Tuesday, March 2, 2021

Oxfam Australia supporters embroiled in new data breach

Personal data, including partial payment information, is thought to be included.

Google addresses customer data protection, security in Workspace

Google has also introduced new Workspace features as we continue to work from home.

Twitter’s new strike system will target prolific COVID-19 fake information spreaders

Twitter says repeat offenders will be booted from the platform.

SolarWinds security fiasco may have started with simple password blunders

Many things came together to crack SolarWinds, but it may all have started with that classic mistake of leaking a lousy password.

Hackers exploit websites to give them excellent SEO before deploying malware

Climbing up Google’s ranks is key to this new technique.

Tether faces 500 Bitcoin ransom: We are ‘not paying’

The cryptocurrency firm says “forged” documents attempting to undermine the ecosystem as a whole are also circulating.

Judge approves $650m settlement for Facebook users in privacy, biometrics lawsuit

Facebook users represented in the lawsuit may soon receive hundreds of dollars each.

Minion privilege escalation exploit patched in SaltStack Salt project

The bug permitted attackers to perform privilege escalation attacks in the automation software.

Businessman charged with intent to steal General Electric’s secret silicon technology

Trade secrets worth millions on the market were the goal of the conspiracy.

Chrome will soon try HTTPS first when you type an incomplete URL

If users type an URL and they forget to add the HTTP or HTTPS prefix, Chrome will soon use HTTPS by default.

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

The bomb threats escalated over the course of six weeks to include Black Lives Matter protests and threats on UK politicians.

Go malware is now common, having been adopted by both APTs and e-crime groups

There's been a 2,000% increase of new malware written in Go over the past few years.

Oxford University lab with COVID-19 research links targeted by hackers

Compromised machines included those used in sample analysis.

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

The video platform was accused of collecting biometric data without consent.

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

The Chinese hacking group used the malicious add-on to collect Gmail and Firefox data from their victims.

This chart shows the connections between cybercrime groups

CrowdStrike puts together a list of connections and how cybercrime groups cooperate with each other.

More than 6,700 VMware servers exposed online and vulnerable to major new bug

Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already.

Ukraine reports cyber-attack on government document management system

Ukrainian officials blame "one of the hacker spy groups from the Russian Federation."

This botnet is abusing Bitcoin blockchains to stay in the shadows

BTC transactions are being used to obfuscate malicious activity.

Start Options, B2G founder indicted for alleged digital currency, investor fraud

The individual has been accused of being part of a scheme to defraud "hundreds" of investors.

Dairy Giant Lactalis Targeted by Hackers

France-based dairy giant Lactalis revealed last week that it was targeted by hackers, but claimed that it had found no evidence of a data breach. The company said a malicious third party attempted to breach its computer network, but it...
Graham Cluley

Crypto firm Tether says it won’t pay $24 million ransom after being threatened with document leak

Controversial cryptocurrency developer Tether says it will not give in to extortionists who are demanding a 500 Bitcoin ransom payment (currently worth approximately US $24 million).
Bruce Schneier

Mysterious Macintosh Malware

This is weird: Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload...

What Did I Just Read? A Conversation With the Authors of '2034'

Elliot Ackerman and Admiral James Stavridis discuss their inspirations, personal experiences, and what keeps them up at night.

2034, Part VI: Crossing the Red Line

“Eventually, the Americans would find them. But by then it would be too late.”