Microsoft’s incomplete PrintNightmare patch fails to fix vulnerability
By Lawrence Abrams Researchers have bypassed Microsoft’s emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed. Last night, Microsoft released an out-of-band KB5004945 security update that was supposed to fix the PrintNightmare vulnerability that researchers disclosed by accident last month. After the update was released, […]
Ransomware: What REALLY happens if you pay the crooks?
By: Paul Ducklin Governments and law enforcement hate it when ransomware victims pay the blackmail demands that almost always follow a ransomware attack, and you can understand why, given that today’s payments fund tomorrow’s cybercriminality. Of course, no one needs to be told that. Paying up hurts in any number of ways, whether you feel […]
Cisco ASA vulnerability actively exploited after exploit released
By Lawrence Abrams This vulnerability can allow an unauthenticated threat actor to send targeted phishing emails or malicious links to a user of a Cisco ASA device to execute JavaScript commands in the user’s browser. “A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow […]
Carnival Cruise Ship hit with Cyberattack
by Lisa Vaas This is the fourth time in a bit over a year that Carnival’s admitted to breaches, with two of them being ransomware attacks. Carnival Corp., the world’s largest cruise-ship operator, has sprung another leak: For the second time in a year, attackers have breached email accounts and accessed personal, financial and health […]
Last Week in Ransomware – June 11th 2021 – Under Pressure
By Lawrence Abrams It has been quite the week when it comes to ransomware, with ransoms being paid, ransoms being taken back, and a ransomware gang shutting down. This week’s biggest news was the FBI announcing that they were able to recover the majority of the $4.4 million ransom payment paid by Colonial Pipeline. It is not […]
US recovers most of Colonial Pipeline’s $4.4M ransomware payment
By Lawrence Abrams The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation. On May 7th, Colonial Pipeline suffered a DarkSide ransomware attack that forced them to shut down their fuel pipeline operation. This shutdown led to temporary gas shortages on the east […]
“Have I Been Pwned” breach site partners with… the FBI!
by Paul Ducklin In case you’ve never heard of it, Have I Been Pwned, or HIBP as it is widely known, is an online service run out of Queensland in Australia by a data breach researcher called Troy Hunt. The idea behind HIBP is straightforward: to give you a quick way of checking your own […]
Beware fake online trading apps, on iOS as well as Android
by Paul Ducklin Remember how ransomware started? It was all about volume. The CryptoLocker gang, for example, raked in millions of dollars, perhaps even hundreds of millions, by scrambling your files and then extorting you for $300 to unscramble them again. These days, however, the big-money ransomware gangs take a very different approach. They typically […]
Tecinfo Communications RDOF Fiber Project
Our parent company, TecInfo Communications, is proud to have won the opportunity, to build and operate a fiber network, through portions of Sunflower, Bolivar and Washington Counties. This funding will enable TecInfo to build approximately 650 miles of fiber, primarily underground, providing access to Internet technologies to businesses and residents within these areas. The project […]
Ransomware: don’t expect a full recovery, however much you pay
by Paul Ducklin When it comes to all the various types of malware out there, none has ever dominated the headlines quite as much as ransomware. Sure, several individual malware outbreaks have turned into truly global stories over the years. The LoveBug mass-mailing virus of 2000 springs to mind, which blasted itself into hundreds of […]
