS zero-click radio proximity exploit odyssey. But it’s headlines like the one we’ve used above that capture the practical
TrickBot, one of the most notorious and adaptable malware botnets in the world, is expanding its toolset to set its sights on firmware vulnerabilities to potentially deploy bootkits and take complete control of an infected system. The new functionality, dubbed “TrickBoot” by Advanced Intelligence (AdvIntel) and Eclypsium, makes use of readily available tools to check
The CEO and co-founder of a billion-dollar cybersecurity company has moved its headquarters out of San Francisco because it’s “not the city it was.” Forty-year-old Orion Hindawi helped to build up two successful companies in the San Francisco Bay Area where he was born. Now he is relocating the head office of Tanium—the endpoint security
Without ever setting foot in the lab, a threat actor could dupe DNA researchers into creating pathogens, according to a study describing “an end-to-end cyber-biological attack” Researchers have described a theoretical cyberattack that could be used to dupe unsuspecting scientists into producing dangerous biological substances, toxins and synthetic viruses. The paper, authored by researchers from Israel’s
Having employees connect remotely to your corporate network is not new. Most companies use cloud-based software-as-a-service (SaaS) applications and have some virtual private network (VPN) or remote desktop capabilities to enable field sales staff or roaming users to connect to essential applications and data. However, few — if any — companies were prepared for our
Multiple botnets are targeting thousands of publicly exposed and still unpatched Oracle WebLogic servers to deploy crypto miners and steal sensitive information from infected systems. The attacks are taking aim at a recently patched WebLogic Server vulnerability, which was released by Oracle as part of its October 2020 Critical Patch Update and subsequently again in
An American hacker has been sent to prison for carrying out a series of cyber and swatting attacks, including sending bogus threats of shootings and bombings to schools in the United Kingdom and the United States. North Carolina resident Timothy Dalton Vaughn also called in a false report of an airplane hijacking involving a jetliner
Baltimore County Public Schools became the latest victim of ransomware attacks against the K-12 education sector, which have seen increases in frequency, sophistication and ransom demands in recent months. Since the start of the new school year, the hurried switch to remote learning brought on by COVID-19 has caused significant cybersecurity risks, which were only
by Paul Ducklin Did you know you can join us for a live cybersecurity lecture every Friday? Just keep an eye on the @NakedSecurity Twitter feed or check our Facebook page on Fridays to find out the time we’ll be on air – it’s usually somewhere between 18:00 and 19:00 UK time, which is late
A nation-state actor known for its cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems, according to new research. Attributing the shift to a threat actor tracked as Bismuth, Microsoft’s Microsoft 365 Defender Threat Intelligence Team said the group deployed Monero coin
Are mobile payments and digital wallets safe? Are the apps safer than credit cards? What are the main risks? Here’s what to know. While cash transactions aren’t going anywhere anytime soon, the convenience of electronic payment solutions has been steadily growing in popularity over the years. According to a recent survey by the US Federal Reserve,
Denmark’s largest news agency has refused to pay a ransom to cyber-criminals who attacked its computer system with ransomware. Wire service Ritzau was knocked offline following an attack that occurred early last week. The incident infected roughly a quarter of the agency’s 100 servers with malware, causing editorial systems to be shut down. Copenhagen-based Ritzau, which has