Cybersecurity News


Internet Backbone Giant Lumen Shuns .RU

Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world's Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen's decision comes just days after a similar exit by backbone provider Cogent, and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president's war in Ukraine.
08 March 2022

Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday

Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.
08 March 2022

The Uncertain Future of IT Automation

The Uncertain Future of IT Automation While IT automation is growing, big challenges remain. Chris Hass, director of information security and research at Automox, discusses how the future looks.
08 March 2022

Zero-Click Flaws in Widely Used UPS Devices Threaten Critical Infratructure

Zero-Click Flaws in Widely Used UPS Devices Threaten Critical Infratructure The 'TLStorm' vulnerabilities, found in APC Smart-UPS products, could allow attackers to cause both cyber and physical damage by taking down critical infrastructure.
08 March 2022

Bug in the Linux Kernel Allows Privilege Escalation, Container Escape

Bug in the Linux Kernel Allows Privilege Escalation, Container Escape A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel.
08 March 2022

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies.
07 March 2022

Novel Attack Turns Amazon Devices Against Themselves

Novel Attack Turns Amazon Devices Against Themselves Researchers have discovered how to remotely manipulate the Amazon Echo through its own speakers.
07 March 2022

Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked.
07 March 2022

Nvidia’s Stolen Code-Signing Certs Used to Sign Malware

Nvidia’s Stolen Code-Signing Certs Used to Sign Malware Nvidia certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines.
07 March 2022

Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape

Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape Both vulnerabilities are use-after-free issues in Mozilla's popular web browser.
07 March 2022

Cyber‑readiness in the face of an escalated gray zone conflict

Organizations worldwide should remain on high alert for cyberattacks as the risk of major cyber-spillover from the crisis in Ukraine continues to loom large

The post Cyber‑readiness in the face of an escalated gray zone conflict appeared first on WeLiveSecurity

07 March 2022

How the tech community has rallied to Ukraine’s cyber-defence | Joyce Hakmeh and Esther Naylor

How the tech community has rallied to Ukraine’s cyber-defence | Joyce Hakmeh and Esther Naylor

From an army of volunteers to EU and Nato teams, the variety of online actors working for the cause is unprecedented

As the conflict in Ukraine escalates, expert cyber-watchers have been speculating about the kind of cyber-attacks that Russia might conduct. Will the Kremlin turn off Ukraine’s power grid, dismantle Ukraine’s transport system, cut off the water supply or target the health system? Or would cybercriminals operating from Russia, who could act as proxies for the Russian regime, conduct these activities?

Over the past decade, Ukraine has experienced many major cyber-attacks, most of which have been attributed to Russia. From election interference in 2014, which compromised the central electoral system and jeopardised the integrity of the democratic process; to a hack and blackout attack in a first-of-its-kind fully remote cyber-attack on a power grid in 2015, resulting in countrywide power outages; to one of the costliest malicious software attacks, NotPetya, in 2017, which significantly disrupted access to banking and government services in Ukraine and, subsequently, spilled over to France, Germany, Italy, Poland, Russia, the UK, the US and Australia.

Joyce Hakmeh is a senior research fellow for the International Security Programme at Chatham House. Esther Naylor is a research analyst at the International Security Programme

Continue reading...
07 March 2022

Massive Meris Botnet Embeds Ransomware Notes from REvil

Massive Meris Botnet Embeds Ransomware Notes from REvil Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.
04 March 2022

Conti Ransomware Group Diaries, Part III: Weaponry

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it's like to be an employee of Conti's sprawling organization. Today's Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.
04 March 2022

Week in security with Tony Anscombe

New malware targeting organizations in Ukraine – How organizations can improve their cyber-resiliency – Scammers taking advantage of the crisis

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

04 March 2022

Free HermeticRansom Ransomware Decryptor Released

Free HermeticRansom Ransomware Decryptor Released Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.
04 March 2022

These are the problems that cause headaches for bug bounty hunters

A researcher shares his thoughts on the challenges of responsible vulnerability disclosure.
04 March 2022

Emergency preparedness: How to disaster‑proof your tech

Here are a few tips that will help you get your ‘go bag’ ready if you have to leave at a moment’s notice and need your communications and data to survive

The post Emergency preparedness: How to disaster‑proof your tech appeared first on WeLiveSecurity

04 March 2022

Phishing Campaign Targeted Those Aiding Ukraine Refugees

Phishing Campaign Targeted Those Aiding Ukraine Refugees A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians.
03 March 2022

Russia Leaks Data From a Thousand Cuts–Podcast

Russia Leaks Data From a Thousand Cuts–Podcast It’s not just Ukraine: There's a flood of intel on Russian military, nukes and crooks, says dark-web intel expert Vinny Troia, even with the Conti ransomware gang shuttering its leaking Jabber chat server.
03 March 2022