In the past few years, the ransomware market has heated up, leading to more payouts for threat actors and more attacks overall. However, in late 2023, with the seizure of BlackCat ALPHV by law enforcement, among other factors, the business side of ransomware-as-a-service (RaaS) has been put on ice, at least somewhat...Read more...
Side channel attacks are always fascinating to see how they are executed, such as the recent discovery that encryption keys could be stolen by recording power LEDs on various devices. Researchers have found that malicious websites might be able to see usernames and other sensitive information by leaking it from...Read more...
This past July, we wrote about a report published by Coverware that found that the dollar value of the median ransomware payment was on a downward trajectory beginning in Q1 2022 and continuing in Q2 of the same year. However, we weren’t sure whether this decrease in the value of individual payments would reflect in...Read more...
Among the requirements for installing Windows 11 are two security features: Trusted Platform Module (TPM) version 2.0 and Secure Boot. As we’ve documented before, it’s possible to sidestep these requirements and force a Windows 11 install or upgrade anyway. Microsoft even published a registry hack to give users this...Read more...
In 2021, The Intercept reported that the Taliban had seized biometric devices left behind by the US military in Afghanistan, giving them identifiable information on those who worked with American forces. A group of researchers in Germany called the Chaos Computer Club, led by Matthias Marx, wondered if it was really...Read more...
Earlier this year, researchers from the threat intelligence group Red Canary identified an infectious computer worm that was found to have been present in customers’ environments going back to September 2021. According to later analysis by Microsoft, this malware, which researchers named “Raspberry Robin,” may date as...Read more...
On September 5, Los Angeles Unified School District (LAUSD), the second largest school district in the United States, published a news release disclosing a ransomware attack on its internal systems. While LAUSD is far from the only school to have been hit by ransomware this year, the size of the school district has...Read more...
Ransomware attacks have been targeting school districts, hospitals, government organizations, businesses, and even hospitals in recent years. It's a rather nasty piece of work; it can cause loss of data, stolen data, more viruses, and even inaccessibility to systems necessary for operations. An entire town in Canada...Read more...
Over the weekend, a ransomware attack hit a French hospital, forcing the facility to turn away patients. The staff of the affected hospital, the Centre Hospitalier Sud Francilien (CHSF), has had to return to using pen and paper to keep track of patients, as the main computer systems have been rendered inaccessible...Read more...
We wrote last week about research showing that Meta takes advantage of the in-app browser feature on mobile devices to inject JavaScript into web pages viewed in the Facebook, Instagram, and Messenger mobile apps. Now that same researcher has found that the TikTok in-app browser injects JavaScript which functions...Read more...
In May of last year, Colonial Pipeline was struck by a ransomware attack, prompting the Colonial Pipeline Company to take certain systems offline in an attempt to contain the attack. As a result, all pipeline operations were temporarily halted, shutting off the flow of fuel to the eastern seaboard. Shortly thereafter...Read more...
Ransomware can be both disruptive and costly for its victims. A recent report found that the total downtime resulting from ransomware attacks in 2021 cost schools a whopping $3.56 billion. The sudden encryption of data on computer systems critical to an organization’s regular operations presents a major problem when...Read more...
A cybersecurity report published last month revealed the passwords most commonly used by business owners and executives, and topping this list were “123456” and “password.” The commonality of such remarkably weak passwords among not just ordinary users, but high-ranking executives of large corporations is almost...Read more...
Ransomware is bad news not only because it can cause business-ending disruptions, as in the case of Abraham Lincoln College, but also because the actors behind ransomware attacks often exfiltrate data from compromised systems in addition to encrypting the data on said machines. Ransomware gangs tend to use this stolen...Read more...
On Wednesday, February 23rd, Russia announced its invasion of Ukraine through a "special military operation." Since then, fighting has continued in Ukraine, and amidst the turmoil, hacking groups in the region and around the world have taken sides, threatening cyberwar against Russia, Ukraine, or the United...Read more...
Just yesterday, we reported on The Telegraph's report claiming that NVIDIA had suffered a cyber-attack. NVIDIA didn't provide any details, but the company's statement that it was "investigating an incident" was admission enough. As it stood last night, it seemed clear something had happened, but we didn't know...Read more...
Earlier this month, we reported on a security flaw in Apple iOS devices and Macs, but now it’s Samsung’s turn. Tel-Aviv University researchers have published a paper detailing a major security flaw in Samsung Galaxy phones going back to the Galaxy S9. The researchers estimate that Samsung shipped roughly 100 million...Read more...
A number of cybersecurity experts and teams have recently released reports going over cybersecurity data from 2021 and detailing the growing ransomware threat. We covered a report revealing which industries and countries were hit the most by ransomware, as well as a report that ransomware attacks doubled in...Read more...
This should go without saying, but "password" is a terrible password. The same goes for "12345" and "123456," among others. And no, adding more numbers in sequential order won't make your account more secure because as it turns out, "123456789" is the second most commonly used bad password, according to a new report.
Researchers at NordVPN Read more...
In computer security, "cracking" systems is all about gaining access where you aren't supposed to have it. One of the most definitive ways to do this is by "pwning"—or "taking control of"—a system's main memory interface. Normally, doing so requires physical access to the system, but security researchers have...Read more...
Remember the old days of code pages and customized OSes for specific languages, like DOS/V? Unicode has more or less solved the biggest issue with displaying non-ASCII glyphs on computers, although it's still up to the operating system to implement support, of course.
Did you know you can write source in Unicode...Read more...
It is an awful feeling to have something stolen from your property, like a package left on your doorstep, or to know that a burglar has been rummaging in your home. Fortunately, home security solutions have come a long way. To that end, Ring today announced the Floodlight Cam Wired Pro, which is basically a high-tech...Read more...