Tuesday, December 11, 2018
SC Magazine

Second Google+ bug hastens shutdown

After a second, newly discovered, bug affected 52.5 million Google+ users, Google has decided to shutter the social network earlier than originally planned. “We’ve recently determined that some users were impacted by a software update introduced in November that contained...
SC Magazine

City of North Bend hit with ransomware

The city of North Bend, Ore., was hit with a ransomware attack which temporarily locked out city workers from their computers and databases. “One weekend morning a few weeks back all of our servers and things locked up, and we...
SC Magazine

Seedworm cyberespionage gang using new tricks to dig up info

Researchers used an attack on a Brazilian-embassy computer to uncover additional details on the year-old cyberespionage group Seedworm, including a new backdoor the group is now using. Symantec found Seedworm and APT28 on a computer in the Brazilian embassy in...
SC Magazine

New Mac malware ‘DarthMiner’ joins the dark side

Researchers last week detected a fake Adobe piracy app that infects Mac users with a one-two combination of the EmPyre backdoor/post-exploitation agent and the XMRig cryptominer. The app pretends to be Adobe Zii, a software program that facilitates the cracking and...
SC Magazine

Sextortion scandals add GandCrab ransomware to the attack

In the latest rendition of a sextortion plot that has been using public breach data to trick victims into thinking they were hacked, cybercriminals have added the inevitable ransomware update to the scam. The malware attacks usually consist of a...
SC Magazine

Cryptomining campaign pulls new ‘Linux Rabbit’ malware out of its black hat

A two-month Monero cryptomining campaign targeted both Linux-based servers and Internet of Things devices with a newly discovered malware family called “Linux Rabbit,” researchers have reported. The operation occurred in two phases, each of which used a distinct version of Linux...
SC Magazine

Moldovian sentenced for stealing millions using Bugat banking malware

A Moldovian national was sentenced to time served by a federal court for his crime of conspiracy and damaging a computer. Andrey Ghinkul, also known as, Andrei Ghincul and Smilex, was arrested in Cyprus in August 2015 and extradited to the United States in February...
SC Magazine

Mueller sentencing memos on Cohen, Manafort point to coordination with Russian operatives during campaign

A trio of sentencing memos filed Friday in cases against President Trump’s former attorney Michael Cohen and his former campaign manager Paul Manafort offer the strongest indication yet of repeated contact or coordination between members of the Trump campaign...
SC Magazine

Researchers: Syrian Electronic Army targeting secure messaging app users with spyware

The Syrian Electronic Army hacker group has reportedly been investing heavily in a scheme to infect Android device users with a spyware tool hidden inside fake app updates. Known for its ardent support of Syrian President Bashar al-Assad, the threat group is...
SC Magazine

Marriott will pay to replace passports after breach

After its breach, which compromised the personal data of 500 million customers, Marriott has agreed to pay for new passports if it has found that “fraud has taken place.” Sen. Charles E. Schumer, D-N.Y., on Sunday suggested the hotel chain...
SC Magazine

Company’s ransomware decryption service is a sham, researchers report

A Russian company that claims to specialize in decrypting ransomware is actually just secretly brokering deals with the malware distributors and charging victims for this middle-man service, researchers say. The so-called IT consulting firm, known as Dr. Shifro, advertises that...
SC Magazine

Researchers uncover 21 Linux malware families

ESET researchers examined the inner workings of 21 different Linux malware families all operating as trojanized versions of the OpenSHH client. Researchers noted 12 of the malwares were previously undocumented, 18 had credential-stealing features and 17 featured a backdoor...
SC Magazine

Redwood Eye Care hit with ransomware, 16,000 records encrypted

The Redwood Eye Center has notified 16,000 California residents their personal information may have been compromised when a company subcontractor suffered a ransomware attack. The Redwood Eye Center learned on September 19, 2018 that third-party vendor IT Lighthouse that hosts...
SC Magazine

Australia passes law forcing tech giants to circumvent encryption on target devices

Australia’s parliament on Thursday passed groundbreaking legislation that instructs tech developers to help law enforcement investigations by intercepting the encrypted communications of suspects’ devices. Known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, the law contains...
SC Magazine

Seven Steps to Secure Privileged Access

Gartner released the first-ever Magic Quadrant for Privileged Access Management ,1 shining a spotlight on what maybe the largest security vulnerability enterprises face today. Privileged accounts, credentials and secrets are “the keys to the kingdom” and they exist everywhere...
Computerworld

And that was actually the CLEAN version!

It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there."It was part of an email security product," fish says. "The filter could identify emails containing...

Review: How StackRox protects containers

With the rise of cloud computing and later DevOps, containerization has never been more popular. But cybersecurity has yet to fully catch up. Even security applications designed to work natively in the cloud have trouble protecting the most popular...

Dark web goldmine busted by Europol

What’s the safest way to buy counterfeit banknotes? Not on the dark web market, as 235 people have just discovered to their cost.
Security Affairs

Google will shut down consumer version of Google+ earlier due to a bug

Google announced it will close the consumer version of Google+ before than originally planned due to the discovery of a new security flaw. Google will close the consumer version of Google+ in April, four months earlier than planned. According to G...

Teen SWATter who had 400 schools evacuated lands 3 years in jail

George Duke-Cohan is the British teen who posed as a worried father whose daughter had called him mid-flight during a hijacking.