Round Up of Major Breaches and Scams
For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same.
Microsoft is joining Amazon and IBM when it comes to halting the sale of facial recognition technology to police departments. In a statement released Thursday by Microsoft President Brad Smith, he said the ban would stick until federal laws regulating the technology’s use were put in place.
Sharing clickbait containing spurious content without bothering to check it over is a perennial problem for attention-challenged social media users and now Twitter wants to help stop it. The company has launched a test feature that reminds you to read articles before retweeting them. The service will warn users if they try to retweet articles that they haven’t opened.
As the use of mobile banking apps surges during COVID-19 lockdowns, so does the risk that these platforms will be exploited by cybercriminals, warns the FBI’s Internet Crime Complaint Center (IC3). Citing estimates by US financial technology providers, the Bureau’s online fraud wing said that more than 75 percent of Americans used mobile banking in some form in 2019.
A team of academics from Israeli Ben-Gurion University of the Negev and the Weizmann Institute of Science demonstrated how to spy on secret conversations in a room from a nearby remote location just by measuring the amount of light emitted by an overhead hanging light bulb. The spying technique dubbed Lamphone will be presented by the researchers at the forthcoming Black Hat USA 2020 conference in August.
While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. The IT giant also announced to have blocked more than 240 million spam messages related to the ongoing Coronavirus pandemic.
A Department of Justice (DoJ) statement announcing the pleas described the defendants as participating in a scam where they posted false advertisements, typically for vehicles and other high-priced goods, on popular sites such as eBay and Craigslist.
Microsoft is working on providing Office 365 Advanced Threat Protection (ATP) users with more information on the route incoming emails take while going through the filtering stack before reaching their inbox, as well as on the effectiveness of any configuration changes.
Round Up of Major Malware and Ransomware Incidents
Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. The spyware is distributed either via watering-hole websites or fake websites. Researchers believe ActionSpy is being used in ongoing campaigns to target Uyghur victims. The Uyghurs, a Turkic minority ethnic group affiliated with Central and East Asia, have previously been targeted in spyware attacks.
Threadstone Advisors LLP, a corporate advisory firm specialising in mergers ‘n’ acquisitions, is the last victim of the Maze ransomware operators. MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to leak it in case the victim will not pay the ransom. The list of clients of the firm includes Victoria Beckham, Charles S. Cohen, Pittsburgh Brewing Co., Harrys of London, and Xcel Brands.
The world of cybercrime is changing, and more and more malware variants have spread every day. To keep your system safe, one of the things you can do is following a cyber doctrine focused on the threats that lunk on the web. One of the most recent threats is the info stealer TroyStealer, first shared by Abuse.ch on Twitter, and targeting Portuguese users.
Rangely District Hospital (RDH) will send notices this week to patients whose records may have been involved in a ransomware attack in April 2020. According to a press release issued June 8, parts of the hospital’s computer network were attacked by ransomware, including some files containing patients’ health information and other files necessary to view certain patient information.
When a piece of ransomware has encrypted all the files on your computer and is demanding money for it all to be unlocked, good advice is hard to come by and Google is not always your friend. There’s one thing you certainly shouldn’t do: Start searching online for software to crack open the ransomware in the hope of being able to decrypt everything yourself.
Some types of cyberattacks are one-and-done deals where the cybercriminals get in and out quickly after infecting or compromising an organization. Other types of attacks, however, expand over a period of time as they try to impact additional resources within the organization.
Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. The malware got caught in a honeypot, allowing researchers to analyze and document the tactics used by the threat actors.
Round Up of Major Vulnerabilities and Patches
This week, Intel patched a CPU security bug that hasn’t attracted a funky name, even though the bug itself is admittedly pretty funky. Known as CVE-2020-0543 for short, or Special Register Buffer Data Sampling in its full title, it serves as one more reminder that as we expect processor makers to produce ever-faster chips that can churn through ever more code and data in ever less time we sometimes pay a cybersecurity price, at least in theoretical terms.
Facebook paid a cybersecurity firm six figures to develop a zero-day in a Tor-reliant operating system in order to unmask a man who spent years sextorting hundreds of young girls, threatening to shoot or blow up their schools if they didn’t comply, Motherboard’s Vice has learned.
D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. The flaws were reported to D-Link by researchers at Palo Alto Networks in February, experts pointed out that the issues could also affect newer models because they share portions of firmware code.
A new criminal campaign is targeting Kubernetes clusters on Microsoft Azure to turn misconfigured Kubeflow workloads into cryptominers. Kubeflow is an open source project that started as a toolkit for learning TensorFlow in Kubernetes and has since become a common framework for running machine learning applications in containers.
A bug has been fixed in AVG and Avast security applications that set registry keys that blocked applications from running in Windows 10. This past week, Windows 10 users began to complain that they were unable to launch Microsoft Office and other applications in Windows 10.
The Microsoft June 2020 Patch Tuesday consisted of 129 security fixes for critical and important vulnerabilities. Of these, an “Important” and equally ironic vulnerability, tracked as CVE-2020-1296, concerns privilege escalation in the Windows Diagnostics & Feedback settings app: the annoying privacy setting screen is shown to users when setting up or upgrading Windows.