Security

Nearly three in every four dollars paid to ransomware scammers goes to Russian-affiliated groups according to new research. The authors also accuse Russia of turning a blind eye to large-scale money laundering. The figures come from Chainalysis, ... which tracks crime involving cryptocurrencies. These are "virtual" currencies such as Bitcoin where all transactions are tracked on a public "ledger". The way cryptocurrencies work means its relatively straightforward to track the amount of money a particular user has spent or received. However, it's often difficult to prove who a particular user is. ... (view more)

Security experts have reminded users to take extra care when sourcing installation files for Windows 11. A look-alike "Microsoft" site was actually distributing some nasty malware. Normally such scams tend to mainly work on people who are either ... trying to get round paying for software or are trying to get early access without going through official test programs. That's not quite the case with Windows 11 where people running "incompatible" machines can still upgrade to the system by downloading official files and creating a USB installation. However, when some people came looking for Windows ... (view more)

Microsoft is making it harder for scammers to distribute ransomware and other malware through Office documents. However, the tighter block on visual basic macros running by default may frustrate some users. A macro is a way of reducing a series of ... instructions to a single instruction, while VBA (visual basic language) is a way of handling macros in Microsoft programs. It's often used for frequently performed tasks. To give a hypothetical example, a user could create a macro in a spreadsheet that means pressing a couple of keys together which tells the computer to check two columns for any ... (view more)

The people behind an online service for buying and selling stolen credit card details say they are retiring for health reasons. The unknown owners reportedly made $358 million from their "marketplace." The UniCC service operated on a so-called ... darknet, only accessible through special software designed to make it much harder to track who visited which online service. The BBC notes that the site had operated since 2013 and estimates users listed "tens of thousands" of stolen card details every day. It appears to have been particularly popular for criminals who had carried out major data ... (view more)

Scammers are tricking Microsoft Edge users with a bogus software update. It's something of a backhanded compliment to the browser finding an audience. Security company Malwarebytes says it worked with the independent research team "nao_sec" to ... identify the scam. At the moment it appears to be specifically targeting users in South Korea with ransomware, though the tactic could easily be adapted. (Source: techradar.com ) According to the researchers, the scam begins with a malicious ad, usually posted on a page with a lot of advertising. That's likely to make it harder to identify the culprit. ... (view more)

Users of popular password manager tool LastPass have reported worrying emails that suggest their master passwords have been compromised. LastPass says the emails may have been sent mistakenly and that it has no evidence of any security breach. Like ... most such tools, LastPass let users create a single memorable password, the name coming from the idea it's the "last password" users will ever need to remember. This password is necessary to unlock a private vault of stored encrypted passwords for other sites. One of the big keys to the service is that LastPass itself has no access to the master ... (view more)

Mozilla has announced a rethink of a key technology used to make web users safer. The latest update to its Firefox browser improves the "sandboxing" approach. One of the biggest security concerns with web browsers is the way a single application ... (the browser) can handle data from multiple sites open in different tabs. It creates the risk that a compromised site could access data from another site; for example, one tab might display or transmit emails, login details or financial information. The way browsers tackle this risk is called sandboxing. That means telling operating systems such as ... (view more)

Google has cracked down on a key method that scammers used to distribute Android malware through the Play app store. But like a game of whack-a-mole, the scammers are adjusting their tactics for greater success. The Google change is to the way it ... handles accessibility tools on Android devices. These include screen-readers, voice input systems and other modifications for users to interact with the device. Such tools often need access to key components such as the camera, microphone or speakers, access that can be abused by malware. Google relaxes the security and permissions system on such ... (view more)

Microsoft has taken control of websites - or rather their domain names - believed to be uses by Chinese hackers. It's the latest example of a tactic that overcomes the usual problems of dealing with an international online threat. According to ... Microsoft, the "Nickel" group is based in China and is a "nation-state actor": in other words, it at the very least has the backing of the Chinese government. It uses a variety of tactics to try to spy on victims and intercept their data. Targets include government agencies and human rights groups. Microsoft somewhat understatedly says there's "often a ... (view more)

The United States is the third safest country for cyber crimes according to a newly-published study. However, the methodology means that might not reflect the actual risk to users. The figures come from Seon, a security company that specializes in ... automatically detecting online fraud. That makes the results (and the decision to publish them) a little surprising as such a company would have an obvious interest in suggesting cyber crime is a particularly big risk in larger, wealthier countries full of potential customers. Overall the results showed Denmark as the safest country, just ahead of ... (view more)