Hello, friends! Welcome back to Week in Review, where we quickly recap the most read stories on TechCrunch from the last 7 days. The goal: If you had a busy week, you should be able to skim WiR and still have a pretty good sense of what happened in tech. Want it in your inbox?
Cybersecurity solutions provider Emsisoft has released a free decryption tool to enable AstraLocker and Yashma ransomware victims to recover their files without paying a ransom. The company made the announcement in a series of Twitter posts earlier today, providing a download link and related instructions for the tool. “The AstraLocker decryptor is for the Babuk-based one using .Astra or .babyk extension, and they
Cybersecurity researchers are drawing attention to an ongoing wave of attacks linked to a threat cluster tracked as Raspberry Robin that’s behind a Windows malware with worm-like capabilities. Describing it as a “persistent” and “spreading” threat, Cybereason said it observed a number of victims in Europe. The infections involve a worm that propagates over removable
Scammers don’t take the summer off – be on your guard when buying your Crit’Air sticker If you drive your own vehicle in certain regions of France at certain times, you will need to purchase a special ‘clean air sticker’ called Crit’Air or risk facing a fine from the French government. Similar schemes already exist
Welcome back to Chain Reaction. Last week, we looked at Solana’s smartphone and the post-Apple tech industry. This week, we’re looking at a web3 without Big Tech. To get this in your inbox every Thursday, you can subscribe on TechCrunch’s newsletter page. no trillionaires allowed Unlike other moonshot tech categories, it’s become increasingly clear that
To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT (except today because of the breaking Musk news!), subscribe here. Jet-lagged and post-COVID-fatigued, Haje is back, joining Christine to bring you fine morsels of tech news in this very newsletter. Also, hearsay (and the
Vacations are a great time to unwind, but if you’re not careful, you may face a digital disaster. Here’s how to keep your devices and data secure while you’re on the move Vacations are the perfect time to unwind, but if you’re not careful, you may face a digital disaster. Being outside of their normal
A fake LinkedIn job offer was the reason behind Axie Infinity’s $600m hack, according to a new investigation by The Block. The digital assets-focused outlet said on Wednesday that while the US government attributed the attack to the North Korean hacker group Lazarus, full details of how the exploit was executed had not been disclosed. The Block said that according
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Paul Ducklin and Chester Wisniewski. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.
In this digital age, communicating online and through our devices has become the norm. From sharing highlights of last night’s game to sending cute animal videos back and forth, so much of our connectedness happens virtually. It’s become so easy to chat with friends and loved ones through social media that we don’t even have
A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems. “Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker’s machine,” Fortinet FortiGuard Labs researcher Cara Lin said in a report this week. Tracked as
Twitter is not on the same page as Elon Musk when it comes to his newly official attempt to back out of his proposed $44 billion acquisition of the company. The company issued a brief formal statement regarding Musk’s merger termination attempt, which relies on the prodigious breeder‘s assertion that Twitter misled him about the
The investment firm Sequoia Capital has no shortage of internal programs for the founders it backs. The idea is to help its startups not merely by sheer dint of their affiliation with Sequoia but by helping them at the outset with everything from storytelling to recruiting strategies in order to give them an edge over
Avoiding a costly social engineering attack often requires employees to spot suspicious emails before threat actors request sensitive information or access. Cofense Intelligence published new research Thursday that showed most business email compromise (BEC) scams can be thwarted in their initial stages when the attackers are not asking for money or a transfer of funds.
