Cyber security news November 2019

This posting is here to collect cyber security news in November 2019.

I post links to security vulnerability news to comments of this article.

If you are interested in cyber security trends, read my Cyber security trends 2019 posting.

You are also free to post related links.

 

 

117 Comments

  1. Tomi Engdahl says:

    Your Body’s Bioacoustic Signatures Could Be Used to Identify You
    https://www.hackster.io/news/your-body-s-bioacoustic-signatures-could-be-used-to-identify-you-c0c72d1aa9cf

    Researchers from South Korea have released a study describing a method of identifying people by using their bodies’ bioacoustic signatures.

    Reply
  2. Tomi Engdahl says:

    Intel disables Hardware Lock Elision on all current CPUs and Linux patches added to allow the sysadmin the option to disable TSX https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c2955f270a84762343000f103e0640d29c7a96f3

    Reply
  3. Tomi Engdahl says:

    Hacker was detected after creating a giant archive file that took up all the free disk space. Had been inside the company’s network for almost two years, undetected.

    Company discovered it was hacked after a server ran out of free space
    https://www.zdnet.com/article/company-discovered-it-was-hacked-after-a-server-ran-out-of-free-space/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=facebook

    Hacker was detected after creating a giant archive file that took up all the free disk space. Had been inside the company’s network for almost two years, undetected.

    Reply
  4. Tomi Engdahl says:

    Who Stole My Face? The Risks Of Law Enforcement Use Of Facial Recognition Software
    Who knows what extremes we’ll go to camouflage ourselves in a world where facial surveillance is the norm?
    https://abovethelaw.com/2019/11/who-stole-my-face-the-risks-of-law-enforcement-use-of-facial-recognition-software/

    Reply
  5. Tomi Engdahl says:

    Does facial recognition software threaten our freedom?
    https://www.kcrw.com/news/shows/to-the-point/does-facial-recognition-software-threaten-our-freedom

    Surveillance cameras are capturing what we do on the streets, at airports, in stores, and in much of our public space. Facial recognition software is touted as making us safer. But mass surveillance has downsides of major proportions.

    Reply
  6. Tomi Engdahl says:

    (https://www.theverge.com/2019/11/11/20959865/google-chrome-slow-sites-badge-system-chrome-dev-summit-2019)ntercepting the loading of every single web page users visit doesn’t sound like a feature. It sounds like a privacy concern.

    Reply
  7. Tomi Engdahl says:

    The NSA has stopped collecting location data from US cellphones without a warrant
    Intelligence agencies stopped the practice last year
    https://www.theverge.com/2019/11/14/20965354/nsa-intelligence-no-warrant-phone-location-data-collection

    Reply
  8. Tomi Engdahl says:

    Officials warn about the dangers of using public USB charging stations
    Travelers should use only AC charging ports, use USB no-data cables, or “USB condom” devices.
    https://www.zdnet.com/article/officials-warn-about-the-dangers-of-using-public-usb-charging-stations/

    Travelers are advised to avoid using public USB power charging stations in airports, hotels, and other locations because they may contain dangerous malware

    Reply
  9. Tomi Engdahl says:

    Thousands of hacked Disney+ accounts are already for sale on hacking forums
    Hackers began hijacking accounts hours after Disney+ launched earlier this week.
    https://www.zdnet.com/article/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums/

    Reply
  10. Tomi Engdahl says:

    The myth of the sophisticated hacker
    https://amp.axios.com/sophisticated-hacker-cybersecurity-labour-party-f2137c08-0dec-4413-94d8-8f6729b6ec96.html

    On Tuesday, the U.K.’s Labour Party became the latest in a decade-long line of victims to claim they were targeted by a “sophisticated” cyberattack that wasn’t, actually, very sophisticated.

    The big picture: It’s the latest lexical stretch for an adjective that’s widely used in reports of cybersecurity incidents — and widely loathed by researchers as a result. If everything is sophisticated, nothing is sophisticated.

