Turla, a Russian Espionage Group, Piggybacked on Other Hackers’ USB Infections
[ad_1] The Russian cyberespionage group known as Turla became infamous in 2008 as the hackers behind agent.btz, a virulent piece of malware that spread through US Department of Defense systems,…
What Is a Pig Butchering Scam?
[ad_1] Digital swindles like business email compromises and romance scams generate billions of dollars for criminals. And they all start with a little bit of “social engineering” to trick a…
Hackers Planted Files to Frame Indian Priest Who Died in Custody
[ad_1] According to Arsenal, Swamy never touched the files himself. After his devices were seized by Pune City Police, those files were among the digital evidence used to charge him…
Cuba Ransomware Gang Abused Microsoft Certificates to Sign Malware
[ad_1] Less than two weeks ago, the United States Cybersecurity & Infrastructure Security Agency and FBI released a joint advisory about the threat of ransomware attacks from a gang that…
Scammers Are Scamming Other Scammers Out of Millions of Dollars
[ad_1] Nobody is immune to being scammed online—not even the people running the scams. Cybercriminals using hacking forums to buy software exploits and stolen login details keep falling for cons and…
Android Phone Makers’ Encryption Keys Stolen and Used in Malware
[ad_1] While Google develops its open source Android mobile operating system, the “original equipment manufacturers” who make Android smartphones, like Samsung, play a large role in tailoring and securing the…
Google Moves to Block Invasive Spanish Spyware Framework
[ad_1] The commercial spyware industry has increasingly come under fire for selling powerful surveillance tools to anyone who can pay, from governments to criminals around the world. Across the European…
Drop What You’re Doing and Update iOS, Android, and Windows
[ad_1] November saw the release of patches from the likes of Apple’s iOS, Google Chrome, Firefox, and Microsoft Windows to fix multiple security vulnerabilities. Some of these issues are pretty…
Russia’s Sway Over Criminal Ransomware Gangs Is Coming Into Focus
[ad_1] Russia-based ransomware gangs are some of the most prolific and aggressive, in part thanks to an apparent safe harbor the Russian government extends to them. The Kremlin doesn’t cooperate…
Russia’s New Cyberwarfare in Ukraine Is Fast, Dirty, and Relentless
[ad_1] Since Russia launched its catastrophic full-scale invasion of Ukraine in February, the cyberwar that it has long waged against its neighbor has entered a new era too—one in which…
Apple MacOS Ventura Bug Breaks Third-Party Security Tools
[ad_1] The release of Apple’s new macOS 13 Ventura operating system on October 24 brought a host of new features to Mac users, but it’s also causing problems for those…
Your Microsoft Exchange Server Is a Security Liability
[ad_1] Childs points to two other ZDI discoveries of Exchange vulnerabilities, one in 2018 and another in 2020, that were actively exploited by hackers even after the bugs were reported…
How Vice Society Got Away With a Global Ransomware Spree
[ad_1] Throughout 2021, Vice Society’s health care targets included Barlow Respiratory Hospital in California, Eskenazi Health in Indiana, Centre Hospitalier D’Arles in France, United Health Centers in California, and a…
Meta Says It Has Busted More Than 400 Login-Stealing Apps This Year
[ad_1] Both Apple and Google have struggled for years to keep malicious apps out of their official mobile app stores and away from users’ phones. Simple programs like flashlight apps,…
Microsoft Exchange Server Has a Zero-Day Problem
[ad_1] There were global ripples in tech policy this week as VPN providers were forced to pull out of India as the country’s new data collection law takes hold, and…
Mystery Hackers Are ‘Hyperjacking’ Targets for Insidious Spying
[ad_1] For decades, virtualization software has offered a way to vastly multiply computers’ efficiency, hosting entire collections of computers as “virtual machines” on just one physical computer. And for almost…
Slack and Teams’ Lax App Security Raises Alarms
[ad_1] Collaboration apps like Slack and Microsoft Teams have become the connective tissue of the modern workplace, tying together users with everything from messaging to scheduling to video conference tools.…
A New Linux Tool Aims to Guard Against Supply Chain Attacks
[ad_1] In the wake of alarming incidents like Russia’s massive 2017 NotPetya malware attack and the Kremlin’s 2020 SolarWinds cyberespionage campaign—both pulled off by poisoning wells for software distribution—organizations around…
Playing Janet Jackson’s ‘Rhythm Nation’ Can Crash Old Hard Drives
[ad_1] A new jailbreak for John Deere tractors, demonstrated at the Defcon security conference in Las Vegas last Saturday, put a spotlight on the strength of the right-to-repair movement as…
Spyware Hunters Are Expanding Their Toolset
[ad_1] The surveillance-for-hire industry’s powerful mobile spyware tools have gotten increasing attention lately as tech companies and governments grapple with the scale of the threat. But spyware that targets laptops…
Sloppy Software Patches Are a ‘Disturbing Trend’
[ad_1] The whole purpose of vulnerability disclosure is to notify software developers about flaws in their code so they can create fixes, or patches, and improve the security of their…