News

Financial software giant slammed for 'poor security practices'

Intuit is being sued in the US after a security failure at its Mailchimp email marketing business allegedly led to the theft of cryptocurrency from one or more digital wallets.…

Thinking of another word for this US govt department's name

The first bug bounty program by America's Homeland Security has led to the discovery and disclosure of 122 vulnerabilities, 27 of which were deemed critical.…

Check Point uncovers web vulnerability that could have led to cryptocurrency theft

A flaw detected in the browser version of the Ever Surf cryptocurrency wallet could have given hackers who exploited it full control over a targeted user's wallet, say threat hunters at Check Point Research.…

Plus: Cisco Umbrella flaw patched, lid blown off TeamTNT, and ICS security folks join JCDC party

In brief  The BlackCat ransomware gang, said to be the first-known ransomware group to successfully break into networks with Rust-written malware, has attacked at least 60 organizations globally as of March, according to the FBI.…

Now that's a race condition

The number of zero-day vulnerabilities exploited in the wild reached an all-time high last year, according to Mandiant.…

Seems it's not a social network or an instant chat app used by tens of millions, so scrutiny it is, then

Federal regulators are taking a closer look at Google's planned $5.4 billion acquisition of Mandiant, a deal designed to boost the web giant's public cloud's cybersecurity capabilities.…

Threat actor exploited known vulnerabilities in the Microsoft software to compromise multiple systems

An affiliate of the aggressive Hive ransomware group is exploiting known vulnerabilities in Microsoft Exchange servers to encrypt and exfiltrate data and threaten to publicly disclose the information if the ransom isn't paid.…

Months after arrests, gang – or someone mimicking them – now active

The notorious REvil ransomware gang appears to have returned from the bowels of the dark web, three months after the arrest of 14 of its suspected members, with its old website forwarding to a new operation that lists both previous and fresh victims.…

Google cites US sanctions while Beijing and John Lee Ka-chiu are miffed

YouTube has blocked the campaign account of Hong Kong's only candidate for the Special Administrative Region's (SAR) head of government, John Lee Ka-chiu, citing US sanctions.…

Botnet infrastructure shut down last year, now central to a fast-spreading email scam, researchers say

More than a year after essentially being shut down, the notorious Emotet malware operation is showing a strong resurgence.…

If this is surprising to operators, we are doomed

The Five Eyes nations' cybersecurity agencies this week urged critical infrastructure to be ready for attacks by crews backed by or sympathetic to the Kremlin amid strong Western opposition to Russia's invasion of Ukraine.…

Remote code exec is so 2014. Have this container escape and privilege escalation, instead

Amazon Web Services has updated its Log4j security patches after it was discovered the original fixes made customer deployments vulnerable to container escape and privilege escalation.…

Whole new meaning for zero consequences

Java versions 15 to 18 contain a flaw in its ECDSA signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations.…

Cyber-espionage gang using multiple variants of its custom backdoor to ensure persistence, Symantec warns

A Russian-linked threat group that has almost exclusively targeted Ukraine since it first appeared on the scene in 2014 is deploying multiple variants of its malware payload on systems within the country.…

PhaaS, SMiShing, and remote work drive increase in phishing attacks

The number of phishing attacks worldwide jumped 29 percent last year as threat actors countered stronger enterprise defenses with newer methods, according to researchers with Zscaler's ThreatLabz research team.…

Malware-laced recruitment emails are more Kim job ill than Kim Jong-un

The North Korean-based criminal group Lazarus is expanding its attacks into the blockchain and crypto space, three agencies of the US government have warned.…

Friends are always tellin' me, you're a user ... Just be good to free()

Google's bug hunters say they spotted 58 zero-day vulnerabilities being exploited in the wild last year, which is the most-ever recorded since its Project Zero team started analyzing these in mid-2014.…

Step one, get some scrambled files back. Steps two through 37...

Kaspersky has found a vulnerability in the Yanluowang ransomware encryption algorithm and, as a result, released a free decryptor tool to help victims of this software nasty recover their files.…

Firmware updates incoming in response to UEFI threats

Got a Lenovo laptop? You might need to do a swift bit of patching judging by the latest set of vulnerabilities uncovered by security researchers at ESET.…

Parent WH Smith says no customer payment data exposed, according to current investigations

British retailer WH Smith has confirmed that Funky Pigeon, its online greetings card and gift subsidiary, has halted all further orders after a "security incident."…