CyberSecurity Updates

18 Nov

Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware

Information, Malware, News

A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns. DEV-0569 has been relying on malicious ads (malvertising), blog comments, fake forum pages, and phishing links for the distribution of malware. Over the past few months, however, Microsoft noticed that the threat actor has started using contact forms to deliver phishing links, while choosing to host fake installers on legitimate-looking software…

Read More
18 Nov

Ukrainian Hacker Sought by US Arrested in Switzerland: Report

Information, News

A Ukrainian hacker sought by US authorities for a decade was arrested last month in Switzerland, the specialist website Krebs on Security reported. Vyacheslav Igorevich Penchukov, 40, was arrested in the Swiss canton of Geneva on October 23 while visiting his wife, the site reported. Swiss authorities confirmed to the news website Watson the arrest of a Ukrainian national sought by US authorities who is refusing extradition, but did not identify the suspect by name.…

Read More
18 Nov

Noname Security releases Recon attack simulator

Data Breaches, Malware, Social Engineering

As breaches increase and companies scramble to go from a defensive to an offensive approach, API-focused Noname Security has launched Recon, whice simulates an attacker performing reconnaissance on an organization’s domains. Recon works from a root-level domain to find other domains, shadow domains, sub-domains, APIs, vulnerabilities, and public issues that put the organization at risk, according to Noname. “Then we start looking at, both actively and passively looking at any API-related information pertaining to those…

Read More
17 Nov

Researchers Quietly Cracked Zeppelin Ransomware Keys

Information, Insights

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. After two weeks of stalling their extortionists, Peter’s bosses were ready to capitulate and pay the ransom demand. Then came the unlikely call from an FBI…

Read More
17 Nov

Open banking: Tell me what you buy, and I’ll tell you who you are

Information

The convenience with which you manage all your financial wants and needs may come at a cost Since becoming more common in the mid-2010s, mobile banking apps have continued to grow in popularity and have ultimately become highly versatile tools for almost all things money-related. We use our phones to shop, pay for services, transfer our money, apply for personal loans or even take out insurance – all while staying on top of our spending.…

Read More
17 Nov

Black Friday and retail season – watch out for PayPal “money request” scams

Information

by Paul Ducklin Given that we’re getting into peak retail season, you’ll find cybersecurity warnings with a “Black Friday” theme all over the internet… …including, of course, right here on Naked Security! As regular readers will know, however, we’re not terribly keen on online tips that are specific to Black Friday, because cybersecurity matters 365-and-a-quarter days a year. Don’t take cybersecurity seriously only when it’s Thanksgiving, Hannukah, Kwanzaa, Christmas or any other gift-giving holiday, or…

Read More
17 Nov

S3 Ep109: How one leaked email password could drain your business

Information

by Paul Ducklin DON’T LET ONE LOUSY EMAIL PASSWORD SINK THE COMPANY Microsoft’s tilt at the MP3 marketplace. Apple’s not-a-zero-day emergency. Cracking the lock on Android phones. Browser-in-the-Browser revisited. The Emmenthal cheese attack. Business Email Compromise and how to prevent it. Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to…

Read More
17 Nov

DDoS Attacks Targeting Game Servers Using Updated Version of RapperBot

Attacks, Malware

Since 2021, the list of commonly used credentials in brute-forcing attempts has not changed. Those looking to prevent becoming victims of these styles of attacks should make updates to firmware regularly. Strong and unique passwords should also take the place of the default passwords and devices should be placed behind a firewall if applicable. https://www.bleepingcomputer.com/news/security/updated-rapperbot-malware-targets-game-servers-in-ddos-attacks/

Read More
17 Nov

U.S. Charges Russian Suspects with Operating Z-Library e-Book Site

Attacks, Malware

Global law enforcement cooperation has become the most efficient and effective way to combat international cyber-attacks. FBI director Christopher Wray acknowledged this in a recent statement to the House Homeland Security Committee. “The FBI, using its role as the lead federal agency for threat response, with its law enforcement and intelligence responsibilities, works seamlessly with domestic and international partners to defend their networks, attribute malicious activity, sanction bad behavior, and take the fight to our…

Read More
17 Nov

CISA, NSA, and ODNI Release Guidance for Customers on Securing the Software Supply Chain 

Attacks, Insights, Malware

Original release date: November 17, 2022 | Last revised: November 18, 2022 Today, CISA, the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), published the third of a three-part series on securing the software supply chain: Securing Software Supply Chain Series – Recommended Practices Guide for Customers. This publication follows the August 2022 release of guidance for developers and October 2022 release of guidance for suppliers. The guidance released…

Read More