A new version of Matrix-themed ransomware MegaCortex is targeting organizations with demands of up to $5.8m to regain access to their encrypted data, according to Accenture researchers. In version two, the authors have improved automation and usability and made it harder to stop, according to Leo Fernandes, senior manager of the firm’s iDefense Malware Analysis

by John E Dunn Apple and Google have announced that they will limit the way audio recorded by their voice assistants, Siri and Google Assistant, are accessed internally by contractors. Let’s start with Apple. Apple’s privacy hump began a week ago when The Guardian ran a story revealing that contractors “regularly hear” all sorts of

The volume of destructive malware attacks has risen by 200% year-on-year in the first half of 2019, according to new data from IBM X-Force. Once the preserve of sophisticated nation state actors, it appears as if financially motivated cyber-criminals are now getting in on the act, which is bad news for a range of organizations,

by John E Dunn Last Friday, the hugely popular gaming site Club Penguin Rewritten (CPRewritten) suffered a data breach that exposed four million user accounts. Having account data including email addresses, usernames, IP addresses and passwords hacked is bad enough in any event but this was made much worse by the fact it came on

A new initiative has been announced by the Automotive Industry Action Group (AIAG) to help automotive suppliers compare their current capabilities to industry best practice. Developed in partnership with NCQ, the Cyber Safe Bundle includes a one-time virtual audit, along with either a basic or advanced enterprise risk assessment. Together, these resources allow suppliers to

by John E Dunn How does the European Space Agency (ESA) communicate securely with satellites and space missions? Surprisingly, until relatively recently it often didn’t – something which is still true for smaller, cheaper satellites such as CubeSats. Now ESA hopes that an experiment consisting of a small module built around a tiny Raspberry Pi

The organizers of BSides Manchester have hit back at accusations of corporate influence by a sponsor.  In a series of tweets, degenerateDaE highlighted the number of talks being given by employees of NCC Group, and noted that the company is also the platinum sponsor. “Out of the six organizers listed I was able to confirm

by Alice Duckett We’re back in the rhythm of our weekly episodes with episode 2 from the new series. This week, host Anna Brading is joined by Paul Ducklin, Mark Stockley and Matt Boddy. We discuss EvilGnome Linux malware [5’07”], the latest developments in the BlueKeep saga [15’53”] and whether your browser extensions are spying

Chair of the Digital, Culture, Media and Sport Committee Damian Collins MP has written to Facebook VP for global affairs and communications Sir Nick Clegg about discrepancies relating to the Cambridge Analytica investigation. Collins asked the former Deputy Prime Minister and Liberal Democrats leader, who joined Facebook in October 2018, about who at Facebook knew

by Danny Bradbury Tampering with surveillance cameras is a common activity for Hollywood heroes and criminals alike. Now, researchers have shown how they can do it in real life. Remember Speed, the 1994 movie where Keanu Reeves and Sandra Bullock had to keep a bus moving above a certain speed to stop Dennis Hopper blowing

Dwindling resources, experience and skills are the biggest challenges facing the cybersecurity profession today, according to new research from the Chartered Institute of Information Security. Nearly half (45%) of those polled for the institute’s annual survey, The Security Profession in 2018/19, pointed to lack of resources as the biggest issue they face, followed by lack

by John E Dunn Researchers at Armis Labs have discovered 11 potentially serious security flaws affecting the Wind River VxWorks real-time operating system (RTOS), described by the company as “the most widely used operating system you may never have heard about”. Collectively named ‘Urgent/11’ by Armis Labs, the flaws affect an estimated 200 million devices

Researchers are warning of a potentially serious Android ransomware threat that spreads via malicious links in SMS messages and posts in forums. ESET malware researcher, Lukas Stefanko, explained in a blog post that Android/Filecoder.C has been active since at least July 12 — distributed via Reddit posts and an Android developers forum known as “XDA

by Paul Ducklin Global financial services company Capital One has just announced a massive data breach: If you want to learn more about the Capital One cyber incident, please visit capitalone.com/facts2019/ — Capital One (@CapitalOne) July 30, 2019 The breach notification starts in general terms: Capital One Financial Corporation announced today that on July 19,

