Security

0 Comments
An APAC marine services multi-national appears to have become the latest victim of the prolific Clop ransomware gang. Swire Pacific Offshore (SPO) has provided crew and ships for specialized tasks such as anchor handling, platform supply and seismic surveys for over 45 years. However, its name recently appeared on the extortion site of the Clop
0 Comments
UK schools are being encouraged to sign-up to a revamped cybersecurity competition designed to improve diversity in the sector. The CyberFirst Girls Competition is the National Cyber Security Centre’s flagship event for schools. Since 2017 more than 43,000 girls aged 12-13 have taken part in a series of cybersecurity challenges. However, the 2022 edition will see some
0 Comments
“AI will revolutionize every aspect of connectivity,” was the bold message delivered during a recent webinar by the IDC titled ‘AI with everything – the future of Artificial Intelligence in Networking.‘  The synopsis of the webinar argued that artificial intelligence (AI) is changing how networks are built and operated in the most profound of ways. Additionally, IT
0 Comments
Service providers have suspended over 20 websites in Germany and the UK for disseminating online terrorist propaganda, Europol has revealed. In the last week of October, a referral action targeted 50 sites that police flagged for promoting violent jihadist ideology in support of terrorist groups such as the Islamic State (IS) and al-Qaeda. Police requested
0 Comments
by Paul Ducklin [00’27”] Cybersecurity tips for the holiday season and beyond. [02’20”] Fun fact: The longest-lived Windows version ever. [03’40”] Exchange at risk from public exploit. [10’34”] GoDaddy loses passwords for 1.2m users. [18’25”] Tech history: What do you mean, “It uses a mouse?” [20’25”] Don’t make your cookies public! [27’51”] Oh! No! DDoS
0 Comments
A website, initially set up by graduates to offer IT support, has caught a criminal after a woman used it to try to arrange the murder of her ex-husband.  RentaHitman.com is a darkly titled domain set up by a group of friends after they graduated from a California business school with degrees in IT.  The site’s operator,
0 Comments
More than four-fifths (81%) of UK retailers are putting their customers at risk of email fraud by not implementing the recommended level of domain-based message authentication, reporting and conformance (DMARC) protection. This is according to a new study by Proofpoint, which warned of a likely surge in fraudulent emails targeting online shoppers ahead of this year’s Black
0 Comments
The largest theft of Bitcoin from a single individual was allegedly perpetrated by a Canadian teenager. An unnamed youth was arrested last week on suspicion of stealing crypto-currency worth approximately $36.5m from an unnamed victim who is located in the United States.  It is alleged that the defendant used a SIM swapping attack to gain access to
0 Comments
The United States has charged two Iranian computer hackers in connection with a cyber-campaign intended to influence the outcome of America’s 2020 presidential election. An indictment unsealed in New York on Thursday alleges that 24-year-old Seyyed Mohammad Hosein Musa Kazemi and 27-year-old Sajjad Kashian conspired with others to intimidate and influence American voters, undermine voter confidence, and
0 Comments
A British man has admitted being a member of an international video piracy ring that illegally distributed “nearly every movie released by major production studios.” On Thursday, before United States District Judge Richard M. Berman, George Bridi pleaded guilty to conspiracy to commit copyright infringement, which carries a maximum sentence of five years in prison. Bridi, who
0 Comments
by Paul Ducklin [00’52”] Fun Fact: The dawn of the transistor [01’37”] Emotet malware: “The report of my death was an exaggeration” [08’26”] FBI email hack spreads fake security alerts [15’19”] Tech history: Why tubes are valves, and valves are tubes [16’44”] Samba update patches plaintext password plundering [22’24”] The hijackable self-driving robot suitcase [30’22”]
0 Comments
Entertainment company Sky took more than 17 months to fix a security flaw that impacted roughly six million routers belonging to its customers.  The DNS rebinding vulnerability was discovered in May 2020 by Raf Fini, a researcher at British cybersecurity company Pen Test Partners.  Six router models were affected by the flaw: Sky Hub 3, Sky Hub 3.5,
0 Comments
A threat actor believed to be associated with the Democratic People’s Republic of Korea (DPRK) has a certain fondness for repetition, according to new research published today. In the report Triple Threat: North Korea–Aligned TA406 Scams, Spies, and Steals, researchers at Proofpoint shine a light on the nefarious activity of the threat actor TA406, whose campaigns they have
0 Comments
by Paul Ducklin Tommy Mysk and Talal Haj Bakry describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not taking application or operating system security features for granted, but keeping their own eyes
0 Comments
The United States has announced plans to sell tens of millions of dollars’ worth of seized crypto-currency to compensate victims of fraud. On Friday, US District Judge Todd Robinson granted a request from the US Department of Justice and the US Attorney’s Office for the Southern District of California for authority to liquidate BitConnect crypto-currency
0 Comments
Cybersecurity professionals are unsurprised by the apparent return of Emotet malware.  First discovered as a banking trojan in 2014, the malware evolved into a powerful tool deployed by cyber-criminals around the world to illegally access computer systems.  The malware’s creators — APT group TA542 — hired Emotet out to other cyber-criminals, who used it to
0 Comments
A cyber-safety platform has found a humorous way to warn the American public how to spot a gift card scam ahead of the holiday season.  ScamSpotter.org has made a series of amusing videos in which some of the ridiculous storylines deployed by gift card scammers are played out by actors.  In one Hollywood blockbuster–style dramatization, a
0 Comments
Spain’s second-biggest brewery says it expects to fully recover from a “highly complex” cyber-attack “in the coming days.”  Sociedad Anónima Damm, which has been making the world-renowned Estrella Damm lager since 1876, was targeted by cyber-criminals on Tuesday.  The attack on the company’s computer systems temporarily halted production at all of Damm’s breweries. However, the main brewery
0 Comments
by Naked Security writer Well-known email tracking organisation Spamhaus, which maintains lists of known senders of spams and scams, is warning of a fraudulent “FBI/Homeland Security” alert that has apparently been widely circulated to network administrators and other IT staff in North America. Indeed, some of our own colleagues have reported receiving messages like this:
0 Comments
A Russian cyber-criminal has been sent to prison in the United States for defrauding American companies out of millions of dollars. Aleksandr Zhukov ran a sophisticated digital advertising scam through purported advertising network Media Methane. In June, he was convicted of wire fraud conspiracy, wire fraud, money laundering conspiracy, and money laundering. Zhukov, the self-styled “king of
0 Comments
A program set up to teach cybersecurity skills to autistic and neurodiverse young people in the United Kingdom has received a sizable injection of cash. The UK chancellor of the exchequer, Rishi Sunak, has awarded £100,000 (approximately $135K) to the Cybersecurity Neurodiversity Skills Development Program, described by Native Newspost as “ground-breaking.” The program, which is based in