Information

21 Feb

VMware Plugs Critical Carbon Black App Control Flaw

Information, News

Virtualization technology giant VMware on Tuesday pushed out a major security fix to cover a critical vulnerability in its enterprise-facing Carbon Black App Control product. A critical-severity advisory from VMware tracks the vulnerability as CVE-2023-20858 and warns that hackers can launch injection exploits to gain full access to the underlying server operating system. “A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access…

Read More
20 Feb

Twitter tells users: Pay up if you want to keep using insecure 2FA

Information

by Paul Ducklin Twitter has announced an intriguing change to its 2FA (two-factor authentication) system. The change will take effect in about a month’s time, and can be summarised very simply in the following short piece of doggerel: Using texts is insecure for doing 2FA, So if you want to keep it up you’re going to have to pay. We said “about a month’s time” above because Twitter’s announcement is somewhat ambiguous with its dates-and-days…

Read More
20 Feb

Twitter Shuts Off Text-Based 2FA for Non-Subscribers

Information, News

Elon Musk’s Twitter started a security ruckus over the weekend with the sudden decision to turn off text message/SMS method of two-factor authentication (2FA) for anyone not subscribed to its paid Twitter Blue service. “While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA…

Read More
19 Feb

GoDaddy admits: Crooks hit us with malware, poisoned customer websites

Information, Malware

by Paul Ducklin Late last week [2023-02-16], popular web hosting company GoDaddy filed its compulsory annual 10-K report with the US Securities and Exchange Commission (SEC). Under the sub-heading Operational Risks, GoDaddy revealed that: In December 2022, an unauthorized third party gained access to and installed malware on our cPanel hosting servers. The malware intermittently redirected random customer websites to malicious sites. We continue to investigate the root cause of the incident. URL redirection, also…

Read More
18 Feb

Search ads abused to spread malware – Week in security with Tony Anscombe

Information

Threat actors used search engine ads to impersonate makers of popular software and direct internet users to malicious websites This week, the ESET research team has published a report describing a malware campaign that took aim at Chinese-speaking people in Southeast and East Asia. The campaign involved malicious advertisements that appeared in Google search and lead people to fake websites that mimicked the websites of popular applications such as Firefox, WhatsApp, Signal, Skype, and Telegram,…

Read More
18 Feb

Spain Orders Extradition of British Alleged Hacker to U.S.

Information, News

Spain’s National Court has agreed to the extradition to the U.S. of a British citizen who allegedly took part in computer attacks, including the July 2020 hacking of Twitter accounts of public figures such as Joseph Biden, Barack Obama and Bill Gates. A court statement Friday said requirements had been met for handing over Joseph James O’Connor to U.S. authorities for 14 charges covering crimes such as revelation of secrets, membership of a criminal gang,…

Read More
17 Feb

These aren’t the apps you’re looking for: fake installers targeting Southeast and East Asia

Information

ESET researchers have identified a campaign using trojanized installers to deliver the FatalRAT malware, distributed via malicious websites linked in ads that appear in Google search results ESET researchers identified a malware campaign that targets Chinese-speaking people in Southeast and East Asia by buying misleading advertisements to appear in Google search results that lead to downloading trojanized installers. The unknown attackers created fake websites that look identical to those of popular applications such as Firefox,…

Read More
17 Feb

Security amidst a global frost

Information

No longer relegated to a side-show, tech is embedded into virtually every new piece of gear entering the battlefield As military and tech gather to address the frosty world defense conditions and what the intersection of technology’s role is with attendees at AFCEA West, it’s clear that the global warfighting world has changed. No longer relegated to a side-show, tech is embedded into virtually every new piece of gear entering the battlefield, and that is…

Read More
17 Feb

New Protections for Food Benefits Stolen by Skimmers

Information, Insights

Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes. On December 29, 2022, President Biden signed into law the Consolidated Appropriations Act of 2023, which — for the first time ever — includes provisions for the replacement…

Read More
17 Feb

Newly Disclosed Vulnerability Exposes EOL Arris Routers to Attacks

Information, News

Malwarebytes warns of a remote code execution vulnerability impacting several Arris routers, for which proof-of-concept (PoC) exploit code has been released. Tracked as CVE-2022-45701, the bug exists because the router firmware does not properly neutralize special characters in requests, which allowed security researcher Yerodin Richards to perform shell script command injection. The impacted models have reached end-of-life (EOL) and are no longer supported by CommScope (the company that acquired Arris), meaning that they are unlikely…

Read More