Malware

Android users at risk from Bluetooth hijack attack, and are warned of “short distance worm” threat

Hackers could exploit a flaw on unpatched Android 8.0 and 9.0 phones to run malicious code such as a worm, with no user interaction required.

bitdefender.com

How your network could be hacked through a Philips Hue smart bulb

Security researchers have shared some details of vulnerabilities they have found in Philips Hue smart bulbs that could be exploited by hackers to compromise networks remotely.

Read more in my article on the Hot for Security blog.

Coronavirus – hackers exploit fear of infection to spread malware

With sad predictability cybercriminals are exploiting the Coronavirus outbreak that occurred in Wuhan, mainland China, and is now causing new infections around the world.

Travelex hobbles back online, one month after ransomware hit it hard

The beleaguered company, hit by the REvil ransomware on New Year’s Eve, has not yet been able to restore all of its online services.

tripwire.com

The NHS has only suffered six ransomware attacks since the WannaCry worm, investigation reveals

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #163: Russian heists and Ring wrongs

Should possessing malware be illegal in itself? How did a Russian cryptocurrency exchange millionaire lose his fortune? And what on earth are Amazon Ring doorbell cams up to now?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte, and Adrian Sanabria from Thinkst Canary.

1 in 10 Macs hit by crude malware that poses as Flash Player update, reports Kaspersky

If the criminals are continuing to make money by infecting Apple Mac computers in this fashion, whatever makes you think that they’ll come up with a more original social engineering trick?

A Magecart hacking gang may have been caught by police for the first ever time

Police in Indonesia, working alongside Interpol, have arrested three men suspected of being part of a gang engaged in Magecart attacks that skimmed payment card information from online shoppers.

Trend Micro anti-virus zero-day exploited in attack on Mitsubishi Electric

There is some egg on the face of Trend Micro after it is revealed their anti-virus software was exploited to steal data from Mitsubishi Electric, but they aren’t the real villains of the story.

We’re dung for! Hackers hit firms with ransomware by exploiting Shitrix flaw

The REvil (also known as Sodinokibi) ransomware is being planted on corporate networks by hackers exploiting the Shitrix flaw in Citrix servers.

tripwire.com

Ransomware: The average ransom payment has doubled in just three months

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better.

Read more in my article on the Tripwire State of Security blog.

Jeff Bezos, WhatsApp, and Mohammed bin Salman – what you need to know

An investigation has concluded that Jeff Bezos’s smartphone was hacked after receiving a WhatsApp message from Mohammed bin Salman.

Read more about the background behind the story, and what we know so far.

Hackers are closing the Shitrix security hole to keep everyone out of Citrix servers apart from themselves

The hackers cleaning up Shitrix-vulnerable Citrix equipment are no modern day Robin Hoods.

They’re inoculating vulnerable devices from further Shitrix attacks, but at the same time opening a secret backdoor to allow future cybercriminal campaigns.

Boing Boing bounces back after hack attempted to infect users with fake Adobe Flash update

The extremely popular Boing Boing blog was hacked by an unknown party who planted malicious code into the site’s WordPress theme.

If you fear your computer may have been compromised you may be wise to run an up-to-date anti-virus program.

Travelex wants you to know that everything’s going really really well

Apparently the world’s largest foreign exchance service is making “good progress” following the attack which knocked out its systems two weeks ago.

Move along, nothing to see here.

Cable Haunt: Hundreds of millions of cable modems may be vulnerable to hijacking attack

Researchers warn that your cable modem might be vulnerable to hijacking, due to a critical security vulnerability in its Broadcom firmware.

Learn more now.