Tag Archives: sophos

Microsoft Patch Tuesday, December 2022 Edition

December 14, 2022

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday.

Conti’s Ransomware Toll on the Healthcare Industry

April 18, 2022

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under the name “Ryuk.”

Sipping from the Coronavirus Domain Firehose

April 16, 2020

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing pressure to do more to combat scams and misinformation during the COVID-19 pandemic.

Krebs, KrebsOnSecurity, As Malware Memes

May 22, 2013

Hardly a week goes by when I don’t hear from some malware researcher or reader who’s discovered what appears to be a new sample of malicious software or nasty link that invokes this author’s name or the name of this blog. I’ve compiled this post to document a few of these examples, some of which are quite funny.

KrebsOnSecurity Wins Awards

March 4, 2013

I recently returned from San Francisco, which last week hosted the annual RSA Security conference. I had the pleasure of moderating a panel discussion on Raising the Costs of Compromise with some very smart guys, and also shared a stage with several security authors who were recognized for their contributions to infosec media.

Crimeware Author Funds Exploit Buying Spree

January 7, 2013

The author of Blackhole, an exploit kit that booby-traps hacked Web sites to serve malware, has done so well for himself renting his creation to miscreants that the software has emerged as perhaps the most notorious and ubiquitous crimeware product in the Underweb. Recently, however, the author has begun buying up custom exploits to bundle into a far more closely-held and expensive exploit pack, one that appears to be fueling a wave of increasingly destructive online extortion schemes.

OpenX Promises Fix for Rogue Ads Bug

May 2, 2012

Hackers are actively exploiting a dangerous security vulnerability in OpenX — an online ad-serving solution for Web sites — to run booby-trapped ads that serve malware and browser exploits across countless Web sites that depend on the solution.

Security experts have been warning for months about mysterious attacks on OpenX installations in which the site owners discovered new rogue administrator accounts. That access allows miscreants to load tainted ads on sites that rely on the software. The bad ads usually try to foist malware on visitors, or frighten them into paying for bogus security software.

OpenX is only now just starting to acknowledge the attacks, as more users are coming forward with unanswered questions about the mysteriously added accounts.

Double the Love from Friends and Enemies

March 4, 2012

KrebsOnSecurity.com earned two honors this week at the RSA Security Conference. For the second year running, it was voted the blog that best represents the security industry by judges at the Social Security Bloggers Awards. I was also recognized for the Security Bloggers Hall of Fame award, alongside noted security expert Bruce Schneier.