The UK’s National Cyber Security Center (NCSC) has outlined the creation of a new protective domain name service (PDNS) solution in partnership with Nominet, the official registry for UK domain names. The service, named PDNS Digital Roaming, is designed to enhance the security of public sector staff working from home as a result of the COVID-19
Month: January 2021
by Paul Ducklin You probably don’t need to be told what sort of products were on offer at an online retail site called DarkMarket. As you can imagine, it operated on the so-called dark web, and you’d have needed the Tor browser to access it, using a special web address ending in .onion. Onion addresses
Your ‘networked computer on wheels’ has a privacy problem – when it comes to your data, you may not really be in the driver’s seat The CES 2021 conference heralds the natural progression of car-spying apps built directly into the car and tied directly to insurance companies. Originally slated to assist drivers in an emergency,
Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts
Global IT innovator NTT DATA and payments technology provider Conferma Pay have announced a partnership to bring secure, digital virtual payment communications to hotels. The news comes at a time when more and more companies are seeking to implement contact-free payment processes to help reduce the spread of COVID-19 whilst also bolstering payment security and
by Paul Ducklin We explain how two French researchers hacked the Google Titan security key product (but why you don’t need to panic), and dig into the Mimecast certificate compromise story to see what we can all learn from it. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro and outro music: Edith Mudge. LISTEN
The documents related to COVID-19 vaccine and medications were stolen from the EU’s medicines agency last month The European Medicines Agency (EMA), which evaluates and approves medicines for the European Union (EU), has disclosed that cybercriminals have posted online a portion of the documents that are related to COVID-19 vaccines and were stolen in a
Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubbed “Operation Spalax” — began in 2020, with the modus operandi sharing some similarities
Mimecast has disclosed that some of its customers have been targeted by an advanced attack designed to compromise their Microsoft 365 (M365) environments. The security vendor said in a brief statement yesterday that a “sophisticated threat actor” obtained one of its certificates used to authenticate Mimecast Sync and Recover, Continuity Monitor and IEP products to Microsoft
Co-authored by Sally Adam and Doug Aamoth Many pupils are starting their new school term from home rather than the classroom. For families with younger kids, home schooling is often the first time that their children have needed to use computers (rather than gaming consoles) in earnest. Whether you’re new to home schooling, going back to it after a break, or an old hand, it’s worth
ESET researchers uncover attacks targeting Colombian government institutions and private companies, especially from the energy and metallurgical industries In 2020 ESET saw several attacks targeting Colombian entities exclusively. These attacks are still ongoing at the time of writing and are focused on both government institutions and private companies. For the latter, the most targeted sectors
Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker’s newly announced 11th generation Core vPro business-class processors. The hardware-based security enhancements are baked into Intel’s vPro platform via its Hardware Shield and Threat Detection Technology (TDT), enabling profiling and detection of ransomware and other threats that have an impact on the CPU
Social media company Twitter has cited the recent protests at the United States’ Capitol building in its decision to permanently suspend tens of thousands of user accounts. On January 6, protestors forced their way into the Capitol building, interrupting a Joint Session of Congress in which the results of the 2020 US presidential election were
by Paul Ducklin Here’s our latest Naked Security Live talk, explaining why HTTPS is vital, even if you’re publishing public data that isn’t confidential. Thats because HTTPS isn’t just about the confidentiality of the data you browse to – it’s also about improving your privacy in respect of what you chose to look at, when
Fraudsters are quick to exploit current events for their own gain, but many schemes do the rounds regardless of what’s making the news. Here are 5 common scams you should look out for. Cybercriminals can be very creative when it comes to swindling people out of money. They will use a variety of methods to
Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Portal, a Muslim prayer-clock app called Pakistan Salat Time, Mobile Packages Pakistan, Registered SIMs Checker, and TPL
Bridewell Consulting has announced the appointment of Martin Riley as its director of managed security services. Riley, who has joined Bridewell’s board from today, is tasked with leading the expansion of the cybersecurity and data privacy consultancy’s managed security service (MSS) portfolio. This includes its 24/7 security operations center (SOC) and managed detection and response (MDR)
by Paul Ducklin In July 2018, after many years of using Yubico security key products for two-factor authentication (2FA), Google announced that it was entering the market as a competitor with a product of its own, called Google Titan. Security keys of this sort are often known as FIDO keys after the Fast IDentity Online
Cybersecurity researchers, for the first time, may have found a potential connection between the backdoor used in the SolarWinds hack to a previously known malware strain. In new research published by Kaspersky researchers today, the cybersecurity firm said it discovered several features that overlap with another backdoor known as Kazuar, a .NET-based malware first documented
A cyber-attack on a Vermont healthcare provider has delayed the rollout of an electronic health record (EHR) system and cost millions of dollars in lost revenue. The University of Vermont Health Network, which is based in Burlington, was hit by ransomware in October 2020, and is yet to make a full recovery. Most computer systems have
The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. “On December 24, 2020, the Department of Justice’s Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global
A Russian hacker who was instrumental in one of the largest thefts in history of US customer data from a single financial institution has been sentenced to prison. Moscow resident Andrei Tyurin, also known as Andrei Tiurin, was part of an international hacking campaign that compromised the computer systems of major financial institutions, brokerage firms, news agencies,
Successful exploitation of some of these flaws could allow attackers to take control of vulnerable systems Google and Mozilla are each urging users to patch serious vulnerabilities in their respective web browsers, Chrome and Firefox, that could be exploited to allow threat actors to take over users’ systems. The security fixes will be rolled out
Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication (2FA) device can clone it by exploiting an electromagnetic side-channel in the chip embedded in
The notorious Emotet Trojan is back at the top of the malware charts, having had a makeover designed to make it more effective at escaping detection. Check Point’s newly released Global Threat Index for December 2020 revealed that the malware variant bounced back from fifth place in November. It now accounts for 7% of malware
by Paul Ducklin Towards the end of 2020, a researcher at Dutch cybersecurity company EYE was taking a look at the firmware of a Zyxel network router. He examined the password database that shipped in the firmware and noticed an unusual username of zyfwp. That name didn’t show up in the official list of usernames
Many users have until February 8 to accept the new rules – or else lose access to the app In a major update to its Privacy Policy and Terms of Service, WhatsApp is notifying users in many parts of the world that as of February 8 it will share some of their data with Facebook,
A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government. Attributing the attack to APT37 (aka Starcruft, Ricochet Chollima, or Reaper), Malwarebytes said it identified a malicious document last December that, when opened, executes a macro in memory to install the aforementioned remote
Enterprise security firm Panaseer has announced the appointment of Jonathan Gill as its new CEO. Gill succeeds Panaseer founder Nik Whitfield in the role, with Whitfield becoming chairman and chief seer of the organization. Gill brings a proven record of accomplishment in both leadership and sales, with previous roles including VP EMEA at RSA Security,
by Paul Ducklin We advise you how to react when a friend suddenly asks for money, explain why Chromium is finally aiming for HTTPS by default, and warn you why you should never, ever hardcode passwords into your software. With Kimberly Truong, Doug Aamoth and Paul Ducklin. Intro and outro music: Edith Mudge. LISTEN NOW