Thursday, July 19, 2018

Apple Transfers Chinese Users’ iCloud Data to State-Controlled Data Centers

There's terrible news for Apple users in China. Apple's Chinese data center partner has transferred iCloud data, belonging to 130 million China-based users, to a cloud storage service managed by a state-owned mobile telecom provider—raising concerns about privacy. Back in February...

EU Fines Google Record $5 Billion in Android Antitrust Case

Google has been hit by a record-breaking $5 billion antitrust fine by the European Union regulators for abusing the dominance of its Android mobile operating system and thwarting competitors. That's the largest ever antitrust penalty. Though Android is an open-source and...

Microsoft Offers $100,000 Bounty for Finding Bugs in Its Identity Services

Microsoft today launched a new bug bounty program for bug hunters and researchers finding security vulnerabilities in its "identity services." Hacking into networks and stealing data have become common and easier than ever but not all data holds the same...

BTC-e Operator, Accused of Laundering $4 Billion, to be Extradited to France

In a legal extradition tug-of-war between the United States and Russia, it seems France has won the game, surprisingly. A Greek court has ruled to extradite the Russian cybercrime suspect and the former operator of now-defunct BTC-e crypto exchange to...

21-Year-Old Woman Charged With Hacking Selena Gomez’s Email Account

A 21-year-old New Jersey woman has been charged with hacking into the email accounts of pop star and actress Selena Gomez, stealing her personal photos, and then leaked them to the Internet. Susan Atrach of Ridgefield Park was charged Thursday...

21-Year-Old Creator of LuminosityLink Hacking Tool Pleads Guilty

As it was speculated that the author of LuminosityLink RAT was arrested in September last year, a plea agreement made available to the public today confirmed the news. Colton Grubbs, a 21-year-old man from Kentucky, the developer of the LumunosityLink...

12 Russian Intelligence Agents Indicted For Hacking DNC Emails

The US Justice Department has announced criminal indictments against 12 Russian intelligence officers tied to the hack of the Democratic National Committee (DNC) during the 2016 US presidential election campaign. The charges were drawn up as part of the investigation...

Hackers Used Malicious MDM Solution to Spy On ‘Highly Targeted’ iPhone Users

Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing...

Google Enables ‘Site Isolation’ Feature By Default For Chrome Desktop Users

Google has by default enabled a security feature called "Site Isolation" in its web browser with the release of Chrome 67 for all desktop users to help them protect against many online threats, including Spectre and Meltdown attack. Site Isolation...

Hacker Sold Stolen U.S. Military Drone Documents On Dark Web For Just $200

You never know what you will find on the hidden Internet 'Dark Web.' Just about an hour ago we reported about someone selling remote access linked to security systems at a major International airport for $10. It has been reported that...

Hacker Puts Airport’s Security System Access On Dark Web Sale For Just $10

If you can't find it on Google, you will definitely find it on the Dark Web. Black markets on the Dark web are not known for just buying drugs, it is a massive hidden network where you can buy pretty...

Facebook Faces £500,000 Fine in U.K. Over Cambridge Analytica Leak

Facebook has been fined £500,000 ($664,000) in the U.K. after the country's data protection watchdog concluded that its data-sharing scandal broke the law, making it as the social network's first fine over the Cambridge Analytica scandal. Yes, £500,000—that's the maximum...

Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

Intel has paid out a $100,000 bug bounty for new processor vulnerabilities that are related to Spectre variant one (CVE-2017-5753). The new Spectre-class variants are tracked as Spectre 1.1 (CVE-2018-3693) and Spectre 1.2, of which Spectre 1.1 described as a...

Malicious Software Packages Found On Arch Linux User Repository

Yet another incident which showcases that you should not explicitly trust user-controlled software repositories. One of the most popular Linux distros Arch Linux has pulled as many as three user-maintained software repository AUR packages after it was found hosting malicious...

Microsoft Releases Patch Updates for 53 Vulnerabilities In Its Software

It's time to gear up your systems and software for the latest July 2018 Microsoft security patch updates. Microsoft today released security patch updates for 53 vulnerabilities, affecting Windows, Internet Explorer (IE), Edge, ChakraCore, .NET Framework, ASP.NET, PowerShell, Visual Studio,...

Adobe Releases Security Patch Updates For 112 Vulnerabilities

Adobe has released security patches for a total 112 vulnerabilities in its products, most of which have a higher risk of being exploited. The vulnerabilities addressed in this month's patch Tuesday affect Adobe Flash Player, Adobe Experience Manager, Adobe Connect,...

Gaza Cybergang Returns With New Attacks On Palestinian Authority

Security researchers from Check Point Threat Intelligence Team have discovered the comeback of an APT (advanced persistent threat) surveillance group targeting institutions across the Middle East, specifically the Palestinian Authority. The attack, dubbed "Big Bang," begins with a phishing email...

USB Accessory Can Defeat iOS’s New “USB Restricted Mode” Security Feature

With the release of iOS 11.4.1, Apple has finally rolled out a new security feature designed to protect your devices against USB accessories that connect to the data port, making it harder for law enforcement and hackers to break...

Stolen D-Link Certificate Used to Digitally Sign Spying Malware

Digitally signed malware has become much more common in recent years to mask malicious intentions. Security researchers have discovered a new malware campaign misusing stolen valid digital certificates from Taiwanese tech-companies, including D-Link, to sign their malware and making them...

DomainFactory Hacked—Hosting Provider Asks All Users to Change Passwords

Besides Timehop, another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFactory, owned by GoDaddy. The breach initially happened back in last January this year and just emerged last...

Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power

This bill making its way through Congress would allow law enforcement to more easily uncover location data for cell phones from mobile carriers in an emergency.

Financial Industry Insiders Put the Keys to the Kingdom at Risk

Monitoring for Illicit Insider Activity Shouldn’t Focus Exclusively on Dark Web and Criminal Forums read more

Trends in malware – ransomware, cryptojacking, what next? [PODCAST]

Catch up with Day 3 of our Security SOS Week - here's the third episode of our week-long online security summit.

Microsoft offers up to $100,000 to identity bug finders

Want to earn $100,000? You could win as much as that if you manage to uncover a serious vulnerability in Microsoft’s various identity services. Read more in my article on the Hot for Security blog.

Automated money-laundering scheme found in free-to-play games

The scammers automatically created iOS accounts with valid email accounts, then automatically used stolen cards to buy and resell stuff.