Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Watch Hackers Break Into the US Power Grid

In this video, you’ll see hackers in action breaking into several businesses and bypassing all their security measures. A bit goofy, but it accurately illustrates how easily this can be done at most places.

Multipurpose malware: Sometimes Trojans come in threes

Just in case a plain old Ransomware wasn’t bad enough, malware authors have added a DDOS component to Cerber. This malware attacks you in multiple different ways.

As if ransomware weren’t bad enough, now it’s metastasizing: not just spreading rapidly but even picking up secondary characteristics. Take Cerber, ransomware first spotted in the wild back in February 2016.

Briefly, here is the sequence of events. First, Cerber arrives in the form of an e-mail attachment. Once executed, the virus behaves like any other ransomware, encrypting files and demanding money for their safe return. But then, security researchers are finding, it confirms the computer’s Internet connection and begins using the infected PC for other purposes, such as for a distributed denial-of-service (DDoS) attack or as a spambot.

FBI Internet Crime Report

You don’t have to be in the FBI to know that Ransomware and Business Email Compromise are two of the leading issues facing cybersecurity. All leading information security experts agree on that. But still – it’s nice to have the FBI confirm it.

BEC is linked to other types of criminal activity including romance, lottery, employment, and check scams. Victims of these scams may be used to unknowingly transfer fraudulent funds on behalf of the perpetrators. In 2015, the IC3 received 7,838 BEC complaints with losses of over $263 million .

Microsoft Warns of ZCryptor Ransomware with Self-Propagation Features

Malware authors have added a “worm” component to a  variant of the Ransomware Zcrypt. Not only can it encrypt files on shared drives and removable drive but, it can also copy itself there and wait to be installed by another system.

A security researcher named Jack, behind the MalwareForMe blog, first discovered and wrote about this threat on May 24. Three days later, Microsoft ‘s security team also took note of the new wave of infections.

“We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior,” Microsoft’s Malware Protection Center alert reads. “This ransom leverages removable and network drives to propagate itself and affect more users.”

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Microsoft report: 9.4 percent increase in vulnerability disclosures

If you don’t download and install security patches, you’re almost asking for trouble. This article proves the point that some of the most exploitable vulnerabilities have already been patched.

One of the most concerning findings was that the most commonly targeted individual vulnerability in the latter half of 2015 was CVE-2010-2568 in Windows Shell, according to Tenable Network Security EMEA Technical Director Gavin Millard.

“CVE-2010-2568, a vulnerability well known for its usage in the Stuxnet malware family in June 2010, has had a patch available since August 2nd 2010 but many systems are still being successfully targeted,” Millard told SCMagazine.com in emailed comments.

10 Years Of Human Hacking: How ‘The USB Way’ Evolved

Interesting technique to get people to plug in a rogue USB drive. Would you fall for this trick?

As users started to become educated about rogue USB drives, we changed the rules by purchasing memory sticks branded with their company name and logo. Sometimes we attached them with a lanyard also printed with the corporate insignia. In some cases, we placed them on the desks of individual users, and in other instances, we physically mailed them to the individual. In all scenarios, users still plugged the devices in and ran whatever exploit we stored on the drive.

Flash Player update fixes zero-day vulnerability and 24 other critical flaws | CSO Online

Adobe Flash continues to be a hackers best friend.

The company issued a warning about the zero-day — previously unknown and unpatched — vulnerability on Tuesday, saying that it is aware of an exploit available in the wild. The flaw, tracked as CVE-2016-4117, was reported by security researchers from FireEye.

I almost can’t believe someone from Adobe was quoted saying the following for this article.

However, while an exploit for CVE-2016-4117 is known to exist in the public domain, the company is not aware of any active attacks using it, an Adobe spokeswoman clarified Thursday via email.

Symantec Antivirus products vulnerable to horrid overflow bug | ZDNet

Even antivirus platforms can provide a surface area to attack.

“This is a remote code execution vulnerability. Because Symantec use a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link is enough to exploit it,” Ormandy said in his explanation.

