Cybersecurity News
Cryptominer Found Embedded in AWS Community AMI
Researchers advise Amazon Web Services users running Community Amazon Machine Images to verify them for potentially malicious code.
21 August 2020
Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up
Joseph Sullivan allegedly paid off $100K to the hackers responsible for a 2016 data breach, which exposed PII of 57 million passengers and drivers.
21 August 2020
Grandoreiro banking trojan impersonates Spain’s tax agency
Beware the tax bogeyman – there are tax scams aplenty
The post Grandoreiro banking trojan impersonates Spain’s tax agency appeared first on WeLiveSecurity
21 August 2020
MPs criticise privacy watchdog over NHS test-and-trace data
UK information commissioner ‘must ensure government uses public’s data safely and legally’
A cross-party group of more than 20 MPs has accused the UK’s privacy watchdog of failing to hold the government to account for its failures in the NHS coronavirus test-and-trace programme.
The MPs have urged Elizabeth Denham, the information commissioner, to demand that the government change the programme after it admitted failing to conduct a legally required impact assessment of its privacy implications.
Continue reading...21 August 2020
University of Utah pays $457,000 to ransomware gang
University officials restored from backups, but they had to pay the ransomware gang to prevent them from leaking student data.20 August 2020
Instacart discloses security incident caused by two contractors
Instacart says two employees at a third-party support vendor accessed "more shopper profiles than was necessary."20 August 2020
Smart-Lock Hacks Point to Larger IoT Problems
Two recent reports on smart-locks vulnerabilities show that IoT vendors have a bigger job to do in ensuring their products are safely deployed and configured.20 August 2020
Smart-Lock Hacks Point to Larger IoT Problems
Two recent reports on smart-locks vulnerabilities show that IoT vendors have a bigger job to do in ensuring their products are safely deployed and configured.20 August 2020
Former Uber CSO charged for 2016 hack cover-up
DOJ officials say former Uber CSO Joe Sullivan lied to management about the security breach and paid hush money to the hackers.20 August 2020
Former Uber CSO Charged in Hack Cover-up
The charges stem from a 2016 attack in which 57 million records were breached.20 August 2020
IBM Settles Lawsuit Over Weather Channel App Data Privacy
The lawsuit alleged that the IBM-owned Weather Channel mobile app did not let users know it was selling their geolocation data.
20 August 2020
ATM makers Diebold and NCR deploy fixes for 'deposit forgery' attacks
ATMs from the two companies had bugs that could have allowed card fraudsters to modify the amount of money they deposited on their card, and then abuse the new account balance for illegal cash withdrawals.20 August 2020
Twitter Hack: The Spotlight that Insider Threats Need
The high profile attack should spur serious board-level conversations around the importance of insider threat prevention.20 August 2020
IBM Db2 Flaw Gives Attackers Read/Write Access to Shared Memory
Researchers discover a lack of explicit memory protections around the shared memory used by the Db2 trace facility.20 August 2020
Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government
The group has added a management console and a USB worming function to its main malware, Crimson RAT.
20 August 2020
Microsoft Out-of-Band Security Update Fixes Windows Remote Access Flaws
The unscheduled security update addresses two "important"-severity flaws in Windows 8.1 and Windows Server 2012.
20 August 2020
MFA Mistakes: 6 Ways to Screw Up Multifactor Authentication
Fearful of messing up its implementation, many enterprises are still holding out on MFA. Here's what they need to know.
20 August 2020
Google fixes major Gmail bug seven hours after exploit details go public
Attackers could have sent spoofed emails mimicking any Gmail or G Suite customer.20 August 2020
Black Hat USA 2020 Musings: Weird and Wonderful Virtual Events are Here to Stay
Black Hat USA 2020 was nothing like an in-person event, but it was incredibly useful for all involved, providing even the most grizzled industry veterans with fresh perspectives.20 August 2020
Senate Bill Would Expand Facial-Recognition Restrictions Nationwide
The proposed law comes as police departments around the country for their use of facial recognition to identify allegedly violent Black Lives Matter protesters.
20 August 2020