    Driving the news: Labour ultimately faced what’s known as a denial of service attack, a way of overwhelming servers with a ton of traffic. It’s a digital blunt force attack — harmful, yes, but hardly sophisticated. Labour was not alone.

    Reply
  11. Tomi Engdahl says:

    Nettikansa hämmentyi: Gigantin nettisivuilta pystyy katsomaan kenen tahansa julkiset yhteystiedot
    https://www.iltalehti.fi/digiuutiset/a/bd10538a-a08d-4e60-8e55-9664d7ca1edf

    Gigantin sivuilla voi hakea puhelinnumerolla kenen tahansa yhteystiedot, jos ne ovat julkisia. Iltalehti on saanut lukijoilta useita yhteydenottoja aiheesta, ja aiheesta on myös keskusteltu eri nettifoorumeilla.

    Puhelinnumerolla haettaessa tosiaan avautuivat henkilön etunimi, sukunimi sekä osoitetiedot.

    Gigantin markkinointijohtaja Sami Särkelän mukaan Gigantin nettisivun rekisteröitymislomake hakee puhelinnumeron perusteella julkisesti saatavilla olevia yhteystietoja, joita esimerkiksi numeropalvelut käyttävät.

    – Suomessa puhelinnumero- ja osoitetiedot ovat lähtökohtaisesti julkisia, jotka kuka vaan voi selvittää esimerkiksi erilaisista numeropalveluista. Meidän sivusto toimii siten, että jos tiedot ovat julkisia, järjestelmä täyttää lomakkeeseen tiedot automaattisesti puhelinnumeron perusteella, Särkelä perustelee.

    Tietojen keräämiseen Gigantti käyttää Bisnode-yrityksen yhteystieto- ja henkilömarkkinointirekisteriä.

    – Toimintamalli on yleinen verkkokaupoissa ja muissa palveluissa

    Reply
  12. Tomi Engdahl says:

    Andrew Yang wants you to make money off your data by making it your personal property
    https://www.businessinsider.com/andrew-yang-data-ownership-property-right-policy-2019-11

    Reply
  13. Tomi Engdahl says:

    Amazon Is an Even Bigger Threat to Privacy Than Facebook
    With its Ring doorbell, the tech giant can now see what you buy, what you browse, and who you’re letting into your home
    https://gen.medium.com/amazon-is-an-even-bigger-threat-to-privacy-than-facebook-a52638e9e314

    Reply
  14. Tomi Engdahl says:

    Phineas Fisher Offers $100,000 Bounty to Hack Banks and Oil Companies
    It’s a reward for hacktivists and criminals who break into capitalist institutions, offered by one of the most infamous hackers of all time
    https://www.vice.com/amp/en_us/article/vb5agy/phineas-fisher-offers-dollar100000-bounty-for-hacks-against-banks-and-oil-companies

    An infamous vigilante hacker known for their hits on surveillance companies is launching a new kind of bug bounty to reward hacktivists who do public interest hacks and leaks.

    The hacker, known as Phineas Fisher, published a new manifesto on Friday, offering to pay hackers up to $100,000 in what they called the ‘Hacktivist Bug Hunting Program.” The idea is to pay other hackers who carry out politically motivated hacks against companies that could lead to the disclosure of documents in the public interest. The hacker said he will pay in cryptocurrency, such as Bitcoin or Monero.

    To be clear, this is basically a bug bounty that incentivizes criminal activity.

    “I think hacking is a powerful tool, and hacktivism has only been used to a fraction of its potential,” Phineas Fisher told Motherboard. “And a little investment can help to develop that, the golden years [of hacktivism] are yet to come.”

    “I robbed a bank and gave the money away,” Phineas Fisher wrote in the manifesto.

    “In the digital era, robbing a bank is a non-violent act, less risky, and the reward is higher than ever,” they wrote.

