Wednesday, December 11, 2019
SC Magazine

Pensacola confirms ransomware attack

Pensacola officials confirmed that an ongoing cyberattack that began early Saturday morning is a ransomware attack. While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...
SC Magazine

Real-time phishing alerts and stolen password warnings added to Chrome

Google yesterday announced that its latest Chrome release adds real-time phishing alerts and password breach warning capabilities to the browser. The real-time anti-phishing capabilities represents an upgrade to Google’s Safe Browsing service, which compiles an ever-changing blacklist of dangerous websites...
SC Magazine

Unsecured storage bucket exposes applications for birth certificate copies

A leaky Amazon Web Services storage bucket has exposed more than 752,000 applications requesting copies of birth certificates. A report yesterday by TechCrunch said the unsecured data set dates back to late 2017, but was just recently discovered by U.K.-based...
SC Magazine

Patch Tuesday: Adobe announces 25 bug fixes, 21 in Acrobat products

On the last Patch Tuesday of 2019, Adobe today released security updates for Acrobat and Acrobat Reader, Photoshop CC, Brackets and ColdFusion, fixing 25 critical and important vulnerabilities in the process. Twenty-one of the flaws were found in various Acrobat...
SC Magazine

Microsoft fixes exploited privilege elevation flaw, 34 more bugs

For its final Patch Tuesday release of the year, Microsoft Corporation issued a series of security updates that fixed a total of 35 vulnerabilities, seven of which were deemed critical and one of which was found to be actively...
SC Magazine

It’s past time to contain identity sprawl. Here’s how to do it.

Identity sprawl – too many usernames and too many passwords – has never been as big a concern as it is today: More devices are being brought into the enterprise, more people are working remotely and using their own devices, and more...
SC Magazine

Devin Nunes’ cow Twitter account owner should remain anonymous, ACLU says

The person behind the “Devin Nunes’ cow” Twitter account should remain anonymous, the American Civil Liberties Union (ACLU) asserted in a friend-of-the-court brief filed in response to a defamation lawsuit brought by Rep. Devin Nunes, R-Calif. While Nunes has offered...
SC Magazine

Failure to secure IoT networks has far-reaching consequences, and transportation is a bullseye target

In 2017, millions of moviegoers flocked to theaters for the eighth Fast and Furious movie, where they watched a villainous Charlize Theron take control of hundreds of self-driving cars. Whether they knew it or not, this was many viewers’ first exposure to...
SC Magazine

IG report says FBI justified in starting Russia probe, Barr disagrees

No sooner had Justice Department Inspector General Michael Horowitz released his much-anticipated report on the origins of the Russia probe, finding as expected that the FBI was justified in beginning an investigation of the Trump campaign, than Attorney General William Barr put out...
SC Magazine

Pensacola hit with cyberattack hours after shooting at naval base

Less than a day after a Saudi airman shot and killed three members of the U.S. military at the Pensacola Naval Air Station, a cyberattack has forced the Florida city to shut down many of its systems, with the...
SC Magazine

20 VPS providers shut down, leave customers scrambling, crying foul

Two days after alerting customers in the wake of what some believed might have been a cyberattack, at least 20 web hosting providers have shut their doors and plan to wipe their servers. The providers, which include ArkaHosting, Bigfoot...
SC Magazine

Reputed Vietnamese APT group hacks BMW, Hyundai: report

The reputed Vietnamese APT group OceanLotus is believed responsible for recently hacking into the networks of German car manufacturer BMW, as well as South Korea’s Hyundai, presumably to spy on their automotive trade secrets. German broadcaster Bayerricscher Rundfunk, which broke...
SC Magazine

Report: Dental practices feel the pain of ransomware attack on IT provider

More than 100 dentist offices have reportedly been affected by a recent Sodinokibi ransomware attack on a Colorado-based company that provides IT services to the oral-care practices. Security expert Brian Krebs reported this past weekend via his blog post that...
SC Magazine

Apple says ultra wideband tech culprit behind location data sharing; to issue fix

If what happens on your iPhone doesn’t stay on your iPhone after all, ultra wideband (UWB) technology is the culprit, according to Apple. After the Apple iPhone 11 Pro was discovered to still be sending out user location data even after Location...
SC Magazine

My kingdom for a decryptor! Ransomware creates ticketing snafu for N.J. Shakespeare theater

The Shakespeare Theatre of New Jersey was forced to cancel a performance of “A Christmas Carol” earlier this week after a ransomware attack disrupted its database and ticketing system, causing a show reservations nightmare. Performances of the show, which run...
SC Magazine

Pensacola confirms ransomware attack

Pensacola officials confirmed that an ongoing cyberattack that began early Saturday morning is a ransomware attack. While the city did not release any additional details, the Pensacola News Journal said city spokeswoman Kaycee Lagarde confirmed the attack included a ransom, something that...

Trickbot Operators Now Selling Attack Tools to APT Actors

North Korea's Lazarus Group - of Sony breach and WannaCry fame - is among the first customers.
Brian Krebs

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions...

Intel Issues Fix for ‘Plundervolt’ SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.
TechRepublic

How to stop spam calls right now

Spam calls drive us all crazy. Here are four ways to stop robocalls and other unsolicited phone calls.