Saturday, January 19, 2019
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more
SecurityWeek

Exploit for Recent Flash Zero-Day Added to Fallout Exploit Kit

An updated version of the Fallout exploit kit recently emerged with an exploit for a recent Flash zero-day included in its arsenal, Malwarebytes Labs security researchers warn. read more
SecurityWeek

Hackers Actively Scanning for ThinkPHP Vulnerability, Akamai Says

There is widespread scanning for a recently disclosed remote code execution vulnerability in the ThinkPHP framework, Akamai reveals.  read more
SecurityWeek

Xbash Malware Uninstalls Cloud Security Products

Recent samples of the destructive Xbash Linux malware can uninstall cloud security protection products from infected servers, Palo Alto Networks reports.  read more
SecurityWeek

Marco Rubio Proposes New Federal Data Privacy Bill

U.S. Senator Marco Rubio (R-Fla.) introduced a bill on Wednesday designed to provide privacy legislation for the entire nation -- that is, federal law. It is based on the Privacy Act of 1974, which was introduced post-Watergate to protect...
SecurityWeek

Barracuda Adds Incident Response to Email Security Offering

Barracuda Networks this week announced automated incident response capabilities are now available for customers using its Total Email Protection solution.  read more
SecurityWeek

PCI SSC Releases New Security Standards for Payment Software

The Payment Card Industry Security Standards Council (PCI SSC) this week announced new security standards for the design, development and maintenance of payment software. read more
SecurityWeek

Rate of Cybersecurity Venture Funding Not Sustainable, Investors Say

Venture capital firm Strategic Cyber Ventures (SCV) considers itself a part of the overall security industry. "First and foremost we are cyber operators," it states on its website. "We advance cybersecurity through expert investment in synergistic teams and technology...
SecurityWeek

Impact of U.S. Government Shutdown on Cybersecurity: Feedback Friday

The failure of President Donald Trump and the Democratic Party to reach an agreement over funding for the controversial Mexico border wall has led to the longest government shutdown in US history. read more
SecurityWeek

Facebook Closes Hundreds of ‘Inauthentic’ Russia-Linked Pages

Facebook announced Thursday that it has removed more than 500 pages, groups and accounts originating in Russia for engaging in what the social network called "coordinated inauthentic behavior." read more
SecurityWeek

Bug in Twitter Android App Exposed Protected Tweets

Twitter revealed on Thursday that users of its Android application may have had their supposedly protected tweets made public due to a bug. read more
SecurityWeek

Bug in Twitter Android App Exposed Protected Tweets

Twitter revealed on Thursday that users of its Android application may have had their supposedly protected tweets made public due to a bug. read more
SecurityWeek

Portuguese Hacker Linked to ‘Football Leaks’ Held in Hungary

A Portuguese hacker said by his lawyers to have played a pivotal role in the Football Leaks whistleblower website was fighting extradition from Hungary to Portugal on Thursday on charges of extortion. Rui Pinto, 30, was arrested on Wednesday. read more
SecurityWeek

Ongoing Attacks Hit West African Financial Institutions Since Mid-2017

Cyber-attacks that have been ongoing since at least mid-2017 hit financial institutions in West Africa, Symantec security researchers report. read more
SecurityWeek

New Magecart Group Targets French Ad Agency

A new threat actor operating under the “Magecart” umbrella landed a malicious skimmer on hundreds of websites through a supply chain attack, security firms reveal. read more
SecurityWeek

773 Million Records Amassed in Massive Data Breach Collection

A newly discovered set of compromised login details contains roughly 773 million email addresses, Australian web security expert Troy Hunt reveals. read more
SecurityWeek

Misconfigured Server Leaks Oklahoma Department of Securities Data

A storage server configured for public access was found to expose terabytes of data belonging to the Oklahoma Department of Securities, UpGuard reveals. read more
SecurityWeek

Serious Flaws Found in ControlByWeb Industrial Weather Station

Researchers have discovered two potentially serious vulnerabilities in an industrial-grade weather station made by ControlByWeb, a company that specializes in products that allow organizations to remotely monitor and control electrical devices. read more
SecurityWeek

ERP Security Firm Onapsis Acquires Competitor Virtual Forge

Onapsis, a company specializing in cybersecurity and compliance solutions for enterprise resource planning (ERP) products, on Wednesday announced that it has entered a definitive agreement to acquire competitor Virtual Forge. read more
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
isBuzz

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more