    Reply
  15. Tomi Engdahl says:

    Exclusive: Interpol plans to condemn encryption spread, citing predators, sources say
    https://www.reuters.com/article/us-interpol-encryption-exclusive-idUSKBN1XR0S7

    The international police organization Interpol plans to condemn the spread of strong encryption in a statement Monday saying it protects child sex predators, three people briefed on the matter told Reuters.

    Echoing a joint letter last month from the top law enforcement officials in the United States, United Kingdom and Australia, the larger group will cite difficulties in catching child sexual predators as grounds for companies opening up user communications to authorities wielding court warrants.

    “Service providers, application developers and device manufacturers are developing and deploying products and services with encryption which effectively conceals sexual exploitation of children occurring on their platforms,” a draft of the resolution seen by Reuters said.

    Reply
  16. Tomi Engdahl says:

    Russia is building one of the world’s largest facial recognition networks
    https://codastory.com/authoritarian-tech/russia-facial-recognition-networks/

    According to some projections, it may even be bigger than China’s 200 million camera system

    Reply
  17. Tomi Engdahl says:

    How the Iranian Government Shut Off the Internet
    After years of centralizing internet control, Iran pulled the plug on connectivity for nearly all of its citizens.
    https://www.wired.com/story/iran-internet-shutoff/

    Amid widespread demonstrations over rising gasoline prices, Iranians began experiencing internet slowdowns over the past few days that became a near-total internet and mobile data blackout on Saturday. The government is apparently seeking to silence protesters and quell unrest. So how does a country like Iran switch off internet access to a population of more than 80 million? It’s not an easy thing to do.

    Though some countries, namely China, architected their internet infrastructure from the start with government control in mind, most don’t have a central set of levers they can pull to influence countrywide access to content or connectivity. But regimes around the world, including those in Russia and Iran, have increasingly been retrofitting traditional private and decentralized networks with cooperation agreements

    Reply
  18. Tomi Engdahl says:

    Pemex ransomware attack: Mexico Oil, Gas Recovery Update.
    https://www.msspalert.com/cybersecurity-breaches-and-attacks/ransomware/pemex-recovery-update/
    How the Mexican state oil and gas conglomerate is striving to bring
    systems back online.

    Reply
  19. Tomi Engdahl says:

    Someone is using the ‘Cozy Bear’ moniker to scare DDoS victims into
    bitcoin payments
    https://www.cyberscoop.com/cozy-bear-ddos-ransom-akamai/
    Multiple companies have reported to the security vendor Akamai that
    they were hit with a distributed denial-of-service attack, which
    degrades victims web services by overwhelming them with fake traffic.
    After a brief DDoS hit, victims say they receive an extortion note
    from a group claiming to be Cozy Bear, a state-sponsored Russian
    hacking group..

    Reply
  20. Tomi Engdahl says:

    Phineas Fisher Offers $100,000 Bounty to Hack Banks and Oil Companies
    https://www.vice.com/en_us/article/vb5agy/phineas-fisher-offers-dollar100000-bounty-for-hacks-against-banks-and-oil-companies
    Its a reward for hacktivists and criminals who break into capitalist
    institutions, offered by one of the most infamous hackers of all time.

    Reply
  21. Tomi Engdahl says:

    Hello Guys ! Are you using Whatsapp ? If yes you could update it to the latest version quickly …

    A new bug on Whatsapp, based on MP4 videos flaws, has been revealed by Facebook. This vulnerability could lead to denial of service attacks or remote code execution.

    https://headleaks.com/2019/11/19/whatsapp-mp4-videos-flaw-allows-hackers-to-execute-code-remotely-MW5YYm9NOWpTbUFUdzV5U2MyZjI5Zz09

    Reply
  22. Tomi Engdahl says:

    Docker Patched the Most Severe Copy Vulnerability to Date With CVE-2019-14271
    https://unit42.paloaltonetworks.com/docker-patched-the-most-severe-copy-vulnerability-to-date-with-cve-2019-14271/

    In the last few years, several vulnerabilities in the copy (cp) command were found in various container platforms, including Docker, Podman and Kubernetes. The most severe among those was only recently discovered and disclosed in July. Surprisingly, it gained almost no immediate attention, perhaps due to an ambiguous CVE description and a lack of a published exploit.

