Saturday, January 19, 2019
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
ZDNet

DNC says Russia tried to hack its servers again in November 2018

Democrats say the spear-phishing attack, which was attributed to Russian group Cozy Bear, was unsuccessful.
ZDNet

WiFi firmware bug affects laptops, smartphones, routers, gaming devices

List of impacted devices includes PS4, Xbox One, Samsung Chromebooks, and Microsoft Surface devices.
ZDNet

Verizon to roll out free robocoll spam protection to all customers

Call Filter service to be made available to all wireless and wired customers with compatible phones in March 2019.
ZDNet

These malicious Android apps will only strike when you move your smartphone

Apps containing the Anubis banking Trojan and an interesting motion sensor have been found in the Google Play store.
ZDNet

Temporary fix available for one of the two Windows zero-days released in December

Microsoft did not issue official fixes during the recent January Patch Tuesday update window.
ZDNet

Microsoft launches Azure DevOps bug bounty program, $20,000 rewards on offer

The Redmond giant is keenly interested in remote code execution and privilege escalation flaws.
ZDNet

Hacker behind ‘Football Leaks’ arrested in Hungary

Hacker is a 30-year-old Portuguese man. Police haven't released his name, but several news outlets claim he's named Rui Pinto, a man they've identified and have been tracking for years.
ZDNet

Twitter bug revealed private tweets for some Android users for almost five years

Some Twitter for Android users had their private tweets exposed to non-followers and search engines.
ZDNet

Online stores for governments and multinationals hacked via new security flaw

Little-known database management tool allowed hackers to take over sites and inject malicious code that steals payment card details.
ZDNet

West African banks hit by multiple hacking waves last year

Banks in Cameroon, Congo (DR), Equatorial Guinea, Ghana, and the Ivory Coast have been hit.
ZDNet

Some Android GPS apps are just showing ads on top of Google Maps

Apps have been downloaded over 50 million times. Google has failed to removed them, even if they blatantly break their own license.
ZDNet

Oklahoma gov data leak exposes FBI investigation records, millions of department files

An Oklahoma Department of Securities server allowed anyone to download government files.
ZDNet

Facebook removes propaganda network linked to Russian media group Sputnik

Facebook says Sputnik employees ran hundreds of Facebook pages and accounts, some posing as politicians in other countries.
ZDNet

Zix acquires AppRiver in $275 million deal

It seems like 2019 is the year to purchase cloud security companies.
ZDNet

Google Chrome extension that steals card numbers still available on Web Store

Fake "Flash Player" extension has been available since February 2018, was installed by roughly 400 users.
ZDNet

Hackers breach and steal data from South Korea’s Defense Ministry

Government says hackers breached 30 computers and stole data from 10.
ZDNet

Advertising network compromised to deliver credit card stealing code

Hundreds of online stores confirmed to be impacted, thousands of more under investigation.
ZDNet

VOIPO database exposed millions of call and SMS logs, system data

The database was used for development purposes but the data on offer to the public was valid.
ZDNet

NanoCore Trojan is protected in memory from being killed off

If you are infected with this malware, you might find it is more difficult to eradicate than standard Trojans.
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
isBuzz

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more