Cybersecurity News
Smartphones, laptops, IoT devices vulnerable to new BIAS Bluetooth attack
New BIAS attack works agaisnt Bluetooth devices and firmware from Apple, Broadcom, Cypress, Intel, Samsung, and others.18 May 2020
Ransomware Gang Arrested for Spreading Locky to Hospitals
A group of four people calling themselves "Pentaguard" were arrested in house raids.
18 May 2020
As DevOps Accelerates, Security's Role Changes
There remains a disconnect between developers and security teams, with uncertainty around who should handle software security.18 May 2020
ProLock Ransomware Teams Up With QakBot Trojan to Infect Victims
ProLock is relatively new, but already the ransomware is making waves by using QakBot infections to access networks, gain persistence and avoid detection.
18 May 2020
FBI criticizes Apple for not helping crack Pensacola shooter's iPhones
Apple said back in January that it helped within hours and handed over to the FBI gigabytes of information.18 May 2020
Private Equity Firm Stalls $1.9B Forescout Acquisition
Officials say "there can be no assurance" Forescout and Advent International will reach an agreement, though talks are ongoing.18 May 2020
Edison Mail iOS Bug Exposes Emails to Strangers
A bug introduced in an iOS software update on the Edison Mail app allowed emails to be viewed by strangers.
18 May 2020
This Service Helps Malware Authors Fix Flaws in their Code
Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals.18 May 2020
Mercedes-Benz onboard logic unit (OLU) source code leaks online
Daimler allowed anyone to register on one of its on-premise GitLab servers.18 May 2020
The 3 Top Cybersecurity Myths & What You Should Know
With millions of employees now attempting to work from home, it's vital to challenge misconceptions about cybersecurity.18 May 2020
European supercomputers hacked to mine cryptocurrency
Several high-performance computers working on COVID-19 research have been forced offline following a string of attacks
The post European supercomputers hacked to mine cryptocurrency appeared first on WeLiveSecurity
18 May 2020
Face masks prompt London police to consider pause in rollout of facial recognition cameras
The controversial scheme may be halted due to the widespread adoption of face coverings.18 May 2020
FBI: ProLock ransomware gains access to victim networks via Qakbot infections
The FBI also warns that the ProLock decryptor doesn't always work correctly, even after victims pay the ransom.18 May 2020
Illinois blames ‘glitch’ for exposure of PUA applicant Social Security numbers, private data
Sensitive unemployment benefit claimant information was made public on an online portal.18 May 2020
Texas Department of Transportation reports ransomware attack on agency network
By William Knowles @c4i Senior Editor InfoSec News May 16, 2020 The Texas Department of Transportation in a statement on Twitter says they were the victims of a ransomware attack on their agency network. On May 14, 2020, there was unauthorized access to the network in a ransomware event and TxDot took immediate steps to isolate the […]17 May 2020
Supercomputers hacked across Europe to mine cryptocurrency
Confirmed infections have been reported in the UK, Germany, and Switzerland. Another suspected infection was reported in Spain.16 May 2020
U.S. Secret Service: “Massive Fraud” Against State Unemployment Insurance Programs
A well-organized Nigerian crime ring is exploiting the COVID-19 crisis by committing large-scale fraud against multiple state unemployment insurance programs, with potential losses in the hundreds of millions of dollars, according to a new alert issued by the U.S. Secret Service. A memo seen by KrebsOnSecurity that the Secret Service sent to field offices around the United States this week says the ring has been filing unemployment claims in different states using Social Security numbers and other personally identifiable information (PII) belonging to identity theft victims, and that "a substantial amount of the fraudulent benefits submitted have used PII from first responders, government personnel and school employees."16 May 2020
Hoaxcalls Botnet Exploits Symantec Secure Web Gateways
The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the security gateway.
15 May 2020
UK Supercomputing Service ARCHER Still Offline After Monday Attack
Incident comes amid US warnings about Chinese cybergroups targeting organizations involved in COVID-19-related research.15 May 2020
Templates Make Coronavirus Phishing Campaigns Easy
Ready-made website templates make it simple for criminals to create fake government and NGO websites for COVID-19-related phishing campaigns.15 May 2020