Security

Weekly cyber-attacks have increased worldwide by 7% in Q1 2023 compared to the same period last year, with each firm facing an average of 1248 attacks per week. The figures come from Check Point’s latest research report, which also suggests that the education and research sector experienced the highest number of attacks, rising to an

by Paul Ducklin Researchers at dark web monitoring company Cyble recently wrote about a data-stealing-as-a-service toolkit that they found being advertised in an underground Telegram channel. One somewhat unusual aspect of this “service” (and in this context, we don’t mean that word in any sort of positive sense!) is that it was specifically built to

A UK secondary school has confirmed it was hit by a cyber-incident affecting its IT network. Hardenhuish School in Chippenham, Wiltshire, confirmed the attack on Thursday, saying hackers gained access to network infrastructure and then demanded a ransom for restoring access. At the time of writing, it is unclear whether the school paid the ransom,

by Naked Security writer A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google. Google, it seems, decided to use its size, influence and network data to say, “No more!”, based on evidence it had collected

An Ohio man has been sentenced to four years and three months behind bars after stealing 712 bitcoin ($21m), which were seized by investigators following the arrest of his brother. Gary James Harmon, 31, of Cleveland, stole the cryptocurrency, which was the subject of “pending criminal forfeiture proceedings” in the case of his sibling, Larry

by Paul Ducklin 2FA, HACKING, AND PATCHING No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our

Microsoft has claimed that recent attacks exploiting two vulnerabilities in the PaperCut print management software are likely the result of a Clop ransomware affiliate. The two bugs in question are CVE-2023–27350 – a critical unauthenticated remote code execution flaw – and CVE-2023–27351 – a high severity unauthenticated information disclosure flaw. The former has a CVSS

by Paul Ducklin The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. To explain, a 2FA (two-factor authentication) app is one of those programs that you run on your

Security researchers have discovered a high-severity vulnerability in the Service Location Protocol (SLP) which could be exploited to launch among the largest DDoS amplification attacks ever seen. BitSight and Curesec said the CVSS 8.6-rated bug CVE-2023-29552 could enable attackers to launch reflective amplification attacks with a factor as high as 2200 times. SLP was created

by Paul Ducklin We’ll be honest, and admit that we hadn’t heard of the printer management software PaperCut until this week. In fact, the first time we heard the name was in the context of cybercriminality and malware attacks, and we naively assumed that “PaperCut” was what we like to call a BWAIN. A BWAIN

The US Department of Justice’s (DoJ) approach to disrupting and preventing cybercrime was laid bare by Lisa Monaco, Deputy Attorney General of the United States, during the opening keynote session at the RSA 2023 conference. Monaco highlighted that in recent years the DoJ has evolved its approach to tackling surging cyber-threats to the government and

by Paul Ducklin If you’re a Google Chrome or Microsoft Edge browser fan, you’re probably getting updates automatically and you’re probably up to date already. However… …just in case you’ve missed any updates recently, we suggest you go and check right now, because the Chromium browser core, on which both Edge and Chrome are based,

Siloed teams, point solutions and cloud ecosystem complexity are making it more likely that software vulnerabilities slip into production, CISOs have admitted. Observability specialist Dynatrace polled 1300 global CISOs in large organizations with more than 1000 employees to compile its 2023 Global CISO Report. Over two-thirds (68%) of respondents said that vulnerability management is more

The attack tool known as Evil Extractor and developed by a company called Kodex as an “educational tool,” has been used by threat actors to target Windows-based machines. The claims come from Fortinet security researchers and were described in an advisory published on Thursday. “[We] observed this malware in a phishing email campaign [disguised as account

China is well on its way to developing capabilities to hijack and sabotage enemy satellites, as part of efforts to become the pre-eminent power in space by 2045, according to leaked US documents. The intelligence comes from the recently leaked Pentagon trove traced to a 21-year-old cyber official at the US Air National Guard. Read

Several leading government security agencies have published new advice for smart city stakeholders designed to help them build protections into new systems from the outset. Cybersecurity Best Practices for Smart Cities was published by the UK’s National Cyber Security Centre (NCSC), the US Cybersecurity and Infrastructure Security Agency (CISA) and their equivalents in Canada, Australia

by Paul Ducklin LOOPING THE LOOP No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS

Security researchers have discovered a new malicious software library capable of collecting lists of installed applications, a history of Wi-Fi and Bluetooth device information as well as nearby GPS location data. Dubbed Goldoson by McAfee’s Mobile Research Team, the library can also load web pages without user awareness and perform advertisement fraud by clicking on

by Paul Ducklin We’ve said this before, but we’ll repeat it again here: Imagine that you’d spoken in what you thought was total confidence to a psychotherapist, but the contents of your sessions had been saved for posterity, along with precise personal identification details such as your unique national ID number, and perhaps including additional

The state of Montana in the US has become the first to pass legislation banning TikTok on personal devices. The bill, SB 419, passed by a vote of 54 to 43, mentions several concerns about TikTok, such as alleged surveillance from the Chinese government as well as the encouragement of “dangerous activities” among youth using the app.

by Paul Ducklin If you’d never heard the cybersecurity jargon word “juicejacking” until the last few days (or, indeed, if you’d never heard it at all until you opened this article), don’t get into a panic about it. You’re not out of touch. Here at Naked Security, we knew what it meant, not so much

Automotive manufacturer Hyundai has recently disclosed a breach that has affected an unspecified number of Italian and French car owners as well as individuals who booked a test drive. The company notified affected individuals via email. Several of them posted a screenshot of the message on Twitter earlier this week. “I am sorry to inform

The “Read The Manual” (RTM) Locker group has been observed targeting corporate environments with ransomware and forcing their affiliates to follow a strict set of rules. According to an advisory published on Thursday by Trellix cybersecurity experts, the businesslike approach of the group (also observed in other threat actors, such as Conti) shows its organizational maturity.

Several cybersecurity organizations worldwide have jointly published a new series of guidelines to aid manufacturers in prioritizing cybersecurity practices while designing products. The paper was developed by the US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the cybersecurity authorities of Australia, Canada, the UK,

by Paul Ducklin Last week, we warned about the appearance of two critical zero-day bugs that were patched in the very latest versions of macOS (version 13, also known as Ventura), iOS (version 16), and iPadOS (version 16). Zero-days, as the name suggests, are security vulnerabilities that were found by attackers, and put to real-life

The Iowa Department of Health and Human Services (HHS) in the US confirmed on Tuesday that the personal data of 20,800 Iowans who receive Medicaid was exposed due to a cyber-attack. According to the department, the Iowa Medicaid system itself was not compromised. Instead, the breach was due to an attack on a contractor’s computer systems

by Paul Ducklin I’M SORRY, DAVE, I’M AFRAID… SORRY, MY MISTAKE, I CAN DO THAT EASILY No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts

The US Cybersecurity and Infrastructure Security Agency (CISA) published the second version of its Zero Trust Maturity Model on Tuesday, which incorporates recommendations from a public comment period. The updated guidelines aim to further the federal government’s progress toward a zero trust approach to cybersecurity in support of the new National Cybersecurity Strategy. Read more