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Cybersecurity Industry “Fighting the Wrong Battle for 20 Years”

The white paper linked to in this article may be the best thing written on the human side of cyber security that I’ve ever read. Do yourself a favor and read it.

“In the more than 2,500 data breaches I have investigated, I can count exactly zero that were caused by non-human-initiated system failure—like it or not, people are the problem,” said Pogue, Nuix’s Senior Vice President, Cyber Threat Analysis.

Empty DDoS Threats: Meet the Armada Collective

Cybercrooks have started bluffing about their capabilities. What affect this will have on the overall marketplace remains to be seen. It seems like this will take money out of the pocket of “legitimate” cybercriminals. 😉

… we’ve been unable to find a single incident where the current incarnation of the Armada Collective has actually launched a DDoS attack. In fact, because the extortion emails reuse Bitcoin addresses, there’s no way the Armada Collective can tell who has paid and who has not. In spite of that, the cybercrooks have collected hundreds of thousands of dollars in extortion payments.

‘Crypto Wars’ timeline: A history of the new encryption debate

The Patriot Act had a massive influence on encryption. Here’s a good (and mostly politics free) version of the biggest encryption related events since the Patriot Act was passed in 2003.

Law Firms Present Tempting Targets For Attackers

No industry is safe from attackers, scammers and hackers. Just add law firms to the long list of industries targeted by cybercriminals.

The recent data breach at Panamanian law firm Mossack Fonseca that resulted in the theft of a staggering 11.5 million sensitive records highlights what analysts say is a disturbing lack of security preparedness at many law firms.

Healthcare Was Most Attacked Industry in 2015

Healthcare has been under attack in 2015. The stats are disconcerning.

Despite not even making it to top five most targeted industries in 2014, healthcare managed to grab the top spot last year, as five of the top eight largest healthcare security breaches since the beginning of 2010 took place in the first half of 2015. Overall, more than 100 million healthcare records were compromised last year.

Major Exploit Kit Campaign Swaps Locky Ransomware for CryptXXX

Another week, another new wave of attacks. This one changes shapes. An interesting development,l especially since Kaspersky just announced a decryptor for CryptXXX.

In mid-April 2016, a campaign using Nuclear Exploit Kit (EK) to distribute Locky ransomware switched to using the Angler EK to install CryptXXX ransomware. This campaign uses gates registered through FreeDNS atafraid.org. We are calling this the Afraidgate campaign. Although we continue to see Locky distributed through malicious spam, we have not noticed Locky from EK traffic since mid-April.

Malware Leverages Windows “God Mode” for Persistency

A common Windows “feature” gets exploited by attackers.

The so called God Mode allows users to create a folder and give it a special name, which turns it into a shortcut to Windows settings and folders such as control panels, My Computer, or printers. The feature was introduced by Microsoft in Windows Vista and can prove a handy tool for administrators and savvy users alike.

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Young adults most likely to lose a phone, making them top targets for mobile hackers

It won’t come as a surprise to you that young adults are most likely to lose a phone. This article makes a great case for two important mobile device best practices that’ll help you in case of loss:

1. Two Factor Authenication for all of your online services
2. Using a passcode to encrypt your mobile device

The New Security Fundamentals

These inexpensive security fundamentals can save your company a lot of time and effort.

The ninja security tactics described in this guide — a set of reimagined, if not completely “new” security fundamentals — are available to all for free or with minimal investment. They don’t come with new acquisition costs, steep learning curves or additional vendor lock-in. All they require is a fresh perspective on existing systems and tools, and the judicious application of already well-known security concepts.

PCI is going to impose new payments security rules this week — and they don’t go nearly far enough

New PCI security requirements are to be issued this week. If you handle credit cards, they apply to you. Are these new measures enough?

