Tuesday, March 31, 2020

FCC tells US telcos to implement caller ID authentication by June 30, 2021

FCC says all US telcos must use the new SHAKEN/STIR protocol to support caller ID authentication by June, next year.

Marriott discloses new data breach impacting 5.2 million hotel guests

Marriott says a hacker gained access to the accounts of two employees.

FBI re-sends alert about supply chain attacks for the third time in three months

The FBI says some attacks have also targeted the healthcare industry, currently grappling with the coronavirus outbreak.

Houseparty app offers $1m reward to unmask entity behind hacking smear campaign

App maker denies getting hacked after multiple reports in British media.

Hacker hijacks Microsoft YouTube accounts to broadcast crypto Ponzi scam

Several of Microsoft's YouTube accounts appear to have been hacked.

Hacker hijacks YouTube accounts to broadcast Bill Gates-themed crypto Ponzi scam

UPDATE: Microsoft says none of its verified accounts were hacked. YouTube has also intervened to take down the scam's live streams.

Zeus Sphinx malware resurrects to abuse COVID-19 fears

Operators are exploiting the pandemic in the quest to steal your financial information.

RDP and VPN use skyrocketed since coronavirus onset

RDP use is up by 41%, enterprise VPN use is up by 33%.

Voter records for the entire country of Georgia published online

A file containing voter information for 4,934,863 Georgians has been published on a hacker forum over the weekend.

Personal details for the entire country of Georgia published online

A file containing personal information for 4,934,863 Georgians has been published on a hacker forum over the weekend.

Source code of Dharma ransomware pops up for sale on hacking forums

The source code of one of today's most profitable and advanced ransomware strains is up for sale on two Russian-language hacking forums.

A mysterious hacker group is eavesdropping on corporate email and FTP traffic

Hacker group uses zero-day in DrayTek Vigor enterprise routers and VPN gateways to record network traffic.

Network of fake QR code generators will steal your Bitcoin

Nine malicious QR code generator sites have stolen $46,000 from users so far.

Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics

Booz Allen: Russia uses its GRU military hackers following predictable patterns based on a public military doctrine.

Google says no APP users have been phished to date

Google lauds its Advanced Protection Program (APP) that provides enhanced security features.

Google to resume Chrome updates it paused last week due to COVID-19

Google Chrome 81 to be released next month, on April 7.

Rare BadUSB attack detected in the wild against US hospitality provider

Hackers use snail-mail to send target company an envelope with a malware-laced USB thumb drive.

4G networks vulnerable to denial of service attacks, subscriber tracking

Don’t think you’re protected on upcoming 5G networks, either.

Apple iOS users served mobile malware in Poisoned News campaign

As we all devour online news sources in the current climate, cyberattackers are waiting to spring.

D-Link and Linksys routers hacked to point users to coronavirus-themed malware

Hackers hijack routers' DNS settings to point users to malware-infected downloads.

Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy

About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.

OpenWRT is vulnerable to attacks that execute malicious code

Enlarge (credit: OpenWRT) For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital...
SC Magazine

Privacy in critical care after telehealth demands jump

As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises,...

Zoom’s privacy problems are growing as platform explodes in popularity

Enlarge / Zoom's San Jose, Calif., headquarters looks like a lovely place to be socially distanced from. (credit: Smith Collection | Gado | Getty Images) We have several more weeks, if not several more months, to go in...

FBI warns about Zoom bombing as hijackers take over school and business video conferences

Teleconferences are being disrupted by internet trolls shouting profanity and racist remarks and posting pornographic and hate images.