According to media reports, India's leading online shopping app has sent a legal notice to a US security firm demanding that they stop spreading "false" claims that it has been hacked. Indian financial newspaper Mint says that Paytm Mall has sent the legal notice to Atlanta-based Cyble Inc, which at the end of last month published a blog post (archived here) claiming that the Paytm Group had suffered a "massive data breach" after a hacking group known as "John Wick" had uploaded unauthorised code. READ MORE...
Argentina's official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted border crossing into and out of the country. While ransomware attacks against cities and local agencies have become all too common, this may be a first known attack against a federal agency that has interrupted a country's operations. READ MORE...
UK research university Newcastle University says that it will take several weeks to get IT services back online after DoppelPaymer ransomware operators breached its network and took systems offline on the morning of August 30th. The attack is now investigated by the UK Police and the National Crime Agency in cooperation with the Newcastle University IT Service (NUIT). "On Sunday 30 August 2020, we became aware that the University had suffered a serious cyber incident which is causing operational disruption across our networks and IT systems. READ MORE...
The threat group tracked as Evilnum was observed using updated tactics and tools in recent attacks, Cybereason's Nocturnus research team reported last week. Initially detailed in 2018, Evilnum appears to have been active for nearly a decade, offering 'mercenary' hack-for-hire services, a recent report from Kaspersky revealed. Focused on espionage, Evilnum recently switched from delivering ZIP archives containing multiple LNK files (via spear-phishing) to including a single LNK in the archive. READ MORE...
They are offering services to track employees, arrange tests, and record results. Many things about Matt Bruinooge's senior year at Brown are different from his previous college life. One is that he logs on to a website from tech giant Alphabet twice a week to schedule nasal swabs. Brown is one of the first customers of a pandemic safety service from Alphabet subsidiary Verily Life Sciences called Healthy at Work, or Healthy at School at colleges. READ MORE...
A strain of ransomware designed to disrupt computers' booting processes hit government-run organizations in the Middle East and North Africa in July, researchers said Friday, in the latest example of data-wiping tools being aimed at key organizations in the region. The ransomware attacks used Thanos, a type of malware that surfaced earlier this year and has gained traction on underground forums, according to analysts at Palo Alto Networks. In an increasingly popular tactic among ransomware gangs. READ MORE...
Evasion techniques are used by cybercriminals to evade detection, and they are especially prevalent in the context of scripts, which on their own have legitimate uses (e.g., to automate processes on a computer system). Unfortunately, scripts can also be used for malicious purposes, and malicious scripts are unlikely to be detected or blocked by the average antimalware solution. That's why cybercriminals are turning to script-based attacks and other evasive malware - like Emotet - more often than ever before. READ MORE...
Traditional password-based security might be headed for extinction, but that moment is still far off. In the meantime, most of us need something to prevent our worst instincts when it comes to choosing passwords: using personal information, predictable (e.g., sequential) keystroke patterns, password variations, well-known substitutions, single words from a dictionary and - above all - reusing the same password for many different private and enterprise accounts. What does a modern password policy look like? READ MORE...
Unauthorized security research can "cause harmful effects," Voatz says in baffling brief. The Supreme Court is considering whether to adopt a broad reading of the Computer Fraud and Abuse Act that critics say could criminalize some types of independent security research and create legal uncertainty for many security researchers. Voatz, an online voting vendor whose software was used by West Virginia for overseas military voters in the 2018 election, argues that this wouldn't be a problem. READ MORE...
Routers made by MoFi Network are affected by several vulnerabilities, including critical flaws that can be exploited to remotely hack a device. The vulnerabilities were reported to the vendor in May by Rich Mirch, a security researcher at CRITICALSTART. However, some of them remain unpatched. The researcher discovered a total of 10 vulnerabilities affecting MOFI4500 routers, a majority related to the web management interface, which by default is accessible on all network interfaces. READ MORE...
Columbia University researchers have released Crylogger, an open source dynamic analysis tool that shows which Android apps feature cryptographic vulnerabilities. They also used it to test 1780 popular Android apps from the Google Play Store, and the results were abysmal. Each of the tested apps with an instrumented crypto library were run in Crylogger, which logs the parameters that are passed to the crypto APIs during the execution and then checks their legitimacy offline by using a list of crypto rules. READ MORE...
Six months ago, as professional sports were postponed indefinitely, schools were shuttering, Tom Hanks was the poster boy for COVID-19, and President Donald Trump addressed a nervous nation, people at the highest levels of the U.S. government became laser-focused on one idea: Coronavirus vaccine research needed to be defended from hacking attempts. Soon after the World Health Organization declared a pandemic, the Pentagon's Defense Digital Service and the National Security Agency got to work on a behind-the-scenes protection mission READ MORE...