Cybersecurity News
Report: Chinese hacking group APT40 hides behind network of front companies
A group of anonymous security analysts have tracked down 13 front companies operating in the island of Hainan through which they say the Chinese state has been recruiting hackers.13 January 2020
5 major US wireless carriers vulnerable to SIM swapping attacks
When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds
The post 5 major US wireless carriers vulnerable to SIM swapping