Security News > 2021

Cybersecurity researchers have disclosed a novel attack that could allow criminals to trick a point of sale terminal into transacting with a victim's Mastercard contactless card while believing it to be a Visa card. The research, published by a group of academics from ETH Zurich, builds on a study detailed last September that delved into a PIN bypass attack, permitting bad actors to leverage a victim's stolen or lost Visa EMV-enabled credit card for making high-value purchases without knowledge of the card's PIN, and even fool the terminal into accepting unauthentic offline card transactions.

UL LLC, better known as Underwriters Laboratories, has suffered a ransomware attack that encrypted its servers and caused them to shut down systems while they recover. BleepingComputer has learned that UL suffered a ransomware attack last weekend that encrypted devices in their data center.

From the Monterey Bay Aquarium. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks using "Malformed URL prefixes" to evade protections and deliver phishing emails that look legit. Typosquatting is a common phishing email tactic where everyday business names are mispelled, like "Amozon.com" - to try and trick unobservant users into clicking.

"It's really highlighted the investments we need to make in cybersecurity to have the visibility to block these attacks in the future," Anne Neuberger, the newly appointed deputy national security adviser for cyber and emergency technology said Wednesday at a White House briefing. President Joe Biden plans to release an executive order soon that Neuberger said will include about eight measures intended to address security gaps exposed by the hack.

A week-long outage for Kia is reportedly connected to a ransomware attack from the DoppelPaymer gang, says BleepingComputer. Kia Motors America may have been hit by a ransomware attack that has taken down some of its key customer-facing services.

Silver Sparrow has taken flight in any event: As of February 17, this fresh entry to the malware scene had already infected 29,139 macOS endpoints across 153 countries, according to researchers - primarily in Canada, France, Germany, the United Kingdom and the United States. Now, the Silver Sparrow malware family has appeared on the scene - a brand-new malware built for the Mac M1 ecosystem, researchers said.

RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service. Regional internet registry RIPE NCC is warning of a credential-stuffing attack against its single sign-on service, RIPE NCC Access, and is encouraging users to implement two-factor authentication.

Unlike a cube, you don't end up as wide as you are tall, you're not as deep as you are wide, and your legs are a totally different shape and size to your torso, so presumably cubing your height in the BMI formula would be little better than squaring it, tending to overestimate your volume rather than to underestimate it. It's still not obvious why BMI divides by the square of your height, given that you aren't flat, either - unlike a square, which does have a width and a height, yet has a depth of zero and therefore no volume at all.

Microsoft has added a 'paste as plain text' option to the Windows 10 clipboard history in the latest Preview build available for Windows Insiders in the Dev Channel. We fixed an issue where updating the Windows accent color would not immediately update in the flyout.