Capital One has announced a major breach of customers’ personal data, affecting over 100 million Americans and a further six million in Canada. The financial institution blamed “unauthorized access by an outside individual” who has been arrested by the FBI and is now in custody. “The largest category of information accessed was information on consumers

by John E Dunn Network Attached Storage (NAS) company Synology has issued an urgent warning for owners to check their box’s security settings after it emerged cybercriminals are targeting numerous NAS vendors with a new wave of ransomware. At first it was thought that recent attacks could be exploiting an unknown software vulnerability in Synology’s

A British cybersecurity researcher who was arrested in the US for historic hacking offenses has been spared jail time. Marcus Hutchins, 25, sprang to fame in 2017 when he discovered a “kill switch” which helped to mitigate the impact of the infamous WannaCry worm. However, a few months later things turned sour after he was

by Lisa Vaas Louisiana Governor John Bel Edwards on Wednesday declared a state of emergency after three public school districts were seized by ransomware. According to local news station KSLA, one of the affected school districts, Sabine Parish in northern Louisiana, released this statement on Wednesday night: The Sabine Parish School System was hit with

Ransomware dominated the first half of 2019, while mobile banking malware threats grew by more than 50% from 2018 to 2019, according to Check Point’s Mid-Year Trends Report. “This year collaborations between threat actors allowed even more destructive attacks that paralyzed numerous organizations worldwide. What ends with a ransomware attack usually starts with a more

by Paul Ducklin The featured image above comes from @Doctor_Tran’s Twitter feed. Here is a fascinating story – a morality tale, even. What follows is quite long, we admit, but we think you’ll find it interesting, informative and intriguing in equal measure. We’re dealing with a cybercriminal who forged his relationship with the underworld right

Web traffic during Amazon Prime Day, in which 250 e-commerce merchants participated, reflected a significant uptick in the US, according to Akamai. The fifth annual event spanned 48 hours this year, resulting in a 14% spike in web traffic. “This increase in participation and strong revenue figures mean that traffic was up as shoppers researched

by Alice Duckett We’re finally back with Series 2 of the Naked Security Podcast. While you’ve been missing us, we’ve been working out how to improve the show and kitting out a dedicated studio. You’ll now find longer episodes with more opportunities to get involved. Send us your general cybersecurity questions and join the discussion

Researchers have found over 23 million stolen credit and debit cards up for sale on the dark web, with US consumers by far the biggest hit. Nearly two out of every three stolen cards on the sites trawled by Sixgill were issued in the US, amounting to more than 15 million. The next biggest hit country was

by Lisa Vaas It’s been confirmed: insiders said last week that Facebook would be wrist-slapped with a $5 billion fine for losing control of users’ data, and the Federal Trade Commission (FTC) said on Wednesday that yes indeed, that’s what’s happening. It’s a record-breaking penalty, but it doesn’t satisfy the “break it up” crowd –

The latest edition of nonprofit VideoLAN’s VLC media player software has what Germany agency CERT-Bund is calling a serious security flaw that allows hackers to install and run software without user knowledge, according to NewsX.  “This is just one in a long and constant stream of flaws in VLC. I absolutely would not recommend that

by Danny Bradbury Apple released fixes for various products this week, including several nasty arbitrary code execution (ACE) flaws, and a bug that has been public with proof-of-concept code for two months. CVE-2019-8656, discovered by cybersecurity researcher Filippo Cavallarin, enabled an attacker to bypass Apple’s Gatekeeper functionality with a suitably formed Zip file. Gatekeeper is

The financially motivated threat group known as FIN8 has recently reemerged after being somewhat dormant, according to new research from Gigamon’s applied threat research (ATR) team.  Researchers have published findings that show FIN8 continues to evolve and adapt its tools. As part of the threat research, ATR discovered a reverse shell from FIN8, dubbed BADHATCH,

by Paul Ducklin Most of us can recognise most spam when we see it – emails we didn’t ask for from companies we’ve never heard of selling us products we aren’t interested in at price points we simply couldn’t care less about. Having said that, a lot of spam isn’t simply unwanted email – it’s

London’s Metropolitan Police has admitted that its public-facing news platform was compromised last Friday evening, leading to the publication of a string of offensive messages on Twitter. Observers first noticed something was wrong after the Met’s Twitter feed, which has over one million followers, started to issue some bizarre messages at around 11pm. These included

by John E Dunn Have you ever bypassed a website paywall using a browser’s privacy mode? It used to be a simple hack to read an article without registering, paying, or logging in to the publisher’s website. However, it will no longer work for most subscription-based websites. At the moment, for example, visit any article