Enlarge (credit: Getty Images) Hype and hyperbole were on full display this week as the security world reacted to reports of yet another Log4Shell. The vulnerability came to light in December and is arguably one of the gravest Internet threats in years. Christened Spring4Shell—the new code-execution bug in the widely used Spring Java framework—quickly set […]
Enlarge Apple on Thursday released fixes for two critical zero-day vulnerabilities in iPhones, iPads, and Macs that give hackers dangerous access to the internals of the OSes the devices run on. Apple credited an anonymous researcher with discovering both vulnerabilities. The first vulnerability, CVE-2022-22675, resides in macOS for Monterey and in iOS or iPadOS for […]
Enlarge / A Viasat internet satellite dish in the yard of a house in Madison, Virginia. (credit: Getty Images) Viasat, the high-speed satellite broadband provider whose modems were knocked out in Ukraine and other parts of Europe earlier this month, has confirmed third-party researchers’ theory that new wiper malware with possible ties to the Russian […]
Enlarge (credit: Darryl Fonseka | Getty Images) Independent researchers and the United States military have become increasingly focused on orbiting satellites’ potential security vulnerabilities in recent years. These devices, which are built primarily with durability, reliability, and longevity in mind, were largely never intended in order to be ultra-secure. But at the ShmooCon security conference […]
Enlarge (credit: Getty Images) IT and software development firm Globant said in a statement Wednesday that it experienced a network breach. The statement appeared to confirm claims made by Lapsus$, a group that has successfully compromised Microsoft, Nvidia, Okta, and other victims in recent weeks. Lapsus$ is a relative newcomer to the data-extortion scene. While […]
Enlarge / Photo taken on October 12, 2021 in Moscow shows Russia’s internet search engine Yandex’s logo on a laptop screen. (Photo by Kirill KUDRYAVTSEV / AFP) (Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images) (credit: Kirill Kudryavtsev | Getty Images) Russia’s biggest Internet company has embedded code into apps found on mobile devices that allows […]
Enlarge (credit: Getty Images) Some Internet traffic in and out of Twitter on Monday was briefly funneled through Russia after a major ISP in that country misconfigured the Internet’s routing table, network monitoring services said. The mishap lasted for about 45 minutes before RTCOMM, a leading ISP in Russia, stopped advertising its network as the […]
Enlarge (credit: Getty Images) Multi-factor authentication (MFA) is a core defense that is among the most effective at preventing account takeovers. In addition to requiring that users provide a username and password, MFA ensures they must also use an additional factor—be it a fingerprint, physical security key, or one-time password—before they can access an account. […]
Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. (credit: IIP Photo Archive) For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders who attempted to sabotage industrial […]
Enlarge / Eugene Kaspersky, CEO and founder of Moscow-based Kaspersky, at the 2020 World Internet Conference (WIC) at Wuzhen, China. (credit: Getty Images) The Federal Communications Commission on Friday effectively barred sales of security products from Moscow-based Kaspersky, determining that they pose an unacceptable risk to US national security. The move adds Kaspersky to the […]