Security Stop Press : UK Government Proposes Ransomware Payment Ban
The UK government is consulting on plans to ban ransomware payments by public sector bodies and critical national infrastructure (CNI) to disrupt the financial model underpinning cybercrime. The proposals also include mandatory reporting of ransomware attacks and measures to block payments to criminal groups, aiming to reduce the threat and support law enforcement investigations. Ransomware […]
Security Stop Press : Toyota Hack Warning
Toyota Financial Services (TFS), a subsidiary of Toyota Motor Corporation, has warned customers that it recently suffered a data breach which exposed sensitive personal and financial data. The correspondence with affected customers follows Toyota confirming last month that unauthorised access on some of its Europe (and Africa) systems had been detected. Medusa ransomware reported that […]
Security Stop-Press : Top Three Malware Threats Identified
Check Point’s latest Global Threat Index has highlighted how three particular malware families (info-stealers) made up approaching a fifth (16 per cent) of global detections in September. These are AgentTesla (RAT malware) that affected 7 percent of organisations, SnakeKeylogger, a Modular .NET keylogger and credential stealer that affected 5 per cent of organisations, and the […]
Security Stop Press : TikTok Interference Annuls Romanian Elections
Romania’s Constitutional Court has annulled the first round of its presidential election due to allegations of Russian interference via TikTok. Far-right candidate Călin Georgescu, a pro-Russian figure, had won with 23 per cent of the vote. Intelligence revealed a sophisticated influence operation involving over 25,000 TikTok accounts, which amplified Georgescu’s campaign, garnering 52 million video […]
Security Stop-Press : Threat From Exploiting Macros In Microsoft Word Due To macOS Flaw
Microsoft’s 365 Defender Research Team has warned that a flaw in macOS coupled with Microsoft Word’s backward compatibility could allow the circumvention of App Sandbox rules. This could enable potentially malicious macros to run in Word, leading to users downloading malware, or ransomware. The advice is for macOS users to install the security updates released […]
Security Stop Press : Thousands Of Brand Subdomains Hijacked For Spam
Cyber Security Company, Guardio Labs, has reported uncovering a major “SubdoMailing” campaign which involves the hijacking of 8,000+ trusted domains to send millions of spam and malicious phishing emails daily. Brands whose subdomains are being exploited in the campaign include MSN, VMware, McAfee, The Economist, Cornell University, CBS, Marvel, and eBay. Guardio Labs said it […]
Security Stop Press : The Threat Of Sleeper Agents In LLMs
AI company Anthropic has published a research paper highlighting how large language models (LLMs) can be subverted so that at a certain point, they start emitting maliciously crafted source code. For example, this could involve training a model to write secure code when the prompt states that the year is 2024 but insert exploitable code […]
Security Stop-Press : The FCA Warns About Screen-Sharing Threat
The Financial Conduct Authority (FCA) has warned that there has been an 86 percent rise (July to Dec 2021 compared to the previous year) of a screen-sharing scam. The FCA reports that the scam involves people posing as investment advisers and offering to help their targets to set up new schemes via online meeting platforms. […]
Security Stop Press : Teenager Arrested In Connection With TfL Cyber Attack
A 17-year-old male has been arrested on suspicion of Computer Misuse Act offences in relation to a cyber attack on Transport for London (TfL) on the 1st September. Although TfL reported on its website on September 5th that “there is no evidence that any customer data has been compromised”, it has since been reported that […]
Security Stop-Press : “Swiss Army Knife Malware” Warning
A report from Picus Security has warned of the rise of multi-purpose strains of malware, which it dubs “Swiss Army knife malware” capable of performing all kinds of actions. Picus Security’s analysis of 550,000 real-world malware samples revealed that one third carry at least 20 individual Tactics, Techniques, and Procedures (TTP) with the most common […]