Cybersecurity researchers from Kaspersky have discovered a new type of ransomware, and this one seems to be more dangerous than any of its predecessors for one key reason. The ransomware, named Sodin, takes advantage of a zero-day vulnerability in the Windows operating system, which means that victims don’t even need to download and run a malicious attachment (which was typically essential for the success of a ransomware campaign).
A US-Israeli cybersecurity firm said Tuesday it had uncovered a massive hack of several global telecommunications companies involving the theft of vast amounts of personal data that was apparently carried out by state-backed actors in China. Cybereason, which is based in Boston and has offices in Tel Aviv, London, and Tokyo, said the hacking included the specific targeting of people working in government, law enforcement and politics.
Security researchers from Netlab – a network threat hunting unit of Chinese cybersecurity giant Qihoo 360 – discovered the first ever malware strain, named Godlua, seen abusing the DNS over HTTPS (DoH) protocol. The Godlua malware is written in Lua to work on Linux Servers. The attackers are using Confluence exploit (CVE-2019-3396) to infect outdated systems, and early samples uploaded on VirusTotal have mislabeled it as a cryptocurrency miner.
Somebody out there has taken a big dislike to Robert J. Hansen (‘rjh’) and Daniel Kahn Gillmor (‘dkg’), two well-regarded experts in the specialised world of OpenPGP email encryption. It’s not known who launched the attacks in late June 2019 (Hansen says he has suspects in mind), but it’s the nature of the campaign against them that has people in this corner of encryption worried – a “poisoning” attack against their personal certificate signatures held on the OpenPGP Synchronizing Key Server (SKS) network.
The UK’s biggest provider of forensic services has paid a ransom to criminals after its IT systems were disrupted in a cyber-attack, BBC News has learned. Eurofins Scientific was infected with a ransomware computer virus a month ago, which led British police to suspend work with the global testing company. At the time, the firm described the attack as “highly sophisticated”.