“An organization could go to great lengths to protect their internal network only to see a third-party negate all of their effort as indicated in data breach reports. That is why several new requirements were identified for service providers in PCI DSS 3.2. These new requirements should already be part of service providers’ efforts to successfully manage the effectiveness of security within the cardholder data environment,” Troy Leach PCI Chief Technology Officer

Ransomware-as-a-service Malicious Insiders = Deadly Threat

As the Ransomware market continues to evolve, the actors start to specialize and stay in their comfort zones.

The Ransomware as a Service (RaaS) model is an emerging concept in which Ransomware authors provide customized, on-demand versions of malware to distributors. The ransomware author collects the ransom and shares it with the distributor. A classic “affiliate” distribution model, which we know from other domains on the web. Thus, malware authors stay in their comfort zone of writing software while distributors who specialize in spam, malvertizement or BlackHat SEO create a new revenue stream based on their existing platforms

Ransomware in your inbox: the rise of malicious JavaScript attachments

JavaScript attachments are replacing Word documents as attachments of choice for some ransomware authors.

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Business Email Compromise – FBI Public Service Announcement

There has been such an increase of instances of the Business Email Compromise scam, that the FBI put out an official public service announcement warning people against falling for it. These shocking statistics show the effectiveness of the scam which caused over $1.2 billion in damages in 2015 alone.

Business Email Compromise (BEC) is defined as a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.

The BEC scam continues to grow and evolve and it targets businesses of all sizes. There has been a 270 percent increase in identified victims and exposed loss since January 2015. The scam has been reported in all 50 states and in 79 countries. Fraudulent transfers have been reported going to 72 countries; however, the majority of the transfers are going to Asian banks located within China and Hong Kong. These totals, combined with those identified by international law enforcement agencies during this same time period, bring the BEC exposed loss to over $1.2 billion.

FBI: $2.3 Billion Lost to CEO Email Scams

An interpretation of the report the FBI put out on the BEC scams.

In an alert posted to its site, the FBI said that since January 2015, the agency has seen a 270 percent increase in identified victims and exposed losses from CEO scams. The alert noted that law enforcement globally has received complaints from victims in every U.S. state, and in at least 79 countries.

Business email compromise campaigns continue targeting C-level employees despite warnings

Would you read these emails and do what these hackers ask of you? A great breakdown of how the business email compromise (BEC) scam works, and how effective it is.

Scammers are continuing to target senior financial staff at medium and large corporations, attempting to trick them into carrying out large wire transfer payments. The FBI recently warned organizations of this activity and Symantec Email Security.cloud has observed that these email campaigns are still ongoing.

Adobe ships 0-day patch for Flash – get it while it’s hot!

Adobe just released a patch that fixes a vulnerability cybercriminals are already exploiting to gain access to machines. Everybody needs to download this patch – immediately.

For the second time in two months, Adobe has pushed out a Flash update that’s more than just a nice-to-have.

This one, like last month’s, fixes not only a bunch of holes that crooks would almost certainly try to use if they knew about them, but also a vulnerability that’s already being exploited in the wild for criminal purposes.

Zero-day Numbers Exploded and 43m New Malware Variants Discovered in 2015

In this Security Threat Report, Symantec shed light on some unnerving new developments. I used to draw the line between the skills of organized crime hackers and “nation-state actors”. It looks like that gap is closing.

Symantec has today launched its annual Internet Security Threat Report (ISTR), which reveals highly-skilled cyber criminals with skills sets that echo those of nation-state attackers, are fuelling an exponential growth in online crime.

Illinois USB Whitepaper

Attackers still use USB keys to gain access to machines. Remember: don’t use USB keys that you’re not sure are safe. Simply scanning a drive before plugging it in is not effective to determine its safety.

Abstract—We investigate the anecdotal belief that end users will pick up and plug in USB flash drives they find by completing a controlled experiment in which we drop 297 flash drives on a large university campus. We find that the attack is effective with an estimated success rate of 45–98% and expeditious with the first drive connected in less than six minutes.

