Nachrichtenarchiv

CSO Online 27.02.2025 16:11
Forscher haben herausgefunden, dass zwei VSCode-Erweiterungen mit Schadcode infiziert sind. Die IT-Forscher Amit Assaraf und Itay Kruk entdeckten kürzlich, dass die beiden Erweiterungen für Visual Studio Code – “Material Theme – Free” und “Material Theme Icons – Free” Schadcode enthalten. Berichten zufolge erfreuten sich diese Erweiterungen großer Beliebtheit und wurden insgesamt fast neun Millionen Mal heruntergeladen.

Golem 27.02.2025 14:30
Forscher haben einen Weg gefunden, fremde Bluetooth-Geräte mit hoher Genauigkeit zu orten – mit erheblichen Auswirkungen auf die Privatsphäre. (Tracking, Apple)

Golem 26.02.2025 13:15
Schon ein kleiner Moment der Unachtsamkeit kann dazu führen, dass Daten aus Github-Repositories für jeden dauerhaft via Copilot auffindbar sind. (Copilot, Microsoft)

Schneier on Security 26.02.2025 13:07
Last month, the UK government demanded that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government demands Apple weaken its security worldwide, it would increase everyone’s cyber-risk in an already dangerous world.
If you’re an iCloud user, you have the option of turning on something called “advanced data protection,” or ADP. In that mode, a majority of your data is end-to-end encrypted. This means that no one, not even anyone at Apple, can read that data. It’s a restriction enforced by mathematics—cryptography—and not policy. Even if someone successfully hacks iCloud, they can’t read ADP-protected data…

Schneier on Security 25.02.2025 18:04
It looks like a very sophisticated attack against the Dubai-based exchange Bybit:
Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The notification said the digital loot had been stored in a “Multisig Cold Wallet” when, somehow, it was transferred to one of the exchange’s hot wallets. From there, the cryptocurrency was transferred out of Bybit altogether and into wallets controlled by the unknown attackers.
[…]
…a subsequent investigation by Safe found no signs of unauthorized access to its infrastructure, no compromises of other Safe wallets, and no obvious vulnerabilities in the Safe codebase. As investigators continued to dig in, they finally settled on the true cause. Bybit ultimately said that the fraudulent transaction was “manipulated by a sophisticated attack that altered the smart contract logic and masked the signing interface, enabling the attacker to gain control of the ETH Cold Wallet.”…

Dark Reading 25.02.2025 16:00
No matter the strategy, companies must approach securing unmanaged devices with sensitivity and respect for employee privacy.

Dark Reading 25.02.2025 12:00
Nearly a third of organizations have an operational system connected to the Internet with a known exploited vulnerability, as attacks by state and non-state actors increase.

CSO Online 25.02.2025 11:25
Die Ransomware-Bande Lynx hat den Maschinengroßhändler Stürmer Maschinen kürzlich auf ihre Opferliste gesetzt. Auf ihrer Leak-Seite im Darknet behaupten die Cyberkriminellen, einen Datensatz von 800 Gigabyte abgezogen zu haben. Um welche Daten es sich dabei genau handelt ist unklar. Informationen zur Lösegeldforderung und Frist gibt es ebenfalls nicht.