Chinese APT groups are increasingly targeting Russian organizations following the war in Ukraine, according to research by SentinelLabs. The latest investigation indicated that a Chinese state-sponsored cyber espionage group launched a “cluster” of phishing emails to deliver remote access Trojan (RAT) malware, most commonly Bisonal, against Russian targets in recent weeks. SentinelLabs researchers attributed this threat
by Paul Ducklin Remember the Log4Shell bug that showed up in Apache Log4j late in 2021? Log4j is one of the Apache Software Foundation’s many software projects (more than 350 at current count), and it’s a programming library that Java coders can use to manage logfiles in their own products. Logfiles are a vital part
Fewer people carry cash these days, kids included. This growing paperless reality fast-forwards the parenting task of educating kids on financial responsibility. As of 2021, most cash apps allow kids 13 and up to open accounts (previously, the age was 18). Kids can also get a cash app debit card for retail purchases. But while
In what’s being described as an “unprecedented” twist, the operators of the TrickBot malware have resorted to systematically targeting Ukraine since the onset of the war in late February 2022. The group is believed to have orchestrated at least six phishing campaigns aimed at targets that align with Russian state interests, with the emails acting
According to a new report from The Washington Post that relies heavily on anonymous sources, the world’s richest man is still looking for a way out of a $44 billion deal of his own making. The Post reports that we’ll probably be seeing a “change in direction from Musk’s team” soon, according to its unnamed
“Frequent” investigations into local units of Chinese firms by Indian authorities “impedes the improvement of business environment” in India and “chills the confidence and willingness” of other foreign nation’s businesses to invest and operate in the South Asian market, China’s embassy in India said in a statement, following raids into Vivo offices earlier this week.
The leaders of MI5 and the FBI shared the stage for the first time yesterday in a bid to warn business leaders and academics of the seriousness of the espionage threat from China. British intelligence boss Ken McCallum explained that the Communist Party and the government it controls has been engaged for years in attempts
by Paul Ducklin Just over a week ago, the newswires were abuzz with news of a potentially serious bug in the widely-used cryptographic library OpenSSL. Some headlines went as far as describing the bug as a possibly “worse-than-Heartbleed flaw”, which was dramatic language indeed. Heartbleed, as you may remember, was an incredibly high-profile data leakage
It’s a question we get a lot from parents: “How can I keep my kids safe when they are constantly hopping between so many different apps?” We get it, there’s a lot to stay on top and all of it changes constantly. Unfortunately, that question doesn’t have a simple answer. But there are some baseline
Cisco on Wednesday rolled out patches for 10 security flaws spanning multiple products, one of which is rated Critical in severity and could be weaponized to conduct absolute path traversal attacks. The issues, tracked as CVE-2022-20812 and CVE-2022-20813, affect Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) and “could allow a remote attacker
To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here. Greetings, and happy Wednesday! I had to check the calendar before I said the day because does anyone really know what day it is anymore? Amanda had me cracking up with her
Here’s what to watch out for when buying or selling stuff on the online marketplace and how to tell if you’re being scammed Last year, Facebook Marketplace passed one billion global users. In so doing, it’s become a giant of the consumer-to-consumer space, allowing individual Facebook users to buy from and sell to each other
India’s anti-money laundering agency raided more than 40 offices of Chinese phone-maker Vivo across the country on Tuesday over allegations of money laundering, the latest in a series of developments illustrating the growing murky relationship between New Delhi and firms of China origin. The Enforcement Directorate searched Vivo’s offices across the states of Uttar Pradesh,
The UK’s leading cybersecurity agency has urged organizations to follow best practices and take care of their infosecurity staff in order to weather an extended period of elevated cyber risk due to the ongoing war in Ukraine. The National Cyber Security Centre (NCSC) guide, Maintaining a sustainable strengthened cyber security posture, comes on the back of warnings that
by Paul Ducklin Google’s latest update to the Chrome browser fixes a varying number of bugs, depending on whether you’re on Android, Windows or Mac, and depending on whether you’re running the “stable channel” or the “extended stable channel“. Don’t worry if you find the the plethora of Google blog posts confusing… …we did too,
In the spirit of #PrideMonth, McAfee hosted month-long celebrations across the world. One of these was a live event hosted by the McAfee Pride Community with a guest speaker from the Resource Center that focused on the history of Pride, support, allyship, and belonging. We took a moment to ask our event guest speaker, Leslie