How Apple and Amazon Security Flaws Led to My Epic Hacking

Imagine sitting behind your phone or computer and seeing it remotely being wiped completely by a hacker. That’s what happened to Mat Honan. In this classic and riveting first-person account, you learn how your life can digitally dissolve when you’re being hacked.

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook. In many ways, this was all my fault.

Password Generator Tool Breaks Petya Ransomware Encryption

Finally some good news about ransomware Remember the Petya strain of ransomware I shared with you a few weeks ago? Some researchers found a fix for this particular strain.

Researchers have been combing through code related to the Petya ransomware long enough they’ve been able to cobble together a decryption tool that should allow most victims to generate keys in less than 10 seconds.

The 8 Most Convincing Phishing Schemes Of 2016

The year is young and high-profile phishing attacks keep coming seemingly every week. Here are eight reasons why security pros have to get serious about combating phishing.

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Ransomware threat highlights why backing up data is essential

A stark reminder that a good backup is the only thing that can save your data. Please – back up your data regularly.

Among other things, one the key message emanating from this particularly painful case was in the undisputable importance of backing up data. As the journalist noted in a follow up article – in which he detailed how much effort and cost is required to reclaim back some of his digital life – he now swears by it. It is way of life for him:
“When you control your data locally, and have it stored redundantly, no one can take it from you. Not permanently, at least. I’ve now got a local and online backup solution, and I’m about to add a second off-site backup into that mix. That means I’ll have four copies of everything important to me. Overkill? Probably. But I’m once bitten.”

Cybercrime: A Black Market Price List From The Dark Web

Sometimes, attackers can’t use the machines they’ve hacked themselves. So – they’ll sell access to it to the highest bidder on the black market. Have you ever wondered how much a much a hacked machine rents for these days? The guys over at Dark Reading found out.

For years now, security researchers have observed the evolution of the cybercrime economy, as malware authors, identity thieves and fraudsters have peddled their wares in a marketplace that has grown increasingly specialized in its division of labor. 
Today, the menu of options is staggering, with many widely available items and services becoming quickly commoditized. Social security numbers, stolen credit card numbers and full identity information run for as cheap as a few bucks each.

5 things you should know about two-factor authentication

Two-Factor Authentication and Two-Step Verification are essential methods to protect the access to your systems. Here are some useful things to know about these methods.

One of the best pieces of security advice any computer expert can give you is to enable two-factor authentication for websites that support it. With password breaches so common nowadays, it could be the one thing that keeps hackers from stealing your identity online. Here are five points to help you understand this technology.

Petya ransomware eats your hard drives

Another week, another piece of ransomware.
This nasty version starts with a HR related phishing message with a Dropbox link to land the dropper. Once you do, your data is held hostage. Same old tricks but, still highly effective.

It looks like 2016 should be declared a year of ransomware, as new families and new versions are popping up every now and then like mushrooms after the rain.
Ransomware is evolving — fast.
The new versions of ransomware use strong asymmetrical encryption with long keys so that files cannot be decrypted without the key. The bad guys have started using TOR and payments in bitcoins for the sake of staying totally anonymous. And now there is Petya ransomware which in a certain sense encrypts the whole hard drive all at once instead of encrypting files one by one.

Lessons Learned While Protecting Gmail

Google’s Abuse Team deals with a plethora of online threats every single day. Here’s a great great video about the lengths they go through to keep Gmail and Google Apps safe, and the lessons they’ve learned while doing it.

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Audit Reveals IRS Struggles to Implement Security Controls
The IRS has access to vast amounts of confidential information of American citizens. Yet they fail to implement some basic security controls to keep it safe.

Until the IRS takes appropriate steps to resolve control deficiencies, taxpayer data will remain “unnecessarily vulnerable” to inappropriate use, says Gregory Wilshusen, GAO director of information security issues and co-author of the audit report, which was published March 28.

McAfee Labs Unlocks LeChiffre Ransomware – McAfee
One good piece of Ransomware news this week. There’s always a war going on between creators of malware and security companies. This week, McAfee won a battle by figuring out how to unlock a specific piece of ransomware.

