November 2022

Cybercriminals are continuing to prey on users searching for cracked software by directing them to fraudulent websites hosting weaponized installers that deploy malware called NullMixer on compromised systems.   "When a user extracts and executes NullMixer, it drops a number of malware files to the compromised machine," cybersecurity firm Kaspersky said in a Monday report. "It drops a wide variety of malicious binaries to infect the machine...

Read More

Windows 11 2022 (22H2 release) is now out, and Microsoft has once again placed a heavy emphasis on security. The good news for this release is that even Windows Home versions can receive some of the key security features with no additional Windows or Microsoft 365 licensing. Review the Windows 11 22H2 security baseline documents and begin to test these features.   Windows 11 release cadence   First, a...

Read More

Last month Tech Crunch reported that payment terminal manufacturer Wiseasy had been hacked. Although Wiseasy might not be well known in North America, their Android-based payment terminals are widely used in the Asia Pacific region and hackers managed to steal passwords for 140,000 payment terminals.   How Did the Wiseasy Hack Happen?   Wiseasy employees use a cloud-based dashboard for remotely managing payment terminals. This dashboard allows the company...

Read More

London-based cryptocurrency-trading platform Wintermute saw cyberattackers take off with $160 million this week, likely due to a security vulnerability found in a partner's code. The incident showcases deep concerns around implementing security for this finance sector, researchers say.   Wintermute founder and CEO Evgeny Gaevoy took to Twitter to say that the heist was aimed at the company's decentralized finance (DeFi) arm, and that while the incident...

Read More

A report released this week by OpinionMatters and commissioned by Noname Security found that more than three out of four senior cybersecurity professionals in the US and UK said that their organization had experienced at least one API-related security incident within the last 12 months.   A similar number, 74%, said that they had not completed a full inventory of all APIs in their systems, or have...

Read More

Uber, in an update, said there is "no evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday.   "We have no evidence that the incident involved access to sensitive user data (like trip history)," the company said. "All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational."   The ride-hailing company...

Read More

Questions are swirling around Uber's internal security practices after an 18-year-old hacker gained what appears to have been complete administrative access to critical parts of the company's IT infrastructure using an employee's VPN credentials as an initial access vector.   Numerous screenshots that the alleged attacker posted online suggest the intruder did not have to breach a single internal system to essentially pwn the ride-sharing giant's IT...

Read More

Open-source security has been high on the agenda this year, with a number of initiatives, projects, and guidance launched in 2022 to help improve the cyber resiliency of open-source code, software and development. Vendors, tech firms, collectives and governments have contributed to helping raise the open-source security bar amid organizations’ increasing use of and reliance upon open-source resources, along with the complex security risks and...

Read More

The Irish Data Protection Commissioner will fine Instagram $402 million for allegedly mishandling the personal data of children, specifically through default settings that left phone numbers and email addresses for users between the ages of 13 and 17 exposed via Instagram business accounts, according to published reports.   It’s the second-largest fine ever handed out by EU-based regulators, behind only the $739 million that Luxembourg authorities levied...

Read More

A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits.   "If the devices are compromised, they will be fully controlled by attackers, who could utilize those devices to conduct further attacks such as distributed denial-of-service (DDoS) attacks," Palo Alto Networks Unit 42 said in a Tuesday report.   MooBot, first disclosed by...

Read More