by Paul Ducklin Remember HAFNIUM? Of course you do – it was the name behind a foursome of Exchange bugs that got patched in an emergency update early in March 2021. Even though there was just a week to go until March 2021’s Patch Tuesday, Microsoft decided to issue what . . . Read more
by Paul Ducklin The annual Pwn2Own contest features live hacking where top cybersecurity researchers duke it out under time pressure for huge cash prizes. Their quest: to prove that the exploits they claim to have discovered really do work under real-life conditions. Indeed, Pwn2Own is a bug bounty program with . . . Read more
by Paul Ducklin The cybersecurity meganews of the week, of course, is anything to do with HAFNIUM. (To be clear, we’re going to write it as Hafnium from now on, as Microsoft does in its top-level incident disclosure document, so that it doesn’t look as though we’re shouting all the . . . Read more
At least one vulnerability is being exploited by multiple cyberespionage groups to attacks targets mainly in the US, per ESET telemetry Microsoft has rushed out emergency updates to address four zero-day flaws affecting Microsoft Exchange Server versions 2013, 2016, and 2019. Threat actors have been observed exploiting the vulnerabilities in . . . Read more
by Paul Ducklin As you know, our usual advice for Patch Tuesday boils down to four words, “Patch early, patch often.” There were 56 newly-reported vulnerabilities fixed in this month’s patches from Microsoft, with four of them offering attackers the chance of finding remote code execution (RCE) exploits. Remote code . . . Read more
In all, Nvidia patched flaws tied to 16 CVEs across its graphics drivers and vGPU software, in its first security update of 2021.
Despite being a mostly run-of-the-mill ransomware strain, Babuk Locker’s encryption mechanisms and abuse of Windows Restart Manager sets it apart. Only a few days into the new year, one of the first new ransomware strains of 2021 has been discovered. Dubbed Babuk Locker, the ransomware appears to have successfully compromised . . . Read more
At least 6,500 cryptocurrency users have been infected by new, ‘extremely intrusive’ malware that’s spread via trojanized macOS, Windows and Linux apps. A new remote access tool (RAT) has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private . . . Read more
A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year. As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go . . . Read more
Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities.