Thursday, October 1, 2020

IPStorm botnet expands from Windows to Android, Mac, and Linux

IPStorm botnet quadruples in size to reach 13,500 infected systems.

UK NCSC: Don’t disable updates so you can continue using Adobe Flash past its EOL

UK cybersecurity agency warns system administrators not to disable app and browser updates as a way to continue using Flash inside current or legacy enterprise software.

Twitter removes 130 Iranian accounts for trying to disrupt the US Presidential Debate

Twitter says it removed the accounts following a tip from the FBI.

North Korea has tried to hack 11 officials on the UN Security Council

New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year.

North Korea has tried to hack 11 officials of the UN Security Council

New UN Security Council report reveals repeated targeting of UN Security Council officials over the past year.

Windows XP leak confirmed after user compiles the leaked code into a working OS

The Windows XP source code that leaked last week is incomplete, lacking some components, but is authentic.

GitHub rolls out new Code Scanning security feature to all users

New Code Scanning feature will tell GitHub users when they've added known security flaws in their code

Linkury adware caught distributing full-blown malware

Linkury (SafeFinder) installations linked to infections with the Socelars and Kpot infostealer trojans.

$15 million business email scam campaign in the US exposed

The FBI is investigating the global campaign in which millions of dollars have been stolen from at least 150 victims.

This worm phishing campaign is a game-changer in password theft, account takeovers

The security incident highlights the need for multi-factor authentication in the enterprise.

Twitter hires new CISO in industry veteran Rinki Sethi

Sethi previously served in security roles at Rubrik, IBM, Palo Alto Networks, Intuit, and eBay.

Microsoft: Some ransomware attacks take less than 45 minutes

Microsoft goes over the recent malware trends in its new "Digital Defense Report."

Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data

Thousands of students have reportedly had their private data released online.

Former Amazon finance manager and family charged with $1.4m insider trading scheme

The charges relate to trading made before Amazon earnings announcements.

QNAP tells NAS users to update firmware to avoid new type of ransomware

AgeLocker ransomware has been seen infecting QNAP NAS systems since June.

911 services down in multiple US states

Most services are now restored. No technical reason for the outage given.

All four of the world’s largest shipping companies have now been hit by cyber-attacks

Maritime industry needs to focus more on securing shore-based systems and stop prioritizing the less likely ship-based attacks.

UHS hospital network hit by ransomware attack

UHS operates more than 400 hospitals across the US and UK. Some US hospitals have been down since Sunday.

Suspicious logins reported after ransomware attack on US govt contractor

Ransomware attack on Tyler Technologies is looking worse by the day.

Students rise up against forced remote spy app usage in colleges, universities

Recent clashes highlight concerns that forcing students to use remote exam monitoring software is an affront to personal privacy.

Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks

A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin,...
Bruce Schneier

Detecting Deep Fakes with a Heartbeat

Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face: In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these...

Anthem to Pay Nearly $40M Settlement Over 2015 Cyberattack

Health insurer Anthem has agreed to another multimillion-dollar settlement over a cyberattack on its technology that exposed the personal information of nearly 79 million people. read more

#BeCyberSmart – why friends don’t let friends get scammed

Friends don't let friends get scammed. Because cybercrime hurts us all.
IBM Security

Why a Security Maturity Model Can Transform How You Use Analytics

With cyberattacks and breaches on the rise, security should be a major concern for all companies. In particular, enabling the development of an analytics maturity model is a useful addition to your traditional security information and event management (SIEM)-based...