Malware

Trend Micro anti-virus zero-day exploited in attack on Mitsubishi Electric

There is some egg on the face of Trend Micro after it is revealed their anti-virus software was exploited to steal data from Mitsubishi Electric, but they aren’t the real villains of the story.

We’re dung for! Hackers hit firms with ransomware by exploiting Shitrix flaw

The REvil (also known as Sodinokibi) ransomware is being planted on corporate networks by hackers exploiting the Shitrix flaw in Citrix servers.

tripwire.com

Ransomware: The average ransom payment has doubled in just three months

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better.

Read more in my article on the Tripwire State of Security blog.

Jeff Bezos, WhatsApp, and Mohammed bin Salman – what you need to know

An investigation has concluded that Jeff Bezos’s smartphone was hacked after receiving a WhatsApp message from Mohammed bin Salman.

Read more about the background behind the story, and what we know so far.

Hackers are closing the Shitrix security hole to keep everyone out of Citrix servers apart from themselves

The hackers cleaning up Shitrix-vulnerable Citrix equipment are no modern day Robin Hoods.

They’re inoculating vulnerable devices from further Shitrix attacks, but at the same time opening a secret backdoor to allow future cybercriminal campaigns.

Boing Boing bounces back after hack attempted to infect users with fake Adobe Flash update

The extremely popular Boing Boing blog was hacked by an unknown party who planted malicious code into the site’s WordPress theme.

If you fear your computer may have been compromised you may be wise to run an up-to-date anti-virus program.

Travelex wants you to know that everything’s going really really well

Apparently the world’s largest foreign exchance service is making “good progress” following the attack which knocked out its systems two weeks ago.

Move along, nothing to see here.

Cable Haunt: Hundreds of millions of cable modems may be vulnerable to hijacking attack

Researchers warn that your cable modem might be vulnerable to hijacking, due to a critical security vulnerability in its Broadcom firmware.

Learn more now.

Shitrix: Hackers target unpatched Citrix systems over weekend

Over the last few days hackers have made multiple attempts to exploit a critical vulnerability found in Citrix technology, used by tens of thousands of businesses worldwide.

Take action to protect your systems now before the exploit hits you in the face.

Stop everything. Update Firefox now

A Firefox browser vulnerability that could allow attackers to take control of computers is being exploited in the wild.

Make sure you are running the very latest version of Firefox.

tripwire.com

Man jailed for using webcam RAT to spy on women in their bedrooms

A British man has been jailed for two years after police caught him using a notorious Remote Access Trojan (RAT) to hijack the webcams of young women, and spy upon them.

Read more in my article on the Tripwire State of Security blog.

City of Las Vegas wakes up to a cyber attack

In the early hours of Tuesday morning, city officials in Las Vegas were alerted that their computer network had suffered a security breach.

If it’s a ransomware attack, it sounds unlikely that they’ll be willing to give in to the extortionists’ demands.

“Planned maintenance”? Travelex’s masterclass in how not to respond to a cyberattack

For days Travelex’s website has said it was down for “planned maintenance”.

Now it finally admits that the company is struggling with a ransomware outbreak that has disrupted its online services.

Company held hostage by ransomware shuts down, tells 300 employees to find new jobs

It wasn’t a case of “Happy Holidays” for the employees of an Arkansas-based telemarketing firm after they were told to find new jobs just before Christmas, after failing to recover from a ransomware attack.

Travelex still offline after discovering malware on New Year’s Eve, and other banks’ currency services are also affected

The world’s largest foreign exchange bureau is still offline today, and the online currency services of other high street banks are disrupted.

Smashing Security #158: The man behind The Missing Cryptoqueen

We’re joined by special guest Jamie Bartlett of “The Missing Cryptoqueen” podcast in this bumper episode where we discuss his investigation into the OneCoin cryptocurrency scam, the Russian cybercriminals behind Evil Corp, and the mysterious leaks about the NHS that have turned oh-so-political…

All this and much much more can be found in the latest edition of the “Smashing Security” podcast, hosted by computer security veterans Graham Cluley and Carole Theriault.