Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine
Enlarge (credit: Getty Images)
Last month, the makers of one of the most promising coronavirus vaccines reported that hackers stole confidential documents they had submitted to a European Union regulatory body. On Friday, word emerged that the hackers...
How law enforcement gets around your smartphone’s encryption
Enlarge / Uberwachung, Symbolbild, Datensicherheit, Datenhoheit (credit: Westend61 | Getty Images)
Lawmakers and law enforcement agencies around the world, including in the United States, have increasingly called for backdoors in the encryption schemes that protect your data, arguing...
The NSA warns enterprises to beware of third-party DNS resolvers
Enlarge (credit: Getty Images)
DNS over HTTPS is a new protocol that protects domain-lookup traffic from eavesdropping and manipulation by malicious parties. Rather than an end-user device communicating with a DNS server over a plaintext channel—as DNS has...
Hackers used 4 zero-days to infect Windows and Android devices
Enlarge (credit: Getty Images)
Google researchers have detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices.
Some of the exploits were zerodays, meaning they targeted vulnerabilities that at...
AT&T kills off the failed TV service formerly known as DirecTV Now
Enlarge / AT&T corporate offices on November 10, 2020, in El Segundo, California. (credit: Getty Images | AaronP/Bauer-Griffin)
AT&T is killing off the online-video service formerly known as DirecTV Now and introducing a no-contract option for the...
Mimecast says hackers stole a certificate and used it to target its customers
Enlarge (credit: Getty Images)
Email management provider Mimecast said that hackers have compromised a digital certificate it issued and used it to target select customers who use it to encrypt data they sent and received through the company’s...
Parler’s amateur coding could come back to haunt Capitol Hill rioters
Enlarge / Parler? (credit: Getty Images)
By now, you may have heard of the hacker who says she scraped 99 percent of posts from Parler, the Twitter-wannabe site used by Trump supporters to help organize last Wednesday’s violent...
SolarWinds malware has “curious” ties to Russian-speaking hackers
Enlarge (credit: Getty Images)
The malware used to hack Microsoft, security company FireEye, and at least a half-dozen federal agencies has “interesting similarities” to malicious software that has been circulating since at least 2015, researchers said on Monday.
Sunburst...
New York City proposes regulating algorithms used in hiring
Enlarge (credit: John Lamb | Getty Images)
In 1964, the Civil Rights Act barred the humans who made hiring decisions from discriminating on the basis of sex or race. Now, software often contributes to those hiring decisions, helping...
Reddit’s largest remaining Trump community banned for “inciting violence”
Enlarge / The image currently at the top of r/donaldtrump. (credit: Reddit)
On Friday, Reddit joined this week's response to violent online rhetoric as spearheaded by President Donald Trump and removed its "r/donaldtrump" community, the site's largest existing...
Hackers can clone Google Titan 2FA keys using a side channel in NXP chips
Enlarge (credit: Google)
There’s wide consensus among security experts that physical two-factor authentication keys provide the most effective protection against account takeovers. Research published today doesn’t change that, but it does show how malicious attackers with physical possession...
DoJ says SolarWinds hackers breached its Office 365 system and read email
Enlarge (credit: Gregory Varnum)
The US Justice Department has become the latest federal agency to say its network was breached in a long and wide-ranging hack campaign that’s believed to have been backed by the Russian government.
In a...
Feds say that Russia was “likely” behind months-long hack of US agencies
Enlarge / Side view of colorful St. Basil's Cathedral in Moscow on Red Square in front of the Kremlin, Russia. (credit: Getty Images)
Hackers working for the Russian government were “likely” behind the software supply chain attack that...
Telegram feature exposes your precise address to hackers
Enlarge (credit: Getty Images)
If you’re using an Android device—or in some cases an iPhone—the Telegram messenger makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically...
Iconic BugTraq security mailing list shuts down after 27 years
BugTraq launched in November 1993 and it was one of the first mailing lists dedicated to disclosing vulnerabilities.
Weekly Update 226
Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineA little bit of a change of pace this week with the video being solely on the events unfolding around removing content, people...
FIN11 e-crime group shifted to CL0P ransomware and big game hunting
The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise.
“Several...
Joker's Stash, the internet's largest carding forum, is shutting down
Joker's Stash to shut down on February 15, 2021.
Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles
President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical...
