Security

An APAC marine services multi-national appears to have become the latest victim of the prolific Clop ransomware gang. Swire Pacific Offshore (SPO) has provided crew and ships for specialized tasks such as anchor handling, platform supply and seismic surveys for over 45 years. However, its name recently appeared on the extortion site of the Clop

UK schools are being encouraged to sign-up to a revamped cybersecurity competition designed to improve diversity in the sector. The CyberFirst Girls Competition is the National Cyber Security Centre’s flagship event for schools. Since 2017 more than 43,000 girls aged 12-13 have taken part in a series of cybersecurity challenges. However, the 2022 edition will see some

by Paul Ducklin Google’s Cybersecurity Action Team just published the first ever edition of a bulletin entitled Cloud Threat Intelligence. The primary warnings are hardly surprising (regular Naked Security visitors will have read about them here for years), and boil down to two main facts. Firstly, crooks show up fast: occasionally, it takes them days

“AI will revolutionize every aspect of connectivity,” was the bold message delivered during a recent webinar by the IDC titled ‘AI with everything – the future of Artificial Intelligence in Networking.‘  The synopsis of the webinar argued that artificial intelligence (AI) is changing how networks are built and operated in the most profound of ways. Additionally, IT

by Paul Ducklin The US Securities and Exchange Commission (SEC) has issued numerous warnings over the years about fraudsters attempting to adopt the identity of SEC officials, including by phone call spoofing. Call spoofing is where a scammer calls you up on your landline or mobile phone, claims to be from organisation X, and then

Service providers have suspended over 20 websites in Germany and the UK for disseminating online terrorist propaganda, Europol has revealed. In the last week of October, a referral action targeted 50 sites that police flagged for promoting violent jihadist ideology in support of terrorist groups such as the Islamic State (IS) and al-Qaeda. Police requested

by Paul Ducklin [00’27”] Cybersecurity tips for the holiday season and beyond. [02’20”] Fun fact: The longest-lived Windows version ever. [03’40”] Exchange at risk from public exploit. [10’34”] GoDaddy loses passwords for 1.2m users. [18’25”] Tech history: What do you mean, “It uses a mouse?” [20’25”] Don’t make your cookies public! [27’51”] Oh! No! DDoS

A website, initially set up by graduates to offer IT support, has caught a criminal after a woman used it to try to arrange the murder of her ex-husband.  RentaHitman.com is a darkly titled domain set up by a group of friends after they graduated from a California business school with degrees in IT.  The site’s operator,

by Paul Ducklin The US Securities and Equities Commission (SEC) has just published a “Security Incident” submitted last week by Web services behemoth GoDaddy. GoDaddy says that on 17 November 2021 it realised that there were cybercriminals in its network, kicked them out, and then set about trying to figure out when the crooks got

More than four-fifths (81%) of UK retailers are putting their customers at risk of email fraud by not implementing the recommended level of domain-based message authentication, reporting and conformance (DMARC) protection. This is according to a new study by Proofpoint, which warned of a likely surge in fraudulent emails targeting online shoppers ahead of this year’s Black

by Paul Ducklin At the start of this month, CVE-2021-42321 was technically an Exchange zero-day flaw. This bug could be exploited for unauthorised remote code execution (RCE) on Microsoft Exchange 2016 and 2019, and was patched in the November 2021 Patch Tuesday updates. Microsoft officially listed the bug with the words “Exploitation Detected”, meaning that

The largest theft of Bitcoin from a single individual was allegedly perpetrated by a Canadian teenager. An unnamed youth was arrested last week on suspicion of stealing crypto-currency worth approximately $36.5m from an unnamed victim who is located in the United States.  It is alleged that the defendant used a SIM swapping attack to gain access to

by Paul Ducklin As we’ve explained before, the opposite (or perhaps we mean the inverse) of Black Friday wouldn’t be White Friday, it would be Red Friday. The word “black” in the context of the big retail surge that typically follows US Thanksgiving, which is always on a Thursday, refers to ink, from the time

The United States has charged two Iranian computer hackers in connection with a cyber-campaign intended to influence the outcome of America’s 2020 presidential election. An indictment unsealed in New York on Thursday alleges that 24-year-old Seyyed Mohammad Hosein Musa Kazemi and 27-year-old Sajjad Kashian conspired with others to intimidate and influence American voters, undermine voter confidence, and

