Cybersecurity News
Clubhouse chatroom app closes down site rebroadcasting content
Incident prompts fears for latest Silicon Valley craze’s ability to guarantee users’ security and privacy
Clubhouse, the audio-chatroom app that has emerged as the latest craze to consume Silicon Valley, has shut down a site that was rebroadcasting the platform’s content, renewing concerns over the service’s ability to provide security and privacy for its users.
The app, currently available only on iPhones, allows users to quickly and easily set up and discover panel-style discussions, with a small group of speakers and potentially thousands of listeners in each room. It has been strictly limited since its launch in April, with users requiring an invitation before they can create an account. It initially gained popularity in the tech and venture capitalist community of the San Francisco Bay area.
Continue reading...IBM issues patches for Java Runtime, Planning Analytics Workspace, Kenexa LMS
The worst bugs could lead to malicious code execution and application crashes.Keybase patches bug that kept pictures in cleartext storage on Mac, Windows clients
Keybase failed to wipe clean cached pictures even after deletion.Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool
APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Almost four of every five attacks attributed in 2020 were conducted by cybercriminal groups, a significant jump from 2019, with attacks on healthcare or using the pandemic rising fast.TDoS Attacks Take Aim at Emergency First-Responder Services
The FBI has warned that telephony denial-of-service attacks are taking aim at emergency dispatch centers, which could make it impossible to call for police, fire or ambulance services.
Accellion Data Breach Resulted in Extortion Attempts Against Multiple Victims
FireEye Mandiant says it discovered data stolen via flaw in Accellion FTA had landed on a Dark Web site associated with a known Russia-based threat group.FireEye links 0-day attacks on FTA servers & extortion campaign to FIN11 group
FireEye: Hackers breached companies running FTA servers, stole private files, and are now publishing data on the Clop ransomware leak site.Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report
APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by the Equation Group, said researchers.
Researcher Reports Vulnerability in Apple iCloud Domain
A stored cross-site scripting vulnerability in the iCloud website reportedly earned a security researcher $5,000.Sequoia Capital Suffers Data Breach
The attack began with a successful phishing email.Assume ClubHouse Conversations Are Being Recorded, Researchers Warn
At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorded. The company confirmed to Bloomberg that over the weekend a user was able to breach “multiple” ClubHouse room audio feeds […]
Brave browser’s Tor mode exposed users’ dark web activity
A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users' DNS queries
The post Brave browser’s Tor mode exposed users’ dark web activity appeared first on WeLiveSecurity
Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11
The threat actors stole data and used Clop's leaks site to demand money in an extortion scheme, though no ransomware was deployed.
Paving the way: Inspiring Women in Payments - A Q&A featuring Jen Stone
She was a single mom with three kids in daycare, no child support, and a job as an executive assistant that didn’t pay enough to cover the bills. With absolutely no experience, Jen Stone took a chance on a helpdesk position, which changed her life. In this edition of our blog, Jen explains how she found success by taking ownership of her own career.
8 Ways Ransomware Operators Target Your Network
Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques.