Efforts to take down multiple domains that offered distributed denial-of-services (DDoSs) for hire were successful and resulted in another announcement from the Justice Department (DOJ), which yesterday declared that it had seized 15 internet domains, as well as filed criminal charges against three defendants who facilitated the computer attack platforms. According to a DOJ news release
by John E Dunn The second report in a week has analysed phishing attacks that are attempting – and probably succeeding – in bypassing older forms of two-factor authentication (2FA). The latest is from campaign group Amnesty International, which said it had detected two campaigns sending bogus account alerts targeting around 1,000 human rights defenders
Researchers have discovered a kernel-based vulnerability in a driver bundled with IBM Trusteer Rapport for MacOS, according to a recently published advisory from Trustwave. If exploited, the vulnerability could elevate privileges on the local machine, allowing an attacker to subvert or disable Trusteer altogether. According to Trustwave, its researchers worked with IBM throughout the disclosure process.
by Paul Ducklin The Naked Security Podcast rings out 2018 with a look at the big issues of the past year. With Anna Brading, Paul Ducklin and Matthew Boddy. This week’s links: Huge Marriott breach Big Facebook breach Cambridge Analytica’s secret coding sauce Iranian hackers charged over SamSam ransomware After SamSam comes the Ryuk ransomware
US chain Caribou Coffee announced a payment card data breach on Thursday, listing 265 outlets across 11 states that had been affected. It claimed to have identified unusual network activity on November 28, enlisting the help of Mandiant, which subsequently found evidence of unauthorized access to point of sales (POS) systems two days later. The
by John E Dunn Microsoft has found itself fixing a lot of zero-day flaws recently, including CVE-2018-8611, (patched this month), and November’s CVE-2018-8589 and CVE-2018-8589. Now it has released an emergency patch for a remote code execution (RCE) zero-day vulnerability in Internet Explorer’s Jscript scripting engine affecting all versions of Windows, including Windows 10. Identified
The UK government is under pressure to act after two drones were spotted flying over London’s Gatwick Airport, forcing all flights to be cancelled since Wednesday evening. Tens of thousands of Christmas passengers have been stranded since yesterday evening and that number is likely to increase exponentially today with over 700 flights potentially affected if
by Paul Ducklin Artificial intelligence, fuzzy logic, neural networks, deep learning… …any tools that help computers to behave in a way that’s closer to what we could call “thinking” are immensely useful in fighting cybercrime. That’s because what’s generally known today as machine learning is good at dealing quickly with immense amounts of threat-related data,
Cyber-criminals are increasingly downsizing from selling their wares on large dark web marketplaces in a bid to build trust with buyers, according to McAfee. The security giant claimed in its latest threat report for Q3 that the trend can also be seen as a response to law enforcement activity. Police effected the major takedowns of
by Mark Stockley Thanks to Hajnalka Kope of SophosLabs for the research behind this article. Last month the world learned that the FBI thinks it has identified the two people behind the notorious SamSam ransomware attacks. SamSam, you may recall, gained notoriety for plundering ransoms from vulnerable targets like hospitals, and for devastating attacks like
Supporters of YouTube sensation PewDiePie have been at it again, this time defacing a Wall Street Journal web page in another bid to boost his subscribers. The page itself, originally sponsored by a technology giant, was apparently fixed promptly by the newspaper’s IT team, but can be viewed here. It references the WSJ’s 2017 investigation
by Lisa Vaas Oh, those incorrigible password abusers. After all these years of being shamed (if they cared or were paying attention), they’re still using “123456” as a password. This year, according to SplashData’s annual worst password list, that stale cracker came in at No. 1. Again. “password” was the No. 2 dust bunny to
Printers around the world appear to have been hijacked again with a message to subscribe to a popular YouTube vlogger, and improve their cybersecurity. Those behind the attack are thought to be the same ones that managed to get a message in support of social media star PewDiePie printed out on 50,000 machines last month.
by Lisa Vaas What do Nutella, the Pentagon, Kanye West and cryptocurrency owners have in common? They’re all really really bad at passwords. In fact, they’re the top four when it comes to password craptitude, according to an annual list of the worst password offenders put out by password managing app Dashlane. Dashlane released the
Law enforcement agencies across the country spent the better part of yesterday evening investigating a slew of bomb threats delivered by email to businesses and universities across the US and Canada. The hoax email warning that an explosive device was in the recipient’s place of work evoked fear among many Americans yesterday, according to KrebsonSecurity.
