Sunday, September 19, 2021
Infosecurity Magazine

More Tribes Given Enhanced Access to US Crime Data

More Tribes Given Enhanced Access to US Crime DataMore Native American tribes are going to be given enhanced access to critical databases containing national crime information for the United States. In an announcement made September 16, the Department of Justice said that...
Infosecurity Magazine

Prison for AT&T Phone-Unlocking Fraudster

Prison for AT&T Phone-Unlocking Fraudster A cyber-criminal who defrauded American telecommunications giant AT&T out of more than $200m through a phone-unlocking bribery scheme has been sentenced to prison. Muhammad Fahd, a 35-year-old citizen of Pakistan and Grenada, led a seven-year conspiracy in...
Infosecurity Magazine

Free REvil Decryptor Launched

Free REvil Decryptor LaunchedAntivirus vendor Bitdefender has launched a free universal decryption tool to help victims of REvil ransomware, also known as Sodinokibi. The new tool, which was made available on Thursday, can restore many files impacted by the crypto-locking malware before July 13, 2021....
Infosecurity Magazine

Romance Scammers Make $133m in First Half of 2021

Romance Scammers Make $133m in First Half of 2021Over $133m has already been lost this year to romance scams, with victims increasingly urged to invest in fraudulent cryptocurrency opportunities, according to the FBI. A new Public Service Announcement was published yesterday revealing...
Infosecurity Magazine

Experts Concerned Over New Digital Secretary's Lack of Cyber Knowledge

Experts Concerned Over New Digital Secretary's Lack of Cyber KnowledgePrivacy and security experts have signaled their concern over the appointment of Nadine Dorries to the post of digital and culture secretary. This week, Boris Johnson announced the move as part of a...
Infosecurity Magazine

CISA: Patch Zoho Bug Being Exploited by APT Groups

CISA: Patch Zoho Bug Being Exploited by APT GroupsThe US government is urging organizations to patch a newly identified Zoho vulnerability since state-sponsored attackers are actively exploiting it. CVE-2021-4053 is a critical authentication bypass vulnerability affecting REST-based API URLs which could...
Infosecurity Magazine

US Imprisons World’s Largest Facilitator of CSAM

US Imprisons World’s Largest Facilitator of CSAM A dual Irish-American citizen has been sentenced to 27 years in US federal prison for sharing on the dark web millions of images depicting the sexual abuse of children, toddlers and infants.  Dublin...
Infosecurity Magazine

Australia, UK, and US Announce Security Partnership

Australia, UK, and US Announce Security Partnership The United States, United Kingdom and Australia have announced a historic trilateral security and defense agreement. Under the new AUKUS pact, the three nations will cooperate more closely than ever before in...
Infosecurity Magazine

FTC: Health Apps Must Notify Consumers of Data Breaches

FTC: Health Apps Must Notify Consumers of Data BreachesThe United States Federal Trade Commission (FTC) has warned the developers of health apps and connected devices that they must disclose data breaches to consumers or face a fine. In a policy...
Infosecurity Magazine

Household Names Hit with £500K Fine for Spamming Consumers

Household Names Hit with £500K Fine for Spamming ConsumersThree big-name UK brands have been collectively fined nearly half a million pounds by the privacy regulator after sending hundreds of millions of nuisance marketing messages to consumers. We Buy Any Car was...
Infosecurity Magazine

Misconfigured APIs Account for Two-Thirds of Cloud Breaches

Misconfigured APIs Account for Two-Thirds of Cloud BreachesShadow IT and misconfigured APIs accounted for the vast majority of security incidents in the cloud last year, according to a new report from IBM Security X-Force. The threat intelligence player drew on...
Infosecurity Magazine

Banks Slammed for Low Fraud Reimbursement Rates

Banks Slammed for Low Fraud Reimbursement RatesThe UK’s high street banks have been called out for “shockingly low” reimbursement rates for Authorized Push Payment (APP) fraud. APP fraud is an increasingly popular type of scam in which the fraudster —...
Infosecurity Magazine

Serious Flaw Found in HP OMEN Driver

Serious Flaw Found in HP OMEN Driver A serious flaw has been found in the driver of a popular PC gaming software used by millions.  Researchers from SentinelLabs published details of the vulnerability in the HP Omen Gaming Hub on September 14....
Infosecurity Magazine

Arizona Medical Practice Permanently Loses EHR Data

Arizona Medical Practice Permanently Loses EHR Data A medical practice in Arizona has lost nearly all the data entered into its electronic health record (EHR) system due to a cyber-attack.  Desert Wells Family Medicine, which has been serving patients in...
Infosecurity Magazine

Americans Fined After Hacking for Foreign Government

Americans Fined After Hacking for Foreign Government Three former members of the United States military or United States Intelligence Community (USIC) have been fined for providing hacking-related services to a foreign government.  United States citizens, 49-year-old Marc Baier and 34-year-old Ryan...

How to Set Up a NAS to Securely Share Files

From file backups to movie streaming, network attached storage drives offer plenty of functions and features.
Security Affairs

The Biden administration plans to target exchanges supporting ransomware operations with sanctions

US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments. The Biden administration is putting in place all the strategies to disrupt the operations of the ransomware...

Former US Intelligence Operatives Admit They Hacked for UAE

Plus: Remote learning spyware, an AT&T bribery scandal, and more of the week's top security news.
Security Affairs

Expert discloses details and PoC code for Netgear Seventh Inferno bug

A new critical vulnerability in Netgear smart switches can be exploited by an attacker to potentially execute malicious code and take over impacted devices. Researchers provided technical details about a recently addressed critical vulnerability, dubbed Seventh Inferno, in Netgear smart...

A new app helps Iranians hide messages in plain sight

Enlarge / An anti-government graffiti that reads in Farsi "Death to the dictator" is sprayed at a wall north of Tehran on September 30, 2009. (credit: Getty Images) Amid ever-increasing government Internet control, surveillance, and censorship in...