    CVE-2019-14271 was marked as critical and fixed in Docker version 19.03.1. The following research is an overview of CVE-2019-14271 and the first Proof of Concept (PoC) of the vulnerability.

    Reply
  23. Tomi Engdahl says:

    SECURITY RESEARCHERS FIND OUT-OF-THE-BOX VULNERABILITIES AT 29 ANDROID BRANDS
    https://headleaks.com/2019/11/18/security-researchers-find-out-of-the-box-vulnerabilities-at-29-android-brands-Uk41eFlzS3h0ejZOY3M5ZFhsOXFydz09

    Security research company Kryptowire has once again made a round-up of vulnerabilities present out of the box in Android phones. This concerns 146 CVE’s on devices from 29 different manufacturers.

    Samsung has 33 vulnerabilities, resulting from six pre-installed applications. Two of those six applications are being developed by external parties and Samsung is referring the company to those developers, writes Wired, who spoke with Kryptowire and Samsung.

    Regarding the remaining four, Samsung states that the Android Security Framework addresses the vulnerabilities, but Kryptowire maintains that third-party attacks in the supply chain are still possible.

    Reply
  24. Tomi Engdahl says:

    Cops Can Now Get Warrants for Entire DNA Websites
    https://futurism.com/cops-warrant-entire-dna-websites

    With just a single warrant, a Florida detective obtained access to the DNA profiles of more than a million people — and experts say the case sets a dangerous precedent.

    Ancestry.com and 23andMe are the largest consumer DNA sites, holding genetic data on 15 million and 10 million people, respectively. However, they aren’t the only DNA sites out there — a smaller service, GEDmatch, currently has about 1.3 million users, each of whom is able to search the site’s entire database.

    Reply
  25. Tomi Engdahl says:

    Hackers hit UK political parties with back-to-back cyberattacks
    https://www.reuters.com/article/us-britain-election-labour-cyber/hackers-hit-uk-political-parties-with-back-to-back-cyberattacks-idUSKBN1XM19I

    Hackers hit Britain’s two main political parties with back-to-back cyberattacks on Tuesday, sources told Reuters, attempting to force political websites offline with a flood of malicious traffic just weeks ahead of a national election.

    The attacks come after Britain’s security agencies have warned that Russia and other countries may attempt to disrupt the Dec. 12 vote with cyberattacks or divisive political messages on social media, a charge Moscow denies.

    Reply
  26. Tomi Engdahl says:

    RNC FUNDED ROUGHLY 11,000 AUTOMATED CALLS TO JAM UP HOUSE DEMOCRATS’ PHONE LINES AMID IMPEACHMENT BATTLE: REPORT
    https://www.newsweek.com/rnc-funded-roughly-11000-automated-calls-jam-house-democrats-phone-lines-amid-impeachment-1469719

    Two unnamed sources briefed on the effort told The New York Times that the coordinated phone blast tactic aimed to shape public opinion of the investigation, as well as simply to tie up the phone lines of the elected officials. Approximately 11,000 calls were reportedly made as part of the scheme.

    Reply
  27. Tomi Engdahl says:

    Windows users, beware: This fake update could lock up your PC, or worse
    Updating to Windows 10? Don’t fall victim to this spam email attack.
    https://www.cnet.com/news/windows-users-beware-this-fake-update-could-lock-up-your-pc-or-worse/

    Reply
  28. Tomi Engdahl says:

    New Phoenix Keylogger tries to stop over 80 security products to avoid detection
    Phoenix linked to more than 10,000 infections since the malware’s launch on a hacking forum in July.
    https://www.zdnet.com/article/new-phoenix-keylogger-tries-to-stop-over-80-security-products-to-avoid-detection/?ftag=COS-05-10aaa0h&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=facebook

    Reply
  29. Tomi Engdahl says:

    Army To Review TikTok Security After Warning From Schumer
    https://www.forbes.com/sites/isabeltogoh/2019/11/22/army-to-review-tiktok-security-after-warning-from-schumer/?utm_source=FACEBOOK&utm_medium=social&utm_term=Gordie/#676f7264696

    TikTok is owned by Chinese tech firm ByteDance and boasts more than 26 million monthly active users in the U.S., most of whom are aged between 16 and 24.

