Saturday, July 20, 2019
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more
SecurityWeek

Iranian Hackers Use New Malware in Recent Attacks

The Iran-linked cyber-espionage group OilRig has started using three new malware families in campaigns observed over the past month, FireEye reports. read more
SecurityWeek

The Growing Threat of Targeted Ransomware

Ransomware targeting organizations is a growing threat. The extent of that threat is not always obvious. Except for the healthcare sector, disclosure of a ransomware attack is not generally required -- so victims will not necessarily report an incident....
SecurityWeek

Author of Dryad and Rubella Macro Builders Arrested

Dutch authorities this week announced the arrest a 20-year old man for allegedly developing and distributing Office Macro Builders.  read more
SecurityWeek

Why Incident Response Must Adopt a Kill Chain Perspective

Even as incident response (IR) has evolved, it has struggled to see beyond individual events and create a more complete perspective. IR tools are still very effective, particularly as advances in orchestration and automation technology have turned many IR...
SecurityWeek

Israel Spyware Firm Can Mine Data From Social Media: FT

An Israeli spyware firm thought to have hacked WhatsApp in the past has told clients it can scoop user data from the world's top social media, the Financial Times reported Friday. read more
SecurityWeek

Ex-NSA Contractor to Be Sentenced in Stolen Documents Case

A former National Security Agency contractor awaits sentencing in Baltimore’s federal court for storing two decades’ worth of classified documents at his Maryland home. read more
SecurityWeek

Google Increases Bug Bounty Program Rewards

Google on Thursday informed security researchers that they can now earn significantly higher rewards if they submit vulnerability reports through the company’s bug bounty programs. read more
SecurityWeek

Researchers Claim They Bypassed Cylance’s AI-Based Antivirus

Researchers at Australia-based cybersecurity firm Skylight claim to have found a way to trick Cylance’s AI-based antivirus engine into classifying malicious files as benign. read more
SecurityWeek

Poland, Lithuania Probe Russian-made App Behind Viral Old Age Selfies

Poland and Lithuania said Thursday they were looking into the potential security risks of using a Russian-made face-editing app that has triggered a viral social media trend where users post "aged" selfies. read more
SecurityWeek

Over 800,000 Systems Still Vulnerable to BlueKeep Attacks

Users and organizations continue to patch the Windows vulnerability tracked as BlueKeep and CVE-2019-0708, but over 800,000 systems are still exposed to attacks. read more
SecurityWeek

Biometrics: Dismantling the Myths Surrounding Facial Recognition

Biometric Authentication is No Longer Just the Stuff of Spy Movies or Reserved for Military-Grade Installations read more
SecurityWeek

Slack Resetting More User Passwords in Response to 2015 Breach

Slack announced on Thursday that it’s resetting passwords for accounts that users have not secured after the data breach suffered by the company back in 2015. read more
SecurityWeek

US Senator Calls for Investigation into Russia-made FaceApp

The chart-topping Russian-made FaceApp, which allows users to see how they will look as they age, found itself in the eye of a political storm in the US Wednesday, with one senator urging an FBI investigation into its "national...
SecurityWeek

Malware Framework Gathers 1 Billion Ad Impressions in 3 Months

Flashpoint security researchers have discovered a new malware framework that managed to gather over one billion fraudulent ad impressions in the past three months. read more
SecurityWeek

Report Finds California Government IT Security Flaws

California’s state auditor raised alarms Tuesday about information security in some state offices and called for additional oversight and regular assessments. read more
SecurityWeek

StrongPity Targets Victims with Malicious WinBox Installer

A recently discovered ongoing campaign attributed to the StrongPity threat actor abuses malicious WinBox installers to infect victims, AT&T’s Alien Labs security researchers reveal. read more
SecurityWeek

Microsoft Reports Hundreds of Election-Related Cyber Probes

Microsoft says it has detected more than 740 infiltration attempts by nation-state actors in the past year targeting U.S.-based political parties, campaigns and other democracy-focused organizations including think tanks and other nonprofits. read more
SecurityWeek

Vulnerability Allows Hackers to Take Control of Drupal 8 Websites

Drupal developers on Wednesday informed users that version 8.7.4 is affected by a potentially serious vulnerability, and advised them to update to version 8.7.5, which addresses the issue. read more

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.