News


  • Australia: 328 weaknesses found by WA Auditor-General in 50 local government systems

    May 12, 2021

    The Auditor-General of Western Australia on Wednesday tabled a report into the computer systems used at 50 local government entities, revealing 328 control weakness across the group. It was Auditor-General Caroline Spencer’s intention to list the entities, but given the nature of her findings, all case studies included in Local Government General Computer Controls omit ...

  • Researchers found three flaws in ACT e-voting system that could affect election outcomes

    May 12, 2021

    The Australian Capital Territory Standing Committee on Justice and Community Safety has been looking into the 2020 ACT Election and the Electoral Act, covering among other things, systems for electronic voting. The COVID-19 Emergency Response Legislation Amendment Act 2020 introduced temporary amendments to the Electoral Act for the October 2020 election. These included the deployment of ...

  • New Android malware targeting banks in Italy, Spain, Germany, Belgium, and the Netherlands

    May 11, 2021

    A new Android trojan has been identified by security researchers, who said on Monday that once it is successfully installed in the victim’s device, those behind it can obtain a live stream of the device screen and also interact with it via its Accessibility Services. The malware, dubbed “Teabot” by security researchers with Cleafy, has been ...

  • UK’s Computer Misuse Act to be reviewed, says Home Secretary as she condemns ransomware payoffs

    May 11, 2021

    Priti Patel has promised a government review of the UK’s 30-year-old Computer Misuse Act “this year” as well as condemning companies that buy off ransomware criminals. The Home Secretary pledged the legal review in a speech at the CyberUK conference this afternoon, organised by the National Cyber Security Centre (NCSC). “As part of ensuring that we have ...

  • Compsci boffin publishes proof-of-concept code for 54-year-old zero-day in Universal Turing Machine

    May 11, 2021

    A computer science professor from Sweden has discovered an arbitrary code execution vuln in the Universal Turing Machine, one of the earliest computer designs in history – though he admits it has “no real-world implications”. In a paper published on academic repository ArXiv, Pontus Johnson, a professor at the KTH Royal Institute of Technology in Stockholm, ...

  • Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

    May 11, 2021

    Over the weekend, the Alpharetta, GA based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial ...

  • DDoS attacks in Q1 2021

    May 10, 2021

    Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which attacks Linux devices. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency. Another active bot focused on Android devices with the ADB ...

  • Tips to avoid the new wave of ransomware attacks

    May 10, 2021

    There have been a lot of changes in ransomware over time. We want to help you protect your organization from this growing attack trend. The Colonial Pipeline ransomware attack is just part of a new onslaught of ransomware attacks that malicious actors are ramping up against high value victims. Why are we seeing this? These malicious actors ...

  • US and Australia warn of escalating Avaddon ransomware attacks

    May 10, 2021

    The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide. The FBI said in a TLP:GREEN flash alert last week that Avaddon ransomware affiliates are trying to breach the networks of manufacturing, ...

  • DarkSide ransomware will now vet targets after pipeline cyberattack

    May 10, 2021

    The DarkSide ransomware gang posted a new “press release” today stating that they are apolitical and will vet all targets before they are attacked. Last week, the ransomware gang encrypted the network for the Colonial Pipeline, the largest fuel pipeline in the United States. Read more… Source: Bleeping Computer Related story: Colonial Pipeline cyberattack shuts down pipeline that supplies ...

  • AXA pledges to stop reimbursing ransom payments for French ransomware victims

    May 10, 2021

    Insurance company AXA has revealed that, at the request of French government officials, it will end cyber insurance policies in France that pay ransomware victims back for ransoms paid out to cybercriminals. While unconfirmed, the Associated Press reported that the move was an industry first. AXA is one of the five biggest insurers in Europe and ...

  • Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks

    May 10, 2021

    Researchers have explored the latest activities of the Lemon Duck hacking group, including the leverage of Microsoft Exchange Server vulnerabilities and the use of decoy top-level domains. The active exploit of zero-day Microsoft Exchange Server vulnerabilities in the wild was a security disaster for thousands of organizations. Four critical flaws, dubbed ProxyLogon, impact on-prem Microsoft Exchange Server ...

  • NAME:WRECK DNS Bugs: What You Need to Know

    May 9, 2021

    For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries. That’s because the Domain Name System (DNS) protocol does a good job of seamlessly routing users to different IP addresses that are all associated with a single domain name. The ...

  • Colonial Pipeline cyberattack shuts down pipeline that supplies 45% of East Coast’s fuel

    May 8, 2021

    Colonial Pipeline, which accounts for 45% of the East Coast’s fuel, said it has shut down its operations due to a cyberattack. The attack highlights how ransomware and other cyberattacks are increasingly a threat to real-world infrastructure. The company delivers refined petroleum products such as gasoline, diesel, jet fuel, home heating oil and fuel for the ...

  • Qualcomm chip vulnerability found in millions of Google, Samsung, and LG phones

    May 8, 2021

    Millions of phones across the globe were affected by a vulnerability found within a ubiquitous Qualcomm chipset, according to researchers with Israeli cybersecurity firm Checkpoint. Check Point’s Slava Makkaveev published a blog post on Thursday highlighting a security flaw in Qualcomm’s Mobile Station Modem Interface “that can be used to control the modem and dynamically patch ...

  • Google teams up with Stop Scams to tackle financial fraud in the UK

    May 8, 2021

    Google has joined Stop Scams and outlined new measures to try and clamp down on financial fraud in the United Kingdom. On Friday, Vice President and MD of Google UK & Ireland, Ronan Harris, said that Google is the first major tech giant to partner with Stop Scams UK, an industry-led group that aims to tackle ...

  • Russian state hackers switch targets after US joint advisories

    May 7, 2021

    Russian Foreign Intelligence Service (SVR) operators have switched their attacks to target new vulnerabilities in reaction to US govt advisories published last month with info on SVR tactics, tools, techniques, and capabilities used in ongoing attacks. The warning comes after US and UK governments formally attributed the SolarWinds supply-chain attack and COVID-19 vaccine developer targeting to Russian SVR ...

  • New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers

    May 6, 2021

    Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers. In simpler terms, authoritative DNS servers translate web domains to IP addresses and pass this info to recursive DNS servers that get queried by ...

  • Operation TunnelSnake

    May 6, 2021

    Formerly unknown rootkit used to secretly control networks of regional organizations Windows rootkits, especially those operating in kernel space, are pieces of malware infamous for their near absolute power in the operating system. Usually deployed as drivers, such implants have high privileges in the system, allowing them to intercept and potentially tamper with core I/O operations ...

  • Ryuk ransomware finds foothold in bio research institute through student who wouldn’t pay for software

    May 6, 2021

    Security researchers have provided insight into how a single student unwittingly became the conduit for a ransomware infection that cost a biomolecular institute a weeks’ worth of vital research. In a report due to be published on Thursday, Sophos described the case, in which the team was pulled in to neutralize an active cyberattack on a ...