Information

ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version ESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based,…

Read More

Hybrid work and hybrid play now merge into hybrid living, but where is the line between the two? Is there one? That the COVID-19 pandemic brought a new normal to businesses, educational institutions, and our everyday lives is an understatement. Many interactions, whether work-related or personal, moved online or at least gained a virtual mirror. This virtual migration began alongside the pandemic when most people and businesses first turned to tried-and-tested communications solutions, such as…

Read More

Learning meets fun at the 2022 SANS Holiday Hack Challenge – strap yourself in for a crackerjack ride at the North Pole as I foil Grinchum’s foul plan and recover the five golden rings This is my first year participating in the SANS Holiday Hack Challenge and it was a blast. Through a series of 16 challenges ranging from easy to difficult, I practiced analyzing suspicious network traffic and PowerShell logs, writing Suricata rules, breaking…

Read More

by Paul Ducklin JWT is short for JSON Web Token, where JSON itself is short for JavaScript Object Notation. JSON is a modernish way of representing structured data; its format is a bit like XML, and can often be used instead, but without all the opening-and-closing angle brackets to get in the way of legibility. For example, data that might be recorded like this in XML… <?xml version=”1.0″ encoding=”UTF-8″?> <data> <name>Duck</name> <job> <employer>Sophos</employer> <role>NakSec</role> </job>…

Read More

by Paul Ducklin As far as we can tell, there are a whopping 2874 items in this month’s Patch Tuesday update list from Microsoft, based on the CSV download we just grabbed from Redmond’s Security Update Guide web page. (The website itself says 2283, but the CSV export contained 2875 lines, where the first line isn’t actually a data record but a list of the various field names for the rest of the lines in…

Read More

by Paul Ducklin If you’re a programmer, whether you code for a hobby or professionally, you’ll know that creating a new version of your project – an official “release” version that you yourself, or your friends, or your customers, will actually install and use – is always a bit of a white-knuckle ride. After all, a release version depends on all your code, relies on all your default settings, goes out only with your published…

Read More