Enlarge (credit: Getty Images) When you visit an HTTPS-protected website, your browser doesn’t exchange data with the webserver until it has ensured that the site’s digital certificate is valid. That prevents hackers with the ability to monitor or modify data passing between you and the site from obtaining authentication cookies or executing malicious code on […]
Enlarge (credit: Getty Images) The FBI said it has seized $2.3 million paid to the ransomware attackers who paralyzed the network of Colonial Pipeline and touched off gasoline and jet fuel supplies up and down the East Coast last month. In dollar amounts, the sum represents about half of the $4.4 million that Colonial Pipeline […]
Enlarge (credit: Frank Lindecke / Flickr) Cybersecurity truisms have long been described in simple terms of trust: Beware email attachments from unfamiliar sources, and don’t hand over credentials to a fraudulent website. But increasingly, sophisticated hackers are undermining that basic sense of trust and raising a paranoia-inducing question: What if the legitimate hardware and software […]
Enlarge A VMware vulnerability with a severity rating of 9.8 out of 10 is under active exploitation. At least one reliable exploit has gone public, and there have been successful attempts in the wild to compromise servers that run the vulnerable software. The vulnerability, tracked as CVE-2021-21985, resides in the vCenter Server, a tool for […]
Enlarge (credit: Getty Images) The Justice Department has created a task force to centrally track and coordinate all federal cases involving ransomware or related types of cybercrime, such as botnets, money laundering, and bulletproof hosting. “To ensure we can make necessary connections across national and global cases and investigations … we must enhance and centralize […]
Enlarge / Ransomware (credit: Getty Images) The cyberattack that halted some operations at the world’s biggest meat processor this week was the work of REvil, a ransomware franchise that’s known for its ever-escalating series of cut-throat tactics designed to extort the highest price. The FBI made the attribution on Wednesday, a day after word emerged […]
Enlarge (credit: Matthew Stockman / Getty Images) A ransomware attack has struck the world’s biggest meat producer, causing it to halt some operations in the US, Canada, and Australia while threatening shortages throughout the world, including up to a fifth of the American supply. Brazil-based JBS SA said on Monday that it was the target […]
Enlarge (credit: Amazon) If you use Alexa, Echo, or any other Amazon device, you have only 10 days to opt out of an experiment that leaves your personal privacy and security hanging in the balance. On June 8, the merchant, Web host, and entertainment behemoth will automatically enroll the devices in Amazon Sidewalk. The new […]
Enlarge (credit: Apple) Apple’s new M1 CPU has a flaw that creates a covert channel that two or more malicious apps—already installed—can use to transmit information to each other, a developer has found. The surreptitious communication can occur without using computer memory, sockets, files, or any other operating system feature, developer Hector Martin said. The […]
Enlarge (credit: Getty Images) The Kremlin-backed hackers who targeted SolarWinds customers in a supply chain attack have been caught conducting a malicious email campaign that delivered malware-laced links to 150 government agencies, research institutions and other organizations in the US and 23 other countries, Microsoft said. The hackers, belonging to Russia’s Foreign Intelligence Service, first […]