Information

25 May

Digital security for the self‑employed: Staying safe without an IT team to help

Information

Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business Approximately one in seven people in Europe and the United States are self-employed, often realizing their dream to be in charge of their own destiny and having more freedom and control over their careers. But with nominally more freedom to shape the trajectory of their future comes extra jeopardy. This often means little or no…

Read More
25 May

Ransomware tales: The MitM attack that really had a Man in the Middle

Information, Uncategorized

by Paul Ducklin It’s taken more than five years for justice to be served in this case, but the cops and the courts got there in the end. The UK law enforcement office SEROCU, short for South East Regional Organised Crime Unit, this week reported the peculiar tale of one Ashley Liles, the literal Man in the Middle whom we referred to in the headline. These days, we usually expand the jargon term MitM to…

Read More
25 May

Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations

Information, News

The 2023 State of Operational Technology and Cybersecurity Report published on Wednesday by Fortinet shows a drop in the number of intrusions at OT organizations. The report is based on a survey of 570 OT professionals, representing the manufacturing, transportation, healthcare, oil and gas, energy, chemical, and water sectors in countries such as the US, Canada, Australia, Brazil, Mexico, the UK, France, Germany, Japan, India, South Africa, and Egypt. A vast majority of the respondents…

Read More
24 May

Android app breaking bad: From legitimate screen recording to file exfiltration within a year

Information

ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio ESET researchers have discovered a trojanized Android app that had been available on the Google Play store with over 50,000 installs. The app, named iRecorder – Screen Recorder, was initially uploaded to the store without malicious functionality on September 19th, 2021. However, it appears that malicious functionality was later implemented, most likely in version 1.3.8, which…

Read More
24 May

PyPI open-source code repository deals with manic malware maelstrom

Information, Malware

by Paul Ducklin Public source code repositories, from Sourceforge to GitHub, from the Linux Kernel Archives to ReactOS.org, from PHP Packagist to the Python Package Index, better known as PyPI, are a fantastic source (sorry!) of free operating systems, applications, programming libraries, and developers’ toolkits that have done computer science and software engineering a world of good. Most software projects need “helper” code that isn’t a fundamental part of the problem that the project itself…

Read More
24 May

White House Unveils New Efforts to Guide Federal Research of AI

Information, News

The White House on Tuesday announced new efforts to guide federally backed research on artificial intelligence as the Biden administration looks to get a firmer grip on understanding the risks and opportunities of the rapidly evolving technology. Among the moves unveiled by the administration was a tweak to the United States’ strategic plan on artificial intelligence research, which was last updated in 2019, to add greater emphasis on international collaboration with allies. White House officials…

Read More
23 May

Phone scamming kingpin gets 13 years for running “iSpoof” service

Information

by Naked Security writer In November 2022, we wrote about a multi-country takedown against a Cybercrime-as-a-Service (CaaS) system known as iSpoof. Although iSpoof advertised openly for business on a non-darkweb site, reachable with a regular browser via a non-onion domain name, and even though using its services might technically have been legal in your country (if you’re a lawyer, we’d love to hear your opinion on that issue once you’ve seen the historical website screenshots…

Read More
22 May

Interview With a Crypto Scam Investment Spammer

Information, Insights

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon communities to temporarily halt new registrations. According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code. Renaud…

Read More
22 May

GAO Tells Federal Agencies to Fully Implement Key Cloud Security Practices

Information, News

A new US Government Accountability Office (GAO) report shows that the Departments of Agriculture, Homeland Security (DHS), Labor, and the Treasury have not fully implemented six key cloud security practices for their systems. According to the 60-page GAO report (PDF), only one agency fully implemented four practices for most of its systems, while three other agencies fully implemented three practices for their systems. The remaining practices, GAO says, were either partially implemented or not implemented…

Read More
22 May

Samsung Smartphone Users Warned of Actively Exploited Vulnerability

Information, News

Samsung smartphone users have been warned by the vendor and the US Cybersecurity and Infrastructure Security Agency (CISA) about a recently patched vulnerability being exploited in attacks. The flaw in question is CVE-2023-21492, described as a kernel pointer exposure issue related to log files. The security hole can allow a privileged local attacker to bypass the ASLR exploit mitigation technique. This indicates that it has likely been chained with other bugs. Samsung patched CVE-2023-21492 with…

Read More