As we analyzed this ransomware, we found that we could unlock all LeChiffre-encrypted files without having to pay a ransom.

Like It Or Not, Firewalls Still Front And Center
Having a secure firewall – how important is it?

According to survey respondents, 91% of security practitioners say that firewalls are as critical as always or more critical than ever to their security architecture, and the same ratio believe this will continue to be the case for the next half decade.

PowerWare – New Ransomware Written in PowerShell

Another piece of ransomware has been found using Microsoft Word. Microsoft Word documents rarely contain macros for a very good reason. If you see a prompt requesting permission to run a word macro, answer “no” then review the document. Most legitimate document authors don’t use macros in their documents and almost all hackers do.

Criminal gangs behind PowerWare are spreading it using spam messages including a Word document attachment purporting to be an invoice. The attackers use an old trick in order to convince victims in enabling the macros, they request to enable macros to correctly view the document.

 

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Businesses fail to prepare as cybercrime surges globally

Cybercrime is on the rise, causing massive losses to businesses. Unfortunately, most organizations don’t have a plan in place to protect themselves against it. Don’t let your business be one of the unprepared businesses that gets taken advantage of.

Cybercrime is now the second most reported economic crime and has affected at least a third of organizations in the past 24 months, yet many businesses are still underprepared, a PWC report has found.

PhishLabs on the growing sophistication of business email scams

Business email compromise (BEC) is a scam that’s growing rapidly. Here’s a great video about how it can affect you.

The dirty dozen: 12 cloud security threats

Cloud security experts gathered last month to come up with a list of 12 security threats to watch out for.

As the RSA Conference earlier this month, the CSA (Cloud Security Alliance) listed the “Treacherous 12,” the top 12 cloud computing threats organizations face in 2016. The CSA released the report to help both cloud customers and providers focus their defensive efforts.

Wait, my Mac can be infected?

There used to be a time where Macs were thought to be safe from viruses and attacks. Not anymore. Your Mac is vulnerable, too.

We won’t blame you if you were one of the people who believed the myth of the super-secure Mac. We blame the Internet and the media for building up the hype.

At last week’s RSA conference, I sat in a session that covered hacking a Mac. The theory behind this presentation was that an assailant could hack into a Mac given the practice of installing software that did not come from a trusted store or official App Store. This bit of social engineering plays into the ego of the “uber-savvy” Mac user.

CryptoWall, TeslaCrypt and Locky: A Statistical Perspective

A statistical view of systems affected by a specific strain of ransomware. Very interesting.

In total, we collected over 18.6 million hits from CryptoWall, TeslaCrypt and Locky C&C communications. It is important to consider that when analysing IPS hits, malware may communicate to its C&C server multiple times. In this case, analysing the ratios of these numbers provide more meaningful results.

More companies snared by same type of phishing attack that hit Snapchat

These attacks prove it: spearphishing and Business Email Comprimise are here to stay.

Cybercrooks are boldly targeting companies with campaigns designed to steal employees’ personal data, frequently through targeted emails claiming to come from within the company.

This kind of scam, called spear-phishing, can trick employees into divulging sensitive information, as we saw late last month when Snapchat was snared by a targeted email that appeared to come from Snapchat’s CEO and requested data on current and past employees.

Tips To Maximize Battery Life And Battery Lifespan Of Your iPhone, iPad And Other iDevices, According To Apple : PERSONAL TECH

There’s a big chance that you’re actively doing things that are hurting the battery life of your phone or computer. Here are some great tips for maximizing you iPhone’s battery life. Also, Craig Federighi finally confirmed that force quitting apps does not affect battery life.

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

​Apple users beware: First live ransomware targeting Mac found ‘in the wild’

Once a safe haven because of their small marketshare, Macs are now getting their fair share of attention from malware creators. Here’s a ransomware specifically targeting Macs.

“This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Palo Alto Threat Intelligence Director Ryan Olson told Reuters on Sunday.