    Schumer voiced concerns over TikTok handled users’ personal data, and Chinese laws that require local tech companies to “support and cooperate” with China’s intelligence agencies.

    Tangent: The U.S. military has turned to social media platforms like TikTok in recent years in a bid to reach young Americans, and boost the number of recruits after it fell short of its target last year.

    Reply
  30. Tomi Engdahl says:

    Making Reference to ‘State Secrets,’ China Moves to Restrict Vulnerability Disclosures
    https://www.caixinglobal.com/2019-11-21/making-reference-to-state-secrets-china-moves-to-restrict-vulnerability-disclosures-101485876.html?cxg=wap&Sfrom=facebook

    The Ministry of Public Security and the Cyberspace Administration of China (CAC) are seeking public comment on draft regulations that could restrict public vulnerability disclosures, requiring those who seek to expose computer security issues to instead report them to public security bureaus and the country’s internet regulator first.

    Though the authorities have previously cracked down on privacy violations, this marks the first time they have sought to limit discussion of Chinese networks’ vulnerability to hacking.

    Spreading information on cybersecurity threats “should have the promotion of online safety awareness and technique as its purpose … and must not harm national security and public interest,”

    Reply
  31. Tomi Engdahl says:

    Chinese spy defects to Australia, alleging election interference and cybercrimes
    https://tcrn.ch/2KLvh89

    A purported agent of the Chinese intelligence service is seeking asylum in Australia, bringing with him explosive allegations of widespread interference in political affairs in that country, Taiwan and elsewhere. He claims also to have run a cyberterrorism campaign against supporters of Hong Kong independence.

    Reply
  32. Tomi Engdahl says:

    How a bank got hacked (a study in how not to secure your networks)
    https://www.csoonline.com/article/3454443/how-a-bank-got-hacked-a-study-in-how-not-to-secure-your-networks.html

    Notorious hacker Phineas Phisher claims to have netted hundreds of thousands of pounds sterling in a 2016 hack of the Cayman National Isle of Man Bank. Here’s how he did it and why it’s cause for concern.

    Robbing a bank is easier than you might think, especially if you don’t care which bank you rob, according to a “how to rob a bank” manifesto by the apparently vigilante hacker Phineas Phisher. The PwC incident response report, which Phineas Phisher leaked, backs up that claim.

    In a press release, Cayman National acknowledged the attack, claiming, “At this time, there is no evidence of financial theft or fraud relating to CNBIOM or CNTIOM clients, or to Cayman National.” It made no reference to a financial loss by the bank itself.

    Reviewing the methods Phineas Phisher used offers insight into how vulnerable our financial infrastructure is to attackers and provides a glimpse into how a modestly skilled individual, or group of individuals, got away with a bank heist.

    Reply
  33. Tomi Engdahl says:

    Warning lights for airplanes were exposed to the open internet
    Motherboard: Filed under “things you really don’t want on the internet.” A security researcher found a control panel for warning lights, used to help aircraft avoid tall structures, connected to the internet and reported them to the U.S. federal aviation authority.

    Lights That Warn Planes of Obstacles Were Exposed to Open Internet
    https://www.vice.com/en_us/article/7x5nkg/airplane-warning-lights-hacked?utm_campaign=sharebutton

    The panel “provides controls to change the intensity of the light fixtures, turn them on, and turn them off.”

    Control panels for lights placed on tall structures to warn airplanes not to hit them were exposed to the open internet, meaning hackers could have turned the lights off.

