Saturday, July 20, 2019
Tripwire

Google Raises Award Amounts for Chromium Bug Bounty Program

Google has raised the award amounts for security researchers who submit eligible vulnerability reports under its Chromium bug bounty program. On 18 July, Natasha Pabrai and Andrew Whalley of the Chrome Security Team announced that the Chromium Vulnerability Reward...
Tripwire

Microsoft Observed Nation-State Attacks Targeting 10,000 of Its Customers

Microsoft has notified approximately 10,000 of its customers that they were the targets of nation-state attacks over the past year. On 17 July, Microsoft’s Corporate Vice President of Customer Security & Trust Tom Burt revealed that 84 percent of...
Tripwire

Ransomware Attack Disrupts Some Services at Onondaga County Libraries

A crypto-ransomware attack has disrupted some services at all library locations across Onondaga County in New York State. On 16 July, the Onondaga County Public Library system published a tweet in which it explained that many of its public...
Tripwire

Evite Reveals Security Incident Potentially Involving Unauthorized Access

Social-planning website Evite has revealed a security incident that potentially involved unauthorized access to its systems. Evite first became aware of the security incident back in April 2019. It responded by retaining a data forensics firm to launch a...
Tripwire

Free Decryptor Released for Ims00rry Ransomware

Security researchers have released a free decryption utility which victims of Ims00rry ransomware can use to recover their files. On 12 July, anti-virus and anti-malware solutions provider Emsisoft made the decryptor available to the public. The firm published a...
Tripwire

Mayors Say They’ll No Longer Pay Ransoms Connected to Security Events

Mayors in the United States have collectively declared that they’ll no longer meet attackers’ ransom demands in connection to a digital security event. At its 87th annual meeting, the U.S. Conference of Mayors approved a resolution entitled, “Opposing Payment...
Tripwire

Magecart Actors Using Spray and Pray Tactics to Find Misconfigured Buckets

Magecart actors are using spray and pray tactics to discover misconfigured Amazon S3 buckets and deploy their payment card skimmers. In April 2019, RiskIQ began tracking a Magecart group campaign in which threat actors took to automatically scanning for...
Tripwire

Malvertising Campaign Redirects to RIG Exploit Kit, ERIS Ransomware

A malvertising campaign is redirecting users to the RIG exploit kit for the purpose of loading ERIS ransomware onto vulnerable machines. Over the 5-7 July weekend, security researcher nao_sec discovered a malvertising campaign that was abusing the popcash ad...
Tripwire

Misconfigured ElasticSearch Cluster Exposed Over 90 Million Records

A security researcher found a misconfigured ElasticSearch cluster that exposed over 90 million personal and businesses data records. On 1 July, GDI Foundation member and an independent security researcher Sanyam Jain found that the unprotected ElasticSearch server lacked proper...
Tripwire

National Trade Association Discloses Data Breach Tied to Alleged Phishing Attack

A national trade association has disclosed a data breach that allegedly took place following a successful phishing attack. On 3 July, the American Land Title Association (ALTA) said that the security incident affected title and settlement company usernames and...
Tripwire

Senate Passes Bill to Help Defend U.S. Energy Grid against Digital Attacks

The United States Senate has passed a bill to help strengthen the defenses of the U.S. energy grid against digital attacks. On 27 June, the Senate passed the Securing Energy Infrastructure Act. Introduced by U.S. Senators Angus King (I-Maine)...
Tripwire

Florida City Fires IT Director after Meeting Ransomware Actors’ Demands

A municipality in Florida fired its IT director shortly after paying off bad actors who infected its computer systems with ransomware. Joe Helfenberg, the city manager of Lake City, confirmed to WCJB that the municipality fired Brian Hawkins, who...
Tripwire

IT Pro Arrested After Demonstrating Bug in Kindergarten Software

Bulgarian authorities arrested an IT professional after he publicly demonstrated a vulnerability affecting software used by kindergartens. On 25 June, the Bulgarian IT expert Petko Petrov shared his findings about the software on Facebook. His post included a video...
Tripwire

Riviera Beach Pays Nearly $600K to Recover Data after Ransomware Attack

Riviera Beach paid bad actors approximately $600,000 in ransom to recover its information after it fell victim to a ransomware attack. On 17 June, the board of the Palm Beach County municipality voted unanimously to authorize that the city...
Tripwire

Modular Plurox Backdoor Comes with Cryptomining, Worm-Like Plugins

A new modular backdoor detected as “Plurox” comes with multiple plugins that expand its capabilities to include cryptomining and worm-like behavior. In February 2019, Kaspersky Lab’s researchers first detected the backdoor. Their analysis revealed that the backdoor, written in...

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.