Last week, Progress Software Corporation, a company that sells software and services for user interface development, devops, and file management, among others, alerted its customers about a critical vulnerability in its MOVEit Transfer and related MOVEit Cloud products. MOVEit Transfer is a system that allows teams, departments, companies, or supply chains to store and share…
The Naked Security podcast, hosted by Doug Aamoth and Paul Ducklin, covers a range of topics related to cybersecurity, including password manager cracks, login bugs, and historical examples of security breaches. In a recent episode, the hosts discussed a ransomware attack against a technology company in Oxfordshire, England, which involved a man-in-the-middle attack by a…
After five years of investigation, Ashley Liles, a former sysadmin at a business in Oxford, England, has been convicted of a Man-in-the-Middle (MitM) cybercrime. MitM attacks depend on someone or something intercepting messages sent to a recipient and modifying them to deceive the receiver, and these types of attacks are usually performed by machines. Liles,…
is a HTML tag used for creating a division or section in a web page. In recent news, Russian national Mikhail Pavlovich Matveev, also known as Wazawaka, m1x, Boriselcin, and Uhodiransomwar, has been accused of conspiring to transmit ransom demands, damaging protected computers, and carrying out ransomware attacks. Matveev has been linked to three specific…
In December 2020, a cyberextortion case unfolded in a typical fashion, with an unknown attacker breaking into a network via an unknown security hole, acquiring sysadmin powers, stealing confidential data, and covering their tracks. However, the situation took an unexpected turn when the attacker demanded 50 Bitcoins (then worth about $2,000,000) to hush things up…
In a recent Naked Security podcast episode, Doug Aamoth and Paul Ducklin covered a range of topics, including Bluetooth trackers, bothersome bootkits, and even how not to get a job in application security. The podcast also featured a titbit from Tech History, where they talked about VisiCalc, the program that automated the recalculation of spreadsheets.…
US payments giant NCR confirmed over the weekend that a data center outage is the result of a ransomware attack. On April 13, NCR said it discovered the incident and immediately began contacting customers, engaging third-party cybersecurity experts, launching an investigation and notifying law enforcement. The ransomware group known as BlackCat, Alphv and Noberus took…
LockBit ransomware group’s attempt to create a macOS version of their malware has been discovered by researchers. The malware is capable of encrypting files on Mac devices, but it does not seem to pose any real risk. Patrick Wardle, a security expert, has conducted an analysis of the macOS LockBit version and found that the…