by Lisa Vaas Facebook filed a patent, titled “Offline Trajectories,” last week in which it proposes predicting users’ “location trajectories” – in other words, where we’re likely headed. Knowing when we’re about to hurtle into a no-WiFi-connection limbo means Facebook can “prefill” our phones with content and ads. It knows enough to know a lot more
An unprotected ElasticSearch server led to a potentially massive data leak for a popular avatar app maker, Boomoji. The app, which is based in China and has 5.3 million users across the globe, allows iOS and Android users to create 3D avatars. The personal data of its entire user base was exposed after Boomoji reportedly left
by Danny Bradbury Google keeps tabs on much of your activity, including your browsing history and your location. Now, it turns out that its YouTube service is also reading what’s in your videos, too. Programmer Austin Burk, who goes by the nickname Sudofox, discovered the issue after discovering a cross-site scripting (XSS) flaw on another site.
by Lisa Vaas Are you one of the travelers to the US who’ve been stopped, questioned, and required to hand over your electronic devices for search? Our apologies: there’s a good chance that we still have your data kicking around on a USB drive. Somewhere. Maybe. Unless we lost it, I guess. The Office of
Over 40,000 credentials for accounts on government portals around the world have been leaked online, and are most likely up for sale on the dark web. Russian security firm Group-IB said usernames and cleartext passwords were available for various local and national government entities across more than 30 countries. It’s not clear exactly how they
by Lisa Vaas A recently patched trio of flaws in Samsung’s mobile site was leaving users vulnerable to attackers who could have reset their user passwords and hijacked their accounts, The Register reports. The flaws were found by security researcher Artem Moskowsky, who said that they were all cross-site request forgery (CSFR), or, alternatively, XSRF,
The coming year will see a mix of old and new as phishing is supercharged with AI but reported vulnerabilities continue to cause organizations problems, according to Trend Micro. The security giant claimed in its predictions report this week that phishing will continue to grow in popularity as exploit kits fade. The number of detections
by John E Dunn What’s the safest way for a criminal to buy counterfeit banknotes? Curiously, it’s not necessarily from the dark web, as 235 people now “detained” by police have just discovered. According to Europol, between 19 November and 3 December police forces in 13 countries searched 300 properties, uncovering caches of drugs, guns
The NHS will be banned from buying any more fax machines from next month as the government looks to upgrade the health service to more modern and secure communications platforms. Health secretary Matt Hancock has also ordered a complete ban on their use by March 2020, as part of a plan to bring the NHS into
by Danny Bradbury WordPress users are facing another security worry following the discovery of a massive botnet. Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords. They are then using those sites to infect even more WordPress installations. The botnet, which WordPress security company Wordfence discovered last week, infects sites using a
Europol is celebrating after a major crackdown on online buyers of counterfeit money which has seen hundreds detained. The police group claimed its latest operation stemmed from an arrest of a print shop owner in Austria in June this year. The man was found to have been making counterfeit 10, 20, and 50 euro banknotes and
by Danny Bradbury Twelve US states are suing an electronic healthcare record provider who lost 3.9 million personal records in 2015. The Attorneys general of Arizona, Arkansas, Florida, Indiana, Iowa, Kansas, Kentucky, Louisiana, Minnesota, Nebraska, North Carolina, and Wisconsin clubbed together to file suit against Indiana-based Medical Informatics Engineering (MIE) and its subsidiary NoMoreClipboard (NMC)
According to the EU GDPR (General Data Protection Regulation) Implementation Review Survey conducted by IT Governance, six months after the GDPR went into effect, the majority of organizations are failing to implement the mandatory regulations. The study included 210 responses from participating organizations ranging in size from fewer than 10 to more than 1,001 employees from across
by Lisa Vaas VTech, the Hong-Kong-based smart-toy maker has hit another bump in the road. This time around, it’s a serious security flaw in the software of VTech’s flagship tablet, the Storio Max, which is called the InnoTab Max in the UK. The flaw could allow hackers to remotely take control of the device and