Tim Starks – Page 47 – WindowsTechs.com

Apple patches zero-day flaw that hackers may have exploited

Posted on July 27, 2021 by Tim Starks

Apple has released updates for its mobile, iPad and computer operating systems, fixing a zero-day flaw that appears to be the subject of active exploitation. The patch comes mere days after another update that tackled 40 vulnerabilities. The latest software update comes in the wake of reports that the Israeli spyware firm NSO Group had developed a hacking tool that helps its customers remotely compromise iOS systems. Whether the patch address those technical issues was not immediately clear. Apple did not immediately respond to a request for comment. The prior Apple update did not address the NSO Group exploits. The iOS 14.7.1, iPadOS 14.7.1 and Big Sur 11.5.1 patch notes are likewise mum, other than to say that an anonymous researcher brought the vulnerability to Apple’s attention. The issue involved improper access to kernel mode, which a hacker could have abused to access the underlying hardware on a device, and […]

The post Apple patches zero-day flaw that hackers may have exploited appeared first on CyberScoop.

Continue reading Apple patches zero-day flaw that hackers may have exploited→

Kaseya says it didn’t pay ransomware gang for decryption key after hacks affected hundreds

Posted on July 26, 2021 by Tim Starks

Kaseya, the company at the center of a ransomware outbreak that claimed perhaps thousands of victims, said on Monday that it didn’t pay off the attackers to obtain the decryption tool it announced last week. The Florida IT firm, breached just before the July 4 holiday, did not elaborate on how it obtained the working decryption key, beyond its statement that a “trusted third party” provided it. “While each company must make its own decision on whether to pay the ransom, Kaseya decided after consultation with experts to not negotiate with the criminals who perpetrated this attack and we have not wavered from that commitment,” the company said in a website update. “As such, we are confirming in no uncertain terms that Kaseya did not pay a ransom — either directly or indirectly through a third party — to obtain the decryptor.” Kaseya said it was teaming with the security firm […]

The post Kaseya says it didn’t pay ransomware gang for decryption key after hacks affected hundreds appeared first on CyberScoop.

Continue reading Kaseya says it didn’t pay ransomware gang for decryption key after hacks affected hundreds→

Scammers are using fake Microsoft 11 installers to spread malware

Posted on July 26, 2021 by Tim Starks

Windows 11 won’t hit the street until later this year, but that hasn’t stopped hackers from trying to use it to infect victims with malware. Security firm Kaspersky warned on Friday that crooks were exploiting people overeager to get their hands on the Microsoft operating system update, due for fall release, with fake installers. “Although Microsoft has made the process of downloading and installing Windows 11 from its official website fairly straightforward, many still visit other sources to download the software, which often contains unadvertised goodies from cybercriminals (and isn’t necessarily Windows 11 at all),” Kaspersky wrote. Those sarcastic “goodies” range from relatively innocuous adware to password stealers and trojans. It’s not unprecedented for cybercriminals to use demand for a product or service to take advantage of victims, be it coronavirus contact tracing apps or the Telegram encrypted messaging app. Microsoft announced Windows 11 in late June, and shortly after […]

The post Scammers are using fake Microsoft 11 installers to spread malware appeared first on CyberScoop.

Continue reading Scammers are using fake Microsoft 11 installers to spread malware→

Dutch police bust alleged ‘Fraud Family’ phishing service members

Posted on July 23, 2021 by Tim Starks

Dutch police have arrested two people for their alleged involvement in a phishing fraud-as-a-service scheme, one of them a 15-year-old suspect and the other a 24-year-old due to appear in court on Friday. Authorities got an assist from security vendor Group-IB in the arrests for the “Dutch-speaking syndicate that develops, sells and rents sophisticated phishing frameworks,” according to the company. Group-IB had dubbed the syndicate and its “massive” operation “Fraud Family.” The unnamed 24-year-old is accused of developing the phishing service kits, while the 15-year-old allegedly sold them. The younger suspect was released pending further investigation. Dutch police also said they searched a third 18-year-old suspect. Group-IB said the Fraud Family operation, which has mainly hit victims in the Netherlands and Belgium since at least 2020 but perhaps as far back as 2018, is focused on stealing banking credentials. The criminals advertised their service to less-skilled cyber crooks on the […]

The post Dutch police bust alleged ‘Fraud Family’ phishing service members appeared first on CyberScoop.

Continue reading Dutch police bust alleged ‘Fraud Family’ phishing service members→

No cyberattack in sprawling internet outage, Akamai says

Posted on July 22, 2021 by Tim Starks

A global internet outage on Thursday downed tens of thousands of websites, including those of giant corporations like McDonald’s and Delta Airlines, according to companies that track web statistics. But the company at the center of it says the downtime was not the result of a hack, data breach or other kind of malicious attack. Internet infrastructure company Akamai said it has fixed the issue that it began investigating shortly after noon EST. The specific problem was with Akamai Edge DNS, a service that touts its ability to provide constant Domain Name System availability. “Akamai can confirm this was not a cyberattack against Akamai’s platform,” the company said in a statement. “A software configuration update triggered a bug in the DNS system, the system that directs browsers to websites,” the company said in a statement explaining what went wrong. “This caused a disruption impacting availability of some customer websites.” Before […]

The post No cyberattack in sprawling internet outage, Akamai says appeared first on CyberScoop.

