Saturday, October 19, 2019

US Girl Scouts Launch First National Cybersecurity Challenge

US Girl Scouts Launch First National Cybersecurity ChallengeGirls across the United States of America will take part in the country's first ever National Girl Scouts Cyber Challenge tomorrow.  Over 3,000 girls have signed up to practice their cybersecurity skills by solving a...

Italians Rocked by Ransomware

Italians Rocked by RansomwareItaly is experiencing a rash of ransomware attacks that play dark German rock music while encrypting victims' files.  The musical ransomware, called FTCode, was detected by security analysts at AppRiver in malicious email campaigns directed at Italian Office 365...

Baltimore Doubles Up on Cyber-Insurance Following Ransomware Attack

Baltimore Doubles Up on Cyber-Insurance Following Ransomware AttackFive months on from a ransomware attack that brought the city to its knees, Baltimore has purchased cyber-insurance for the first time. On May 7, Baltimore became the second US city to fall...

UK Government Announces Major New Cybersecurity Partnerships

UK Government Announces Major New Cybersecurity PartnershipsThe UK government has revealed it is working with chip-maker Arm on a £36m initiative to make more secure processors. Although details are few and far between at this stage, the government claimed that the...

New US Privacy Bill Would Intro Jail Time for CEOs

New US Privacy Bill Would Intro Jail Time for CEOsA US senator has introduced a new privacy bill which he claims goes further than the EU’s GDPR, introducing prison sentences for culpable CEOs. Introduced by Ron Wyden, the Mind Your...

DNC Russian Hacking Group Makes a Comeback

DNC Russian Hacking Group Makes a ComebackSecurity researchers have uncovered new activity from the notorious Kremlin-backed APT29, or Cozy Bear, group, in an information-stealing campaign targeting foreign governments. APT29 was pegged for the infamous cyber-attacks on the Democratic National Committee...

A New Strain of Malware Is Terrorizing Docker Hosts

A New Strain of Malware Is Terrorizing Docker HostsFor the first time in history, researchers have discovered a crypto-jacking worm that spreads via unsecured Docker hosts.  Researchers at Unit 42 said that the new strain of malware has spread to more than...

Imposter Emails Plague Healthcare Industry

Imposter Emails Plague Healthcare Industry A study looking at cyber-attacks on the healthcare industry has found that 95% of targeted companies encounter emails spoofing their own trusted domain.  To create the Protecting Patients, Providers, and Payers 2019 Healthcare Threat Report, cybersecurity...

Recruitment Sites Expose Personal Data of 250k Jobseekers

Recruitment Sites Expose Personal Data of 250k Jobseekers The personal details of 250,000 American and British jobs seekers have been exposed after two online recruitment companies failed to set their cloud storage folders as private.  Names, addresses, contact information, and...

Rogue Mobile App Fraud Soars 191% in 2019

Rogue Mobile App Fraud Soars 191% in 2019Global fraud attacks soared by 63% from the second half of 2018 to the first six months of this year, with fake mobile applications a growing source of malicious activity, according to...

World’s Largest Child Exploitation Site Shut After Bitcoin Analysis

World’s Largest Child Exploitation Site Shut After Bitcoin AnalysisGlobal investigators have traced Bitcoin payments to locate and shutdown the dark web’s largest child exploitation website, arrest hundreds of users and rescue dozens of abused children, according to unsealed court...

US Ordered Secret Cyber-Strike on Iran: Report

US Ordered Secret Cyber-Strike on Iran: ReportThe US ordered a secret cyber-attack on Iranian IT systems in response to the alleged Tehran-backed September 14 attacks on Saudi Arabian oil facilities, according to a new report. Two anonymous US officials told...

Vermont Schools Spy on What Students Do Online

Vermont Schools Spy on What Students Do OnlineSchools in Vermont are hiring companies to monitor what their students post and search for online. According to a report by investigative journalism platform VTDigger, five schools in the Green Mountain State hired Burlington-based firm Social...

Over 550 Fake US Election Web Domains Discovered

Over 550 Fake US Election Web Domains Discovered External threat intelligence experts have detected hundreds of fake election web domains designed to target American voters. New research by Digital Shadows uncovered over 550 fake domains ranging from false funding pages to counterfeit...

UK Abandons Planned Online Pornography Age Verification System

UK Abandons Planned Online Pornography Age Verification System The British government has dropped plans to introduce a national online pornography age verification system because implementing it would be too difficult. A nationwide system to ensure X-rated online content cannot be...
The Register

Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope’s Click to Pray eRosary app

Vatican coders exorcise API gremlins but, we must confess, they missed little monster.... Exclusive  The technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information.…
SC Magazine

Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets

Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions. The developers behind the malicious browser have so far stolen at least $40,000 in...
SC Magazine

UC Browser potentially endangers 500 million users

The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk. UC Browser, which is available from the Google Play store, was found by Zscaler ThreatLabZ...
ZDNet

US stopped using floppy disks to manage nuclear weapons arsenal

US Air Force switches to secure solid-state-based solution to replace antiquated floppy disks in SACCS nuclear weapons management system.
Bruce Schneier

Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef

It's likely the diamondback squid. There's a video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.