    The news highlights how sensitive systems intended only for internal use by a certain team of people can accidentally be exposed to the wider internet, including those with malicious intent.

    Dan found at least 46 control panels online for light systems, including in Baltimore; Tuscola, IL; Decatur, TX; as well as Ontario in Canada, according to a list of IP addresses and other details he provided to Motherboard.

    Dan shared some of his correspondence with the FAA and the company that makes the light systems, called Dialight, with Motherboard.

    “It appears that this vulnerability allows users to access the control panel of the Obstruction Light Control system, and provides controls to change the intensity of the light fixtures, turn them on, and turn them off,” an FAA official wrote in a letter as part of the vulnerability disclosure process.

    “The FAA does not generally govern accessibility and the security of non-federal obstruction lighting systems, however, this vulnerability does create a safety concern that the FAA agrees should be addressed,” the letter reads. The letter says a senior FAA employee replicated the issue and warned a contact at Dialight, who then assembled a team to address the problem. Dialight identified all of their impacted customers, and are assisting with fixes, the letter adds.

    Reply
  34. Tomi Engdahl says:

    Another example of why UN involvement in Internet Governance is a Bad Idea.

    “the resolution calls for a check on the “use of information and communications technologies for criminal purposes.” Which activities it aims to curb exactly is unclear.

    Thirty-six rights groups argue in a letter that the resolution is so vague that it could lead to the criminalization of ordinary online activities that journalists, human rights groups, and other members of civil society rely on, such as using encrypted chat applications.

    The resolution could also “give wide-ranging power to governments to block websites deemed critical of the authorities, or even entire networks, applications and services that facilitate online exchange of and access to information””

    “Monday’s resolution was also sponsored by China, Cuba, North Korea, Nicaragua, Syria, Venezuela, and 39 other countries, according to the U.N. General Assembly Third Committee Chair Christian Braun.”

    The U.N. passed a resolution that gives Russia greater influence over internet norms
    https://www.cyberscoop.com/un-resolution-internet-cybercrime-global-norms/

    A cybercrime-focused resolution backed by Russia passed Monday in the United Nations, despite calls from the U.S. that the measure would further hamper efforts to root out crime on the internet.

    The resolution, which passed 88-58 with 34 abstentions, aims to establish a group to examine cybercrime and set up a convention to prevent it. However, human rights groups have argued that the resolution is actually an effort by the Kremlin to expand its model of state-backed internet control.

    Reply
  35. Tomi Engdahl says:

    Sand thieves believed to be behind epidemic of Chinese GPS jamming
    https://boingboing.net/2019/11/19/gps-spoofers-r-us.html

    Reply
  36. Tomi Engdahl says:

    Leaked Chinese government documents detail how tech is used to escalate the persecution of Uighurs
    https://tcrn.ch/2DfRGX3

    Reply
  37. Tomi Engdahl says:

    Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts
    Multiple Mobile Apps
    https://blog.trendmicro.com/trendlabs-security-intelligence/patched-gif-processing-vulnerability-cve-2019-11932-still-afflicts-multiple-mobile-apps/
    CVE-2019-11932, which is a vulnerability in WhatsApp for Android, was
    first disclosed to the public on October 2, 2019 after a researcher
    named Awakened discovered that attackers could use maliciously crafted
    GIF files to allow remote code execution. The vulnerability was
    patched with version 2.19.244 of WhatsApp, but the underlying problem
    lies in the library called libpl_droidsonroids_gif.so, . which is part
    of the android-gif-drawable package. While this flaw has also been
    patched, many applications still use the older version and remain at
    risk.

    Reply
  38. Tomi Engdahl says:

    “Debug mode” in popular webdev tool exposes credentials for hundreds of websites, including Donald Trump’s
    https://www.comparitech.com/blog/vpn-privacy/debug-mode-exposes-credentials/

    Hundreds of websites made using a popular web development tool have exposed sensitive data to anyone with a web browser. They include Donald Trump’s official campaign website, potentially allowing attackers to hijack the site’s email server.

