News

Malware was too loose to have come from a Western nation, according to Sentinel Labs

An advanced persistent threat that Russia found inside government systems was too crude to have been the work of a western nation, says security researcher Juan Andrés Guerrero-Saade of Sentinel Labs, before suggesting the malware came from a Chinese entity.…

Adobe, Intel, SAP, Android emit vulnerability fixes, too

Patch Tuesday  Microsoft's traditional Patch Tuesday saw the software giant release fixes for 50 flaws, and a reminder to apply updates as soon as possible because six of them are being exploited in the wild by miscreants.…

From hidden master keys to pineapples stuffed with Bolivian marching powder — this story has it all

The FBI has revealed how it managed to hoodwink the criminal underworld with its secretly backdoored AN0M encrypted chat app, leading to hundreds of arrests, the seizure of 32 tons of drugs, 250 firearms, 55 luxury cars, more than $148M, and even cocaine-filled pineapples.…

The highs, the lows, the acquisitions, the resignations, and more

Encryption and verification package Pretty Good Privacy (PGP) has celebrated a troubled 30 years of securing secrets and giving cypherpunks an excuse to meet in person, with original developer and security specialist Phil Zimmermann toasting a world where encryption is common but, he warns, still under threat.…

Using techniques Microsoft had previously considered 'not a vulnerability'

A reverse engineer has discovered what is claimed to be "the first known malware targeting Windows containers to compromise cloud environments," a sentence to put any system administrator on edge.…

If your IoT kit employs RabbitMQ, EMQ X or VerneMQ, it's time to get patching

Synopsys Cybersecurity Research Centre (CyRC) has warned of easily triggered denial-of-service (DoS) vulnerabilities in three popular open-source Internet of Things message brokers: RabbitMQ, EMQ X, and VerneMQ.…

When I grow up, I want to be an Identity and Access Management specialist – said no one ever

Feature  A search on LinkedIn's UK job site just now (1 June 2021) returned 5,265 roles for a network manager; 2,204 for a system administrator; 4,964 for a web developer; and 10,776 for a business analyst. None of these are a particular surprise – they're popular, sought-after careers.…

All thanks to FBI that somehow had wallet's private key

The US Department of Justice on Monday said it has recovered 63.7 Bitcoins, right now worth $2.1m and falling, of the 75 or so BTC the Colonial Pipeline operators paid the ransomware miscreants who infected the fuel provider's computers.…

Hundreds of arrests already in Oz, details of European and US ops to be revealed soon

The Australian Federal Police (AFP) has revealed it was able to decrypt messages sent on a supposedly secure messaging app that was seeded into the organised crime community and promoted as providing snoop-proof comms.…

Feds, facing pushback over constitutional concerns, say they no longer need the data after all

The FBI on Saturday withdrew a subpoena issued to USA Today's parent company Gannett in April to find out who read an online news story published in February about a shootout that led to the deaths of two FBI agents and the wounding of three others.…

No new hardware though loads of bits and bytes for software makers

WWDC  Apple on Monday opened its 2021 Worldwide Developer Conference by promising a raft of operating system and privacy improvements – including a Tor-like relay system to anonymize Safari connections, and randomized email addresses for online account signups.…

Plus: FBI boss says ransomware is terrorism 2.0, and more

In brief  Plans by the German government to allow the police to deploy malware on any target's devices, and force the tech world to help them, has run into some opposition, funnily enough.…

Gonna need a little Mo security over here

US House Rep Mo Brooks (R-AL) seemingly revealed his Gmail password and a PIN in a Sunday rage tweet about a lawsuit regarding the January 6 insurrection attempt.…

Has the hacktivist group had enough of Musk's manipulative crypto-Tweets, or has someone just donned the mask to protest their crashed Bitcoin balance?

Entities using the name and iconography of hacktivist collective Anonymous have deemed Elon Musk's recent crypto-tweeting worthy of a re-emergence.…

Plus: CyberUp campaign writes to Home Sec

British infosec businessees mostly support beefing up the Computer Misuse Act to directly tackle the ransomware crisis – while reform campaign CyberUp has written to Home Secretary Priti Patel offering “support” for “a renewed, forward looking framework”.…

One can’t spell shit without IT, but for God sake it doesn't need to be in your endpoints

Column  Fans of John le Carré’s Tinker Tailor Soldier Spy know how top military secrets are extracted from the enemy. Senior figures are turned in operations run by the most secret brains in the country, bluff and double-bluff mix with incredible feats of bravery, treachery and psychological manipulation.…

US president calls China’s military-industrial complex 'a threat' and condemns surveillance technology for human rights abuse

US president Joe Biden has issued an executive order to expand the Trump-era ban preventing Chinese tech and defence companies from receiving American investment, upping it from 31 to 59 named entities.…

New approach against malware pushers mirrors how American authorities handle terrorism cases

The White House has issued a communique to business leaders [PDF] urging them to take the threat of ransomware a bit more seriously.…

Claims Russia's FSB was poking around an Eastern European ministry

While enterprises stagger under sustained ransomware attacks, Android users are increasingly being targeted by banking malware, with Slovakian infosec firm ESET reckoning it had seen a 159 per cent increase in such malicious software over the last few months.…

Never again is what you swore... the time before

If you rely on your insurer to pay off crooks after a successful ransomware attack, you wouldn't be the only one.…