7 Attack trends that make security pros sweat

Find out what attacks the security experts are worried about these days.

Researchers with the SANS Institute took full advantage of the opportunity to give a packed house a run-down of the threats and the attack techniques that have come to the forefront lately, those which the security industry is most likely to find itself fighting most in the year to come.

Key takeaways from the RSA security conference

A lot of security professionals seem to agree that detection of issues in your environment is far more important and feasible than prevention of all possible issues.

One of the CISO’s summed it up brilliantly: “If it were that easy cyber security would not be the topic of discussion around the globe on a daily basis for both CEOs and nation leaders.”

Snapchat snared by phishers impersonating CEO, employee data swiped

Phishing is one of the most common scams on the internet. New types of phishing scams pop up daily. In this particular scam, they impersonated someone you might trust.

Spear-phishing is a type of social engineering attack targeted at a particular individual or organization to make it more believable – in this case, by impersonating Snapchat’s CEO.
The attacker stole private payroll information of an unknown number of past and present Snapchat employees.

3 Cybercriminal Tactics Using Netflix

Cybercriminals are now using Netflix in their crimes. Read here how.

With such a level of cultural influence, Netflix has in turn gained not only our familiarity, but also our trust. And that’s exactly why Netflix is also drawing the attention of cybercriminals.

Business email compromise scammers add tax return fraud to their toolbox

Fraudsters might be targeting you with this common scam.

Traditional business email compromise (BEC) scams involve a fraudster emailing a CFO or equivalent member of an organization, pretending to be the CEO or another high-ranking official of the company. The aim of this type of scam is to trick the recipient into carrying out a large and “urgent” wire transfer…

Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.

Here are the most interesting articles we’ve found this week that could be helpful to you:

---

 

Scam Of The Week – Netflix For Free

With the pervasiveness of Netflix, this particular phishing scam is extremely effective.

At the moment, there are active malware and phishing campaigns targeting Netflix users. The operations are fairly sophisticated, so it is likely this is the work of an Eastern European cybermafia.

Phishing Attacks Continue to Sneak Past Defenses

It seems like every week there is a different spin on phishing scams. Keep your guard up.

“Even though companies are taking actions, it is still one of the easiest ways in,” Angela Knox, senior director of engineering and threat research for Cloudmark

Ninety-one percent of companies encountered phishing attacks in 2015, with the lion’s share—84 percent—of companies claiming attacks successfully snuck past their security defenses, according to a survey of 300 U.S. and UK firms conducted as part of the report. A relatively simple attack—sending a message to the accounting department purportedly from the company CEO—has become quite popular, with 63 percent of companies having encountered the tactic.2

Hack Brief: Last Year’s IRS Hack Was Way Worse Than We Realized

The IRS keeps adjusting the number of accounts that got compromised in a hack last year. I have no confidence that these numbers are right. Take a look at one of our past articles for ways to protect yourself from this particular breach.

The initial IRS report indicated that 114,000 accounts had been compromised. It revised that number last August, raising it to 334,000. On Friday, the IRS added another 390,000 accounts to the pile, for a total of well over 700,000 people. There have also been a total of 500,000 targeted, but failed, attempts at access.

Wireless mice and keyboards vulnerable to MouseJack takeover

This is a rare vulnerability that can affect air gapped machines and machines without the use of the networking stack.

An attack of this nature can happen so fast that even if the victim realizes someone has accessed their machine, it’s probably too late. The implications are grave, as hackers could leverage this flaw to steal credentials and sensitive data, or infect a machine with malware that can quickly spread across a connected enterprise. “They can even bypass an air-gapped network by turning a PC into a WiFi hotspot,” said Rouland. Potential applications run the gamut from financial cybercrime to corporate spying to nation-state cyberespionage. Bastille discovered the vulnerability in products manufactured by all seven of the wireless vendors it tested — AmazonBasics, Dell, Gigabyte, HP, Lenovo, Logitech and Microsoft.