A British man has admitted being a member of an international video piracy ring that illegally distributed “nearly every movie released by major production studios.” On Thursday, before United States District Judge Richard M. Berman, George Bridi pleaded guilty to conspiracy to commit copyright infringement, which carries a maximum sentence of five years in prison. Bridi, who

by Paul Ducklin [00’52”] Fun Fact: The dawn of the transistor [01’37”] Emotet malware: “The report of my death was an exaggeration” [08’26”] FBI email hack spreads fake security alerts [15’19”] Tech history: Why tubes are valves, and valves are tubes [16’44”] Samba update patches plaintext password plundering [22’24”] The hijackable self-driving robot suitcase [30’22”]

Entertainment company Sky took more than 17 months to fix a security flaw that impacted roughly six million routers belonging to its customers.  The DNS rebinding vulnerability was discovered in May 2020 by Raf Fini, a researcher at British cybersecurity company Pen Test Partners.  Six router models were affected by the flaw: Sky Hub 3, Sky Hub 3.5,

by Paul Ducklin Remember when people used to upload their SSH keys onto Github and similar code sharing sites by mistake? Two years ago, we wrote about the fact that incautious software developers had uploaded hundreds of thousands of private access control keys, entirely unintentionally, along with source code files that they did intend to

A threat actor believed to be associated with the Democratic People’s Republic of Korea (DPRK) has a certain fondness for repetition, according to new research published today. In the report Triple Threat: North Korea–Aligned TA406 Scams, Spies, and Steals, researchers at Proofpoint shine a light on the nefarious activity of the threat actor TA406, whose campaigns they have

by Paul Ducklin Tommy Mysk and Talal Haj Bakry describe themselves as “two iOS developers and occasional security researchers on two continents.” In other words, although cybersecurity isn’t their core business, they’re doing what we wish all programmers would do: not taking application or operating system security features for granted, but keeping their own eyes

The United States has announced plans to sell tens of millions of dollars’ worth of seized crypto-currency to compensate victims of fraud. On Friday, US District Judge Todd Robinson granted a request from the US Department of Justice and the US Attorney’s Office for the Southern District of California for authority to liquidate BitConnect crypto-currency

by Paul Ducklin The Internet of Things (IoT) has become infamous for providing us, in a worrying number of cases, with three outcomes: Connected products that we didn’t know we needed. Connected products that we purchased anyway. Connected products that ended up disconnected in a cupboard. To be fair, not all IoT products fall into

Cybersecurity professionals are unsurprised by the apparent return of Emotet malware.  First discovered as a banking trojan in 2014, the malware evolved into a powerful tool deployed by cyber-criminals around the world to illegally access computer systems.  The malware’s creators — APT group TA542 — hired Emotet out to other cyber-criminals, who used it to

by Paul Ducklin You’ve probably seem the breathless media headlines everwhere: “Emotet’s back!” One cybersecurity article we saw – and we knew what it was about right away – didn’t even give a name, announcing simply, “Guess who’s back?” As you almost certainly know, and may sadly have experienced first hand, Emotet is a blanket

A cyber-safety platform has found a humorous way to warn the American public how to spot a gift card scam ahead of the holiday season.  ScamSpotter.org has made a series of amusing videos in which some of the ridiculous storylines deployed by gift card scammers are played out by actors.  In one Hollywood blockbuster–style dramatization, a

Spain’s second-biggest brewery says it expects to fully recover from a “highly complex” cyber-attack “in the coming days.”  Sociedad Anónima Damm, which has been making the world-renowned Estrella Damm lager since 1876, was targeted by cyber-criminals on Tuesday.  The attack on the company’s computer systems temporarily halted production at all of Damm’s breweries. However, the main brewery

by Naked Security writer Well-known email tracking organisation Spamhaus, which maintains lists of known senders of spams and scams, is warning of a fraudulent “FBI/Homeland Security” alert that has apparently been widely circulated to network administrators and other IT staff in North America. Indeed, some of our own colleagues have reported receiving messages like this:

A Russian cyber-criminal has been sent to prison in the United States for defrauding American companies out of millions of dollars. Aleksandr Zhukov ran a sophisticated digital advertising scam through purported advertising network Media Methane. In June, he was convicted of wire fraud conspiracy, wire fraud, money laundering conspiracy, and money laundering. Zhukov, the self-styled “king of

by Paul Ducklin If you use the venerable Samba open source tool anywhere on your network, you’ll want to read up on the latest update, version 4.15.2. Samba is the closest pronounceable word to SMB that Andrew Tridgell, who created the project back in the 1990s, could come up with. SMB, short for Server Message

A program set up to teach cybersecurity skills to autistic and neurodiverse young people in the United Kingdom has received a sizable injection of cash. The UK chancellor of the exchequer, Rishi Sunak, has awarded £100,000 (approximately $135K) to the Cybersecurity Neurodiversity Skills Development Program, described by Native Newspost as “ground-breaking.” The program, which is based in