Cyber Security

Home News Computing (Image credit: Shutterstock / metamorworks) The IEEE 802.11 Wi-Fi protocol standard carries a security flaw that could allow threat actors to steal sensitive data and inject malicious content, researchers are saying. Wi-Fi routers (opens in new tab) share between them network frames - data containers that include things like the MAC address of the source and destination endpoints, or control and management data. If a Wi-Fi device is in power-saving mode (sleep mode), the incoming frames will be queued, to be dequeued, encrypted, and transmitted to the destination, once it wakes up and leaves the power-saving mode. Limited impactIn theory, a threat actor could spoof the MAC address of a network device and send a power-saving frame...

Home News Computing (Image credit: wk1003mike / Shutterstock ) Unidentified threat actors are leveraging legitimate services such as PayPal or Google Workspace to send out phishing emails and bypass virtually all email security solutions available today.  A report from cybersecurity researchers Avanan has detailed how hackers managed to force these services to send out phishing email on their behalf, thus tricking email security solutions. For criminals, the problem with phishing emails is that the domains from which they’re sent, the email’s subject lines, as well as the content, all get scanned by email security products and often don’t make it into the victim’s inbox. However, when that email comes from Google, the security product has no other choi...

Home News Computing (Image credit: Shutterstock / Wit Olszewksi) Unknown hackers have managed to steal 56 bitcoin, worth approximately $1.5 million, from specialized ATMs designed to distribute cryptocurrency, The worst part is - the stolen funds partially belonged to the ATM’s customers, as well. According to the report, the ATMs work by allowing customers to connect (opens in new tab) it to a crypto application service (CAS) either they, or the company, manages. However, the ATM also allowed customers to upload videos from the terminal to the CAS - which is apparently where the bug was hiding.  A previously unknown, zero-day vulnerability, allowed the threat actors to upload and run a malicious Java application, and use it to drain the CASes operated...

Home News Computing (Image credit: Microsoft) Microsoft has just issued an update to its Outlook desktop client to protect users from hackers reportedly associated with the Russian military intelligence service GRU. Official bodies and government agencies appear to have been the key focus of the attack, which took place from as early as April 2022. The elevation of privilege vulnerability, according to Microsoft (opens in new tab), only affected Outlook for Windows. macOS, iOS, Android, and web versions of the email provider were unaffected during this time. Outlook vulnerabilityThe summary reads: “Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN m...

Home News Computing (Image credit: Shutterstock) 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals. That being said, the company found that the total malware (opens in new tab) volume was up 2% in 2022, after three straight years of decline. Ransomware up in volumeOverall, the entire European continent saw increased levels of malware (10%+), with Ukraine suffering a record 25.6 million attempts. Certain ...

Home News Computing (Image credit: Future) When it comes to securing the premises, the majority of businesses are prioritizing prevention over detection, investigation, and response, a new report has found. However as a result, large numbers of firms are being hit by data breaches or other attacks, with the incidents constantly getting worse. Researchers at Exabeam surveyed 500 IT security professionals, finding roughly two-thirds of the respondents (65%) prioritize prevention as their number one endpoint security (opens in new tab) goal. For a third (33%) - detection was the highest priority.  Too late to the partyTo make matters even worse - the businesses are actually acting on this thinking. Almost three-quarters (71%) spend between 21% and 50%...

Home News Computing (Image credit: Shutterstock.com) A new Android app has been found tricking unsuspecting users (even those with clean devices) into visiting malicious versions of popular websites, where they might end up giving away their login credentials, or even worse - money.  The findings come courtesy of Kaspersky, which found a malicious Android app carrying the Wroba.o/Agent.eq (a.k.a Moqhao, XLoader) malware was being distributed.  When the app is downloaded, it will try to connect to the Wi-Fi router the mobile device is connected to. To do that, it will try the most usual username/password combinations, as well as those known to come with factory settings (such as admin/admin). Should it succeed, it will change the DNS server to a malici...

Home News Computing (Image credit: Shutterstock / PopTika) Russian cybercriminals have been discovered trying to circumvent the restrictions on  ChatGPT and use the advanced AI-powered chatbot for their nefarious purposes. Check Point Research (CPR) said they spotted multiple discussions on underground forums where hackers discussed various methods, including using stolen payment cards to pay for upgraded user accounts on OpenAI, bypassing geofencing restrictions, and using a “Russian semi-legal online SMS service” to register ChatGPT. ChatGPT is a new artificial intelligence (AI) chatbot that made huge headlines due to its versatility and ease of use. Cybersecurity researchers have already seen hackers use the tool to generate believable phishing ema...

Home News Computing (Image credit: Pixabay) CircleCi has confirmed that a recent security incident it has been investigating was malware-powered grand theft data. The company revealed the news in a blog post (opens in new tab) that described what recently happened, what it did to minimize the damage, and how it plans on keeping its users safe in the future. In the blog, it was said that an employee with high privileges has had their laptop infected with token-stealing malware which gave the attackers keys to the kingdom. Stealing data for weeksThe malware apparently managed to run on the endpoint despite the device having an antivirus program installed. The attackers used the tool to grab session tokens which kept the employee logged in to some app...

Home News Computing (Image credit: Iaremenko Sergii / Shutterstock) Turla, a known Russian threat actor allegedly tied to the Kremlin, was observed recycling a decade-old and defunct malware to gain access to endpoints in Ukraine and spy on its targets. A report by cybersecurity experts Mandiant found that in mid-2022, Turla was re-registering expired domains of Andromeda, a common banking trojan that was being widely distributed almost a decade ago - in 2013.  By doing so, the group would take over the malware’s command & control (C2) servers, gaining access to the once-infected endpoints and their sensitive information. Hiding in plain sightOne of the advantages of this novel approach, the researchers claim, is the ability to stay hidden from cyb...