Continue reading No cyberattack in sprawling internet outage, Akamai says→

Chinese spies are exploiting routers to try hacking French targets, cyber agency says

Posted on July 21, 2021 by Tim Starks

France’s national cybersecurity agency said on Wednesday that it is contending with a massive campaign by Chinese state-backed hackers targeting French organizations through compromised routers. The Agence nationale de la sécurité des systèmes d’information (French National Agency for the Security of Information Systems), or ANSSI, released forensic information to help French entities to recognize if they had been compromised. The alert did not specify which industries or specific organizations were targets. ANSSI said the APT31 group, sometimes known as Zirconium or Judgment Panda, carried out the reconnaissance. The group’s prior targets include Finland’s parliament, according to a June allegation from the Finnish Security and Intelligence Service, and the presidential campaign of then-contender Joe Biden in 2020, according to Google’s Threat Analysis Group. APT31’s effort in France is “a large intrusion campaign of compromise” that is “still in progress and still ongoing,” according to an English version of the ANSSI alert. France’s […]

The post Chinese spies are exploiting routers to try hacking French targets, cyber agency says appeared first on CyberScoop.

Continue reading Chinese spies are exploiting routers to try hacking French targets, cyber agency says→

Chat logs show how Egregor, an $80 million ransomware gang, handled negotiations with little mercy

Posted on July 21, 2021 by Tim Starks

In a series of ransomware payment negotiations last December, operatives from a gang known as “Egregor” alternated from treating their victims with surprising civility, and behaving like cartoonish movie villains. “The Egregor Team wishes you a Merry Christmas and a Happy New Year,” they’d say at intervals of their chat room communications, sometimes in the middle of an extortion back-and-forth. “We wish you wisdom in your decision making and financial stability in this difficult time for us all. Happy Holidays!” In another exchange, they weren’t as kind, threatening to leak victims’ data and publish it on a website as a warning to other organizations that might fall in the group’s crosshairs. “We simply need to determine what category you should be placed in. In the category of those who are ready to negotiate and pay or in the category of scarecrows on our news site,” one exchange read. “It’s not […]

The post Chat logs show how Egregor, an $80 million ransomware gang, handled negotiations with little mercy appeared first on CyberScoop.

Continue reading Chat logs show how Egregor, an $80 million ransomware gang, handled negotiations with little mercy→

TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware

Posted on July 20, 2021 by Tim Starks

The Transportation Security Administration on Tuesday handed down additional cybersecurity requirements for owners of major pipelines, this time focused on ransomware. It’s the second time the Department of Homeland Security’s TSA has issued a security directive to critical pipeline owners since ransomware attackers struck Colonial Pipeline in May, an incident that spurred panic-buying amid fears of a gas shortage. The specific requirements of the directive were not immediately clear. “This Security Directive requires owners and operators of TSA-designated critical pipelines to implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review,” a DHS statement reads. The same month of the Colonial Pipeline attack, TSA threatened to fine certain pipeline owners — an estimated 100 companies — if they failed to meet cybersecurity guidelines. TSA […]

The post TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware appeared first on CyberScoop.

Continue reading TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware→

US blames China for Microsoft hacking, ransomware attacks as part of global condemnation

Posted on July 19, 2021 by Tim Starks

The U.S. and its allies on Monday blamed China for exploiting flaws in Microsoft Exchange Server that enabled worldwide ransomware attacks on tens of thousands of victims. It was part of a multi-front response Monday from the European Union, NATO U.S. intelligence partners that included the announcement of charges against four Chinese hackers that the Justice Department said worked on behalf of Beijing to breach U.S. companies and institutions over a span of seven years. For the first time, the U.S. government also accused the Chinese government of employing criminal hackers who have conducted criminal attacks. U.S. government agencies also released a technical report Monday, first reported by CyberScoop, that warned of China’s ongoing appetite for targeting the defense, medical, semiconductor and other industries to steal intellectual property. “No one action can change China’s behavior in cyberspace and neither can just one country acting on its own,” a senior administration […]

The post US blames China for Microsoft hacking, ransomware attacks as part of global condemnation appeared first on CyberScoop.

Continue reading US blames China for Microsoft hacking, ransomware attacks as part of global condemnation→

Cryptographers unearth vulnerabilities in Telegram’s encryption protocol

Posted on July 16, 2021 by Tim Starks

An international team of computer scientists reported on Friday that they found four cryptographic vulnerabilities in the popular encrypted message app Telegram. The weaknesses range “from technically trivial and easy to exploit to more advanced and of theoretical interest,” according to the security analysis. But ultimately they prove that the four key issues “could be done better, more securely and in a more trustworthy manner with a standard approach to cryptography,” said ETH Zurich Professor Kenny Paterson, who was part of the team that uncovered the flaw. The most significant of the vulnerabilities the researchers uncovered is what they called the “crime-pizza” vulnerability. In it, an attacker could alter the order of messages coming from a client to a cloud server that Telegram operates. “For example, if the order of the messages in the sequence ‘I say “yes” to’, ‘pizza’, ‘I say “no” to’, “crime” was altered then it would […]

The post Cryptographers unearth vulnerabilities in Telegram’s encryption protocol appeared first on CyberScoop.

Continue reading Cryptographers unearth vulnerabilities in Telegram’s encryption protocol→