My Weekly Roundup #153
China-linked APT Flew Under Radar for Decade
Evidence suggests that a just-discovered APT has been active since 2013.
DeadBolt ransomware takes another shot at QNAP storage
QNAP is warning users about another wave of DeadBolt ransomware attacks against its network-attached storage (NAS) devices – and urged customers to update their devices’ QTS or QuTS hero operating systems to the latest versions.
15 vulnerabilities discovered in Siemens industrial control management system
Fifteen vulnerabilities affecting Siemens SINEC network management system (NMS) were unveiled this week, according to new research published by security company Claroty. The bugs affect all versions before V1.0 SP2 Update 1 and Siemens urged users to update their versions as soon as possible.
MaliBot Android Banking Trojan targets Spain and Italy
F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. The experts documented attacks against multiple banks, including UniCredit, Santander, CaixaBank, and CartaBCC.
ALPHV squeezes victim with dedicated leak site for employees and customers
Eyebrows were raised this week when the ALPHV ransomware group created a leak site dedicated to just one of its victims. The site was aimed at the employees and guests of a hotelier that had been attacked, and allowed them to see if their personal details had been leaked.
QNAP NAS devices targeted by surge of eCh0raix ransomware attacks
This week, ech0raix ransomware has started targeting vulnerable QNAP Network Attached Storage (NAS) devices again, according to user reports and sample submissions on the ID Ransomware platform.
Debate rages over Microsoft vulnerability practices after Follina, Azure issues
Microsoft finally released a patch for the much-discussed Follina vulnerability — CVE-2022-30190 — amid fixes for 55 other issues on Tuesday.
About a year ago, we have launched ThreatFox - a community driven platform to share indicators of compromise (IOCs). Today, I’m very excited to announce the launch of our most recent project: YARAify!
Julian Assange to Be Extradited to U.S. on Espionage Charges
Julian Assange is set to be extradited to the U.S. to face espionage charges. The WikiLeaks founder’s fate was sealed by U.K.
SpaceX fires staff over letter criticising Elon Musk
Three SpaceX employees have been sacked after calling chief executive Elon Musk a “source of distraction and embarrassment” in an open letter. Musk is a heavy user of the social media site, which he is in the process of buying for $44bn.
The Crypto Crash: all Ponzi schemes topple eventually
One week ago, as cryptocurrency prices plummeted, Celsius Network – an experimental cryptocurrency bank with more than one million customers that has emerged as a leader in the murky world of decentralized finance, or DeFi – announced it was freezing withdrawals “due to extreme market conditio
An Apple store in Maryland makes history by forming the company’s first recognized union
As several Apple stores across the country fight to unionize, workers in Towson, Maryland became the first to win formal recognition. Out of 110 eligible employees, the union received 65 yes votes and 33 no votes.
The James Bond Car That Was Elon Musk’s Inspiration For The Tesla Cybertruck
The foundation of the design for the Tesla Cybertruck came from a submarine car used in the James Bond film “The Spy Who Loved Me.” The film was released in 1977 and featured a modified version of the Lotus Esprit (via CNBC). In the movie, the car was named “Wet Nellie.
Is LaMDA Sentient?
What follows is the “interview” I and a collaborator at Google conducted with LaMDA. Due to technical limitations the interview was conducted over several distinct chat sessions.
Why you can’t trust Instagram
About once a day I get a message from someone asking for my help with restoring their Instagram account. Like me, they did all the right security things. They used two-factor authentication (2FA). They jumped through the hoops to restore their hacked Instagram account.
Ms. Marvel’s Viewership the Lowest of Any MCU Disney+ Series
The currently ongoing Marvel Studios Disney+ series Ms. Marvel has been a relative hit among critics but ratings for the series are the lowest amongst any Marvel series on the streaming platform. According to a new report from Samba TV, Ms. Marvel‘s first five days saw 775,000 U.S.
Ezra Miller Probably Doesn’t Have a DC Future After The Flash
The saga of Warner Bros.’ upcoming Flash movie has been a long one, and in recent weeks, much of it has revolved around its lead actor, Ezra Miller.
5 Minutes That Will Make You Love Renaissance Music
Here’s your introduction to the shining, stirring sounds of a revolutionary period in cultural history.