by Paul Ducklin Remember HAFNIUM? Of course you do – it was the name behind a foursome of Exchange bugs that got patched in an emergency update early in March 2021. Even though there was just a week to go until March 2021’s Patch Tuesday, Microsoft decided to issue what . . . Read more
by Paul Ducklin Apple pushed out an iOS update in something of a hurry to shut down a serious 0-day bug. The GnuPG team scrambled to fix an ironic vulnerability that could be exploited during the very process of checking if the data you just received could be trusted. And . . . Read more
Great news from Europol – if you’ve heard of Emotet, you’ll have a good idea how badly things often end for its victims.
by Paul Ducklin You probably don’t need to be told what sort of products were on offer at an online retail site called DarkMarket. As you can imagine, it operated on the so-called dark web, and you’d have needed the Tor browser to access it, using a special web address . . . Read more
The underground payment-card data broker saw its blockchain DNS sites taken offline after an apparent law-enforcement effort.
A new “TrickBoot” module scans for vulnerable firmware and has the ability to read, write and erase it on devices. The TrickBot malware has morphed once again, this time implementing functionality designed to inspect the UEFI/BIOS firmware of targeted systems. It marks a serious resurgence following an October takedown of . . . Read more
The illegal marketplace was hacked prior to it’s takedown — the IRS has now tracked down those stolen funds, it said. The feds have seized its largest stash ever of Bitcoin, originating from the notorious Silk Road underground marketplace. The federal coffers are now $1 billion richer. Silk Road was . . . Read more