Saturday, July 20, 2019
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
ZDNet

Hackers breach 62 US colleges by exploiting ERP vulnerability

Hackers are breaching college networks and creating fake accounts that are used "almost immediately for criminal activity."
ZDNet

Contractor who stole 50TB of NSA data gets nine years in prison

Prosecutors never proved former NSA contractor was the origin for the Shadow Brokers leak.
ZDNet

Oakland City follows San Francisco’s lead in banning facial recognition tech

The council is fighting back against privacy violations made possible through facial surveillance.
ZDNet

A Rust-based TLS library outperformed OpenSSL in almost every category

Benchmarks reveal better connection speeds and smaller memory footprint for Rustls library, compared to OpenSSL.
ZDNet

Google cleans out stalker, spyware apps from Play Store

Google is making a stand on apps designed for tracking employees, partners, and children.
ZDNet

93% of porn sites leak data to a third-party

New academic research reveals the extent of user tracking on top adult sites.
ZDNet

Kazakhstan government is now intercepting all HTTPS traffic

Kazakh government first wanted to intercept all HTTPS traffic way back in 2016, but they backed off after several lawsuits.
ZDNet

Bulgaria’s hacked database is now available on hacking forums

Half of the database, to be exact, the half the hacker released to local reporters over the last weekend.
ZDNet

Slack resets passwords for 1% of its users because of 2015 hack

Company said it received a batch of compromised credentials related to the 2015 hack via its bug bounty program.
ZDNet

Slack to reset passwords for tens of thousands of users

Slack says passwords compromised in malware infections and past breaches at other companies.
ZDNet

Microsoft notified 10,000 victims of nation-state attacks

Most of the attacks came from state-sponsored hacking groups in Iran, North Korea, and Russia.
ZDNet

Microsoft demos ElectionGuard technology for securing electronic voting machines

New ElectionGuard SDK to be open-sourced on GitHub; provided for free to voting machine vendors.
ZDNet

Gigabyte and Lenovo servers impacted by common BMC firmware flaws

Two different bugs, EOLs, and a complex supply chain make patching a nightmare.
ZDNet

Malware framework creates one billion fake Google Adsense ad impressions in only a few months

Google Chrome, Mozilla Firefox, and Yandex are all targets.
ZDNet

Hong Kong malvertiser blamed for malicious ads that invaded Microsoft apps

Security firm tracks down malvertiser who deployed malicious ads in Outlook, Microsoft games, and the Microsoft News app.
ZDNet

Malicious Python libraries targeting Linux servers removed from PyPI

Security firm scanned over one million PyPI packages and found three backdoored libraries.
ZDNet

Major Chinese Android developer booted from Google Play for drowning users in adverts

The ads were disruptive enough to render Android smartphones close to “unusable.”
ZDNet

Microsoft to explore using Rust

Rust has been gaining in popularity and Microsoft intends to see if it can hold up to its demands.
ZDNet

Bluetooth exploit can track and identify iOS, Microsoft mobile device users

Any modern device sporting Bluetooth connectivity may be impacted with the exception of Android.

Cisco Patches Critical Flaw in Vision Dynamic Signage Director

Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.  Tracked as CVE-2019-1917, the vulnerability was found in the REST...

The Great Hack: the film that goes behind the scenes of the Facebook data scandal

This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
SecurityWeek

Scotland Yard Twitter and Emails Hacked

London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages. read more

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security news.
ZDNet

Hackers breach FSB contractor, expose Tor deanonymization project and more

SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.