Want to know more about this topic or about us? Contact us!
by Paul Ducklin We investigate whether AirDrop is really as dangerous as researchers claimed. We discuss the pestiferous problem of fake Linux bugs submitted as an academic exercise. We review the latest Sophos Ransomware Report and uncover uncomfortable truths about paying up. With Kimberly Truong, Doug Aamoth and Paul Ducklin. . . . Read more
by Paul Ducklin One of the hot new jargon terms in cybersecurity is supply chain attack. The phrase itself isn’t new, of course, because the idea of attacking someone indirectly by attacking someone they get their supplies from, or by attacking one of their supplier’s suppliers, and so on, is . . . Read more
by Paul Ducklin The annual Pwn2Own contest features live hacking where top cybersecurity researchers duke it out under time pressure for huge cash prizes. Their quest: to prove that the exploits they claim to have discovered really do work under real-life conditions. Indeed, Pwn2Own is a bug bounty program with . . . Read more
by Paul Ducklin How a social engineer ripped off a victim lured in by one of those “small outstanding fee to pay” home delivery scams. The ransomware crooks targeting networks that still haven’t done their Hafnium patches. And the Linux kernel security holes that lay there undiscovered for 15 years. . . . Read more
by Paul Ducklin Researchers at cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel… …in code that had been sitting there inconspicuously for some 15 years. Fortunately, it seemed that no one else had looked at the code for all that time, at . . . Read more
by Paul Ducklin Apple pushed out an iOS update in something of a hurry to shut down a serious 0-day bug. The GnuPG team scrambled to fix an ironic vulnerability that could be exploited during the very process of checking if the data you just received could be trusted. And . . . Read more
At least 6,500 cryptocurrency users have been infected by new, ‘extremely intrusive’ malware that’s spread via trojanized macOS, Windows and Linux apps. A new remote access tool (RAT) has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private . . . Read more
The worm returned in recent attacks against web applications, IP cameras and routers. The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers, this time with an expanded set of exploits for initially compromising devices. First discovered in a round of late-October attacks that targeted Linux-based . . . Read more
The infamous keylogger has shifted its targeting tactics and now collects stored credentials for less-popular web browsers and email clients. Six-year-old keylogger malware called Agent Tesla has been updated again, this time with expanded targeting and improved data exfiltration features. Agent Tesla first came into the scene in 2014, specializing . . . Read more
The malware takes aim at PostgreSQL database servers with never-before-seen techniques. An innovative Linux-based cryptocurrency mining botnet has been uncovered, which exploits a disputed PostgreSQL remote code-execution (RCE) vulnerability to compromise database servers. The malware is unusual and completely novel in a host of ways, researchers said. According to researchers . . . Read more