by Paul Ducklin Many, if not most, organisations will tell you that they have processes and procedures that they follow when employees leave. In particular, most companies have a slick and quick procedure for removing ex-staff from the payroll. Firstly, it doesn’t make economic sense to pay someone who is no longer entitled to the
admin
An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information. The campaign hinges on a social engineering trick that involves sending emails to potential victims containing fake Office 365 password expiration
A man from Texas has been convicted of operating a website dedicated to publishing stories detailing the sexual abuse of children. Brewster County resident Thomas Alan Arthur was convicted by a federal jury on January 21 following a trial that lasted three days. According to trial evidence, the 64-year-old started operating a website called Mr. Double in
by Paul Ducklin Here’s our latest Naked Security Live talk, where we talk about the difference between online “secrets” that aren’t really secret but were hidden away to be found as a bit of fun… …and genuine secrets, such as passwords and encryption keys, that get “hidden” away in apps or websites in the hope
In 1982, when SMTP was first specified, it did not contain any mechanism for providing security at the transport level to secure communications between mail transfer agents. Later, in 1999, the STARTTLS command was added to SMTP that in turn supported the encryption of emails in between the servers, providing the ability to convert a
A former home security technician has admitted habitually hacking into customers’ home surveillance cameras to spy on people without their consent. Telesforo Aviles accessed the accounts of around 200 customers more than 9,600 times over a period of four and half years while employed by security company ADT. The 35-year-old carried out the cyber-intrusions for
Cybersecurity researchers have warned of a publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager (SolMan) version 7.2 SAP SolMan is an application management and administration solution that offers end-to-end application lifecycle
The European Data Protection Board has issued new advice to hospitals regarding what action to take in the event of a cyber-attack. Currently released in draft form, the new set of recommendations urges healthcare providers hit with ransomware to report the attack even if no patient data is accessed or exfiltrated. The guidelines state: “The internal documentation
by Paul Ducklin Remember Apple’s TouchID sensor, which created quite a stir way back in 2013 when the iPhone 5s came out with a home button that could also read your fingerprint? It wasn’t that having a fingerprint scanner was a new thing, even in 2013, but that the integration of the home button and
Here’s how to spot scams where criminals use deceptive text messages to hook and reel in their marks Have you ever received a text message from a delivery company that you are familiar with and never for a moment questioned it? Why would you? We now order so much online and all those delivery notifications
More details have emerged about a security feature bypass vulnerability in Windows NT LAN Manager (NTLM) that was addressed by Microsoft as part of its monthly Patch Tuesday updates earlier this month. The flaw, tracked as CVE-2021-1678 (CVSS score 4.3), was described as a “remotely exploitable” flaw found in a vulnerable component bound to the
The effectiveness of offensive capabilities in deterring nation state actors was discussed by a panel during the recent ‘RSAC 365 Innovation Showcase: Cyber Deterrence’ webinar. Chair of the session, Jonathan Luff, co-founder at Cylon, observed that now is the ideal time to be asking if and when offensive strikes should be used following the Russian
by Paul Ducklin Hidden messages, features or jokes in apps and websites are commonly known in hacker jargon as easter eggs, because they’re supposed to be found and enjoyed, but they’re not supposed to be immediately obvious. One of the most famous easter eggs in commercial software history – if not the most complex –
Another in our occasional series demystifying Latin American banking trojans Vadokrist is a Latin American banking trojan that ESET has been tracking since 2018 and that is active almost exclusively in Brazil. In this installment of our series, we examine its main features and some connections to other Latin American banking trojan families. Vadokrist shares
Amazon has addressed a number of flaws in its Kindle e-reader platform that could have allowed an attacker to take control of victims’ devices by simply sending them a malicious e-book. Dubbed “KindleDrip,” the exploit chain takes advantage of a feature called “Send to Kindle” to send a malware-laced document to a Kindle device that,
Fourteen people have been arrested in France as part of a nationwide sweep to combat the sexual exploitation of children online. The arrests were made by the French Gendarmerie (Gendarmerie nationale) with the support of Europol as part of an operation that was code-named Horus. All suspects were taken into custody between November 16 and
by Paul Ducklin Anonymous and private, yet busted – we explain how darkweb sites sometimes keep your secrets… and sometimes don’t. We help you improve your cybersecurity at home. And we tell you the tale of a company with a cool name but allegedly with creepy habits coded into its browser extensions. With Kimberly Truong,
Security flaws in a widely used DNS software package could allow attackers to send users to malicious websites or to remotely hijack their devices Millions of devices could be vulnerable to Domain Name System (DNS) cache poisoning and remote code execution attacks due to seven security flaws in dnsmasq, DNS forwarding and caching software commonly found
A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran. The attribution was made possible due to an operational security oversight, said researchers from cybersecurity firm Sophos, that led to the company’s name inadvertently