You are here
Home > Posts tagged "Dark Reading"

StrandHogg 2.0 Emerges as ‘Evil Twin’ to Android Threat

This one affects older versions of Android. Unfortunately, many device either can't be or just aren't upgraded or even patched. Version 9 is the most widely used and is vulnerable. Patch if you can...: [...] Like its "relatively less evil twin," StrandHogg 2.0 is "extremely dangerous" because it does not need root access or Android permissions to run, Høegh-Omdal wrote. It can hijack permissions of other apps with access to contacts or messages. Unlike its predecessor, which

Web Scrapers Have Bigger-Than-Perceived Impact on Digital Businesses

It's a sobering thought when you realise you're spending a significant chunk of your infrastructure budget on bad bots...: [...] The study shows that while humans and "good bots" — such as those used by search engines— represented a substantial proportion of web traffic, "bad bots" represented a significant proportion as well. Nearly 17% of all traffic on e-commerce websites, for example, was comprised of bad bots. On travel sites, the proportion was closer to 31% and on med

Magecart Plants Card Skimmers via Old Magento Plugin Flaw

I've migrated my clients away from Magento as it's a real pain to keep updated...: [...] Cybercriminals operating under the Magecart umbrella group are exploiting an old vulnerability in a Magento plugin to insert credit card data-skimming malware on sites built on the ecommerce platform. In an alert earlier this month, the FBI described the latest attacks as involving CVE-2017-7391, a three-year old—and long since patched—cross-site scripting vulnerability in the Magmi 0...

Microsoft Challenges Security Researchers to Hack Azure Sphere

Bug bounty programs are a good way of uncovering flaws that you may not have thought about...: Azure Sphere was unveiled in April 2018 as a means to improve security for devices connected to the Internet of Things (IoT). It's made up of three parts: connected microcontrollers, a Linux-based OS and custom kernel to power them, and a security service to protect the connected devices. Azure Sphere hit general availability in February 2020, and now Microsoft is opening it to r...

5-Year-Long Cyber Espionage Campaign Hid in Google Play

Sneaky. Encourage users to install an app, then use updates to infect it. I'm waiting to see who uses 'in-app purchases' to do the same thing...: [...] Alexey Firsh, security researcher with Kaspersky, says he and his team decided to dig deeper into a Trojan backdoor that was first revealed in a July 2019 report by researchers at Dr. Web. The relatively unusual backdoor, they found, dated back to at least December 2015, the registration date of one of the domains used in the

Top 10 Cyber Incident Response Mistakes and How to Avoid Them

It's a longer read than most web articles but worth it, if only to disagree with the ranking. My personal #1 is organisational readiness; everyone knows their responsibilities when it comes to spotting, reporting, and responding to incidents. If the 'patient zero' that starts off a ransomware attack knew how to spot something funny and who to report it to (and maybe even to disconnect from the network) then a lot of harm could be avoided...: According to cybersecurity expert

Biopharmaceutical Firm Suffers Ransomware Attack, Data Dump

Targeted attack or just bad luck?...: Pharmaceutical clinical research organization ExecuPharm last week reported a March 13 ransomware attack that exposed employee personal data including Social Security numbers, taxpayer and bank account information, passport, and credit card information. And according to a report on Tech Crunch, the attackers also later dumped the stolen data onto a Dark Web site. ExecuPharm said in its notice of the data breach that some user informat...

Attackers Prefer Ransomware to Stealing Data

Cyber crime is almost the perfect example of free market capitalism. Though there's a lot of regulation, the market actors ignore it...: [...] For the first time, more cybersecurity incidents involved recovering from ransomware attacks rather than dealing with the fallout of stolen data — a sign that attackers are shifting their tactics, according to cybersecurity services firm Trustwave, which published its annual threat report today. Ransomware accounted for 18% of the ...

11 Tips for Protecting Active Directory While Working from Home

An example of the tidal wave of 'advice' during the pandemic. This is not bad, just pretty tangential stuff when it comes to AD itself. What's missing is any check that your controls are: a) actually deployed; b) effective. (Full disclosure: my business sells tools that help with this)...: [...] A full list of recommendations by experts to fully minimize the risk are summarized as follows: Implement an equipment policy for remote workers: As much as possible, use the me