Sicurezza

North Korean Hackers Stole Nearly $400M in Crypto Last Year

Pubblicato il

The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking 80 percent. So perhaps it’s no surprise that the relentless North Korean hackers who feed off that booming crypto economy had a very good year as well. […]

Sicurezza

NSO Group Spyware Targeted Dozens of Reporters in El Salvador

Pubblicato il

The Israeli spyware developer NSO Group has long claimed plausible deniability when it comes to misuse of its powerful targeted surveillance tools. Yet despite its protestations—and increased scrutiny from tech companies and regulators alike—the abuses continue. The latest revelation comes from El Salvador, where NSO’s Pegasus malware was found on 37 devices belonging to 35 […]

Sicurezza

The FTC Wants Companies to Find Log4j Fast. It Won’t Be Easy

Pubblicato il

Such issues are likely to disproportionately affect small and medium businesses, he says—and make it nigh-on impossible to fix easily. Sonatype analysis has found that around 30 percent of the consumption of Log4j is from potentially vulnerable versions of the tool. “Some companies haven’t got the message, don’t have the materials, and don’t even know […]

Sicurezza

Hackers Are Exploiting a Flaw Microsoft Fixed 9 Years Ago

Pubblicato il

The widely used malware ZLoader crops up in all sorts of criminal hacking, from efforts that aim to steal banking passwords and other sensitive data to ransomware attacks. Now, a ZLoader campaign that began in November has infected almost 2,200 victims in 111 countries by abusing a Windows flaw that Microsoft fixed back in 2013. […]

Sicurezza

The Worst Hacks of 2021

Pubblicato il

If 2020 was the year of pandemic lockdown hacking, 2021 was open season for attackers around the world. Ransomware gangs were shockingly aggressive, targeting health care facilities, schools, and critical infrastructure at an alarming rate. And hackers continued to launch supply chain attacks with extensive fallout. With the pandemic still raging in the background, system […]

Sicurezza

The Next Wave of Log4J Attacks Will Be Brutal

Pubblicato il

A week ago, the internet experienced a seismic event. Thanks to a vulnerability in Log4j, a popular open source library, multitudes of servers around the world were suddenly exposed to relatively simple attacks. The first wave of hacking is well underway. But it’s what comes next that should worry you. So far, the vanguard of […]

Sicurezza

Google Warns That NSO Hacking Is On Par With Elite Spy Groups

Pubblicato il

The Israeli spyware developer NSO Group has shocked the global security community for years with aggressive and effective hacking tools that can target both Android and iOS devices. The company’s products have been so abused by its customers around the world that NSO Group now faces sanctions, high-profile lawsuits, and an uncertain future. But a […]

Sicurezza

The Log4J Vulnerability Will Haunt the Internet for Years

Pubblicato il

A vulnerability in the open source Apache logging library Log4j sent system administrators and security professionals scrambling over the weekend. Known as Log4Shell, the flaw is exposing some of the world’s most popular applications and services to attack, and the outlook hasn’t improved since the vulnerability came to light on Thursday. If anything, it’s now […]

Sicurezza

A Year After SolarWinds, Supply Chain Threats Still Loom

Pubblicato il

A year ago today, the security firm FireEye made an announcement that was as surprising as it was alarming. Sophisticated hackers had silently slipped into the company’s network, carefully tailoring their attack to evade the company’s defenses. It was a thread that would unspool into what is now known as the SolarWinds hack, a Russian […]

Sicurezza

Microsoft Seizes Domains Used by a Chinese Hacking Group

Pubblicato il

Microsoft said it has seized control of servers that a China-based hacking group was using to compromise targets that align with that country’s geopolitical interests. The hacking group, which Microsoft has dubbed Nickel, has been in Microsoft’s sights since at least 2016, and the software company has been tracking the now-disrupted intelligence-gathering campaign since 2019. […]