    The tool, a PHP framework called Laravel, includes a “debug mode” that lets developers identify errors and misconfigurations before websites go live. The problem is that many developers fail to disable the debug mode after going live, exposing backend website details like database locations, passwords, secret keys, and other sensitive info.

    Reply
  39. Tomi Engdahl says:

    Amazon Ring IS a suspicious object / activity?

    Amazon’s Ring Planned Neighborhood “Watch Lists” Built on Facial Recognition
    https://theintercept.com/2019/11/26/amazon-ring-home-security-facial-recognition/

    RING, AMAZON’S CRIMEFIGHTING surveillance camera division, has crafted plans to use facial recognition software and its ever-expanding network of home security cameras to create AI-enabled neighborhood “watch lists,” according to internal documents reviewed by The Intercept.

    The planning materials envision a seamless system whereby a Ring owner would be automatically alerted when an individual deemed “suspicious” was captured in their camera’s frame, something described as a “suspicious activity prompt.”

    Reply
  40. Tomi Engdahl says:

    Just another day in an enterprise IT ;) HPE Drive (SAS Solid State Drives) fail at 32,768 hours without firmware update https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092491en_us Update can be applied using Linux, Windows and VMware ESxi servers. #sysadmin

    Reply
  41. Tomi Engdahl says:

    Report: Cyber Criminals Are Using YouTube To Install Cryptojacking Malware
    https://cointelegraph.com/news/cyber-criminals-are-using-youtube-to-install-cryptojacking-malware/amp

    Slovakian software security firm Eset has uncovered that cyber criminals behind the Stantinko botnet have been distributing a Monero (XMR) cryptocurrency mining module via Youtube.

    On Nov. 26, the major antivirus software supplier Eset reported that the Stantinko botnet operators have expanded their criminal reach from click fraud, ad injection, social network fraud and password stealing attacks, into installing crypto malware on victims’ devices using Youtube.

    https://www.welivesecurity.com/2019/11/26/stantinko-botnet-adds-cryptomining-criminal-activities/

    Reply
  42. Tomi Engdahl says:

    Security firm Prosegur: We’ve shut our IT network after Ryuk ransomware attack
    https://www.zdnet.com/article/security-firm-prosegur-weve-shut-our-it-network-after-ryuk-ransomware-attack/

    Prosegur’s website is back online but customers are complaining that alarms remain offline.

    Reply
  43. Tomi Engdahl says:

    SMS Replacement is Exposing Users to Text, Call Interception Thanks to Sloppy Telecos
    https://www.vice.com/en_us/article/j5ywxb/rcs-rich-communications-services-text-call-interception?utm_campaign=sharebutton&fbclid=IwAR37NXHR1sDe3767silUH16vTyJwM4-cJdRKdCP91-uk_zjJuEJuhz-251Q

    Researchers from SRLabs found that telecos are implementing the RCS standard in vulnerable ways, which bring back techniques to attack phone networks.

    A standard used by phone carriers around the world can leave users open to all sorts of attacks, like text message and call interception, spoofed phone numbers, and leaking their coarse location, new research reveals.

    The Rich Communication Services (RCS) standard is essentially the replacement for SMS. The news shows how even as carriers move onto more modern protocols for communication, phone network security continues to be an exposed area with multiple avenues for attack in some implementations of RCS.

    Reply
  44. Tomi Engdahl says:

    Amazon subcontractors in Romania and India are looking at video footage of people’s private homes. The US really lacks adequate data protection laws and opt-outs to consumers.

    https://gizmodo.com/human-employees-are-viewing-clips-from-amazons-home-sur-1838945779

    Reply
  45. Tomi Engdahl says:

    Hackers have crafted malware that’s designed to kill people. Here’s what we know about it.

    https://www.technologyreview.com/s/613054/cybersecurity-critical-infrastructure-triton-malware/

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*