0 Comments
The United States has imprisoned a woman who admitted conspiring with her husband to steal secret research from an Ohio’s children’s hospital and selling the stolen data to China. Hospital researcher Li Chen pleaded guilty in July 2020 to conspiring to commit wire fraud and to stealing scientific trade secrets related to exosomes and exosome isolation from Nationwide Children’s
0 Comments
ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia During 2020, ESET research reported various supply-chain attacks, such as the case of WIZVERA VeraPort, used by government and banking websites in South Korea, Operation StealthyTrident compromising the Able Desktop chat software used by several Mongolian government agencies, and
0 Comments
Security researchers on Tuesday uncovered new delivery and evasion techniques adopted by Agent Tesla remote access trojan (RAT) to get around defense barriers and monitor its victims. Typically spread through social engineering lures, the Windows spyware not only now targets Microsoft’s Antimalware Scan Interface (AMSI) in an attempt to defeat endpoint protection software, it also
0 Comments
Police in Greece are to be issued new devices that will allow them to carry out real-time facial recognition and fingerprint identification while out on the beat.  The plan to disseminate the new technology is part of the 4.5 million euro “Smart Policing” project announced in 2017 that aims to identify and verify the identity of citizens
0 Comments
Cybersecurity researchers today disclosed a new supply chain attack compromising the update mechanism of NoxPlayer, a free Android emulator for PCs and Macs. Dubbed “Operation NightScout” by Slovak cybersecurity firm ESET, the highly-targeted surveillance campaign involved distributing three different malware families via tailored malicious updates to selected victims based in Taiwan, Hong Kong, and Sri
0 Comments
An end-to-end multicloud technology solutions company based in Texas has been recognized for achieving workplace equality for a fourth consecutive year. Rackspace Technology announced today that it received a score of 100 on the Human Rights Campaign (HRC) Foundation’s 2021 Corporate Equality Index (CEI) and was named as one of the “Best Places to Work for
0 Comments
The organizers of an English beauty pageant established over nine decades ago are being held to ransom by cyber-criminals. The Daily Mail reports that malicious hackers targeted the organizers of Miss England on Tuesday night with a sophisticated online scam.  Pageant organizer and former Miss England Angie Beasley was sent what appeared to be an authentic message from the
0 Comments
As schools and students continue to contend with the very real cyber-risks of virtual classrooms, we share some advice for protecting children’s data and privacy The COVID-19 pandemic is still here, with pupils and students still soldiering on mostly remotely and focusing on their education from the confines of their houses. While another semester studying
0 Comments
The pressure on small to medium-sized enterprises to protect their organizations against cyberthreats is astronomical. These businesses face the same threats as the largest enterprises, experience the same (relative) damages and consequences when breaches occur as the largest enterprises but are forced to protect their organizations with a fraction of the resources as the largest
0 Comments
A retired Nevada cop who headed up a Cyber Crimes Unit has been charged with burglary, bigamy, and forgery.  Former Washoe County Sheriff’s deputy Dennis Carry was arrested on Tuesday on seven different felony counts following a two-year investigation by the Reno Police Department.  The 46-year-old was previously in charge of the Cyber Crimes Unit at the Washoe County
0 Comments
by Paul Ducklin If you’re a user of the venerable, powerful and popular open source programming language Perl, you’ll almost certainly have visited its official website at some point, at: https://perl.org. You may very well also have visited its sister site perl.com, which until very recently looked like this: Main page of perl.com on 2021-01-25,
0 Comments
The law enforcement action is one of the most significant operations against cybercriminal enterprises ever Europol has announced the disruption of the Emotet botnet, one of the longest-lived and most pervasive malware threats, following a large-scale operation that also included a number of national law enforcement agencies across Europe and North America. Authorities in the
0 Comments
The United States Department of Justice has launched a global law enforcement action against a cyber-criminal gang that has made millions by selling ransomware-as-a-service (RaaS). A coordinated international law enforcement action to disrupt NetWalker was announced by the Department yesterday. NetWalker ransomware has claimed numerous victims, including companies, municipalities, hospitals, law enforcement departments, emergency services, school districts,
0 Comments
by Harriet Stone Harriet Stone Hello, Naked Security readers. I’m Harriet Stone, an intern in the Sophos marketing team. Seven months of working (virtually) with cybersecurity professionals has made me realise just how unaware many students are when it comes to their online security. Even before the COVID-19 pandemic drove a switch to online learning,
0 Comments
Researchers have disclosed a new family of Android malware that abuses accessibility services in the device to hijack user credentials and record audio and video. Dubbed “Oscorp” by Italy’s CERT-AGID, the malware “induce(s) the user to install an accessibility service with which [the attackers] can read what is present and what is typed on the
0 Comments
by Paul Ducklin Apple, rather unusually in today’s cybersecurity world, rarely announces that security fixes are on the way. There’s no equivalent of Microsoft’s Patch Tuesday, which is a regular and predictable fixture in anyone’s cybersecurity calendar; there’s no “new version every fourth Tuesday” as there is with Firefox; there’s no predetermined quarterly schedule for
0 Comments
“Download This application and Win Mobile Phone”, reads the message attempting to trick users into downloading a fake Huawei app Android users should watch out for new wormable malware that spreads through WhatsApp and lures the prospective victims into downloading an app from a website masquerading as Google Play. ESET malware researcher Lukas Stefanko looked
0 Comments
Cybersecurity researchers today disclosed an unpatched vulnerability in Microsoft Azure Functions that could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. The findings come as part of Intezer Lab‘s investigations into the Azure compute infrastructure. Following disclosure to Microsoft, the Windows maker is said to have
0 Comments
Summary In response to the SolarWinds supply chain compromise, the U.S. National Security Agency (NSA) published an advisory describing advanced techniques that threat actors can use to maintain persistent access to compromised cloud tenants and exfiltrate sensitive data. Most of the public commentary about this advisory has focused on the theft of Active Directory Federation
0 Comments
Multi-cloud and multi-ERP managed cloud services provider Syntax released its first ever “IT Trends Report” today. The report is based on an October 2020 survey of 500 IT leaders and decision makers in the US who were asked to describe how the COVID-19 pandemic had impacted their businesses and to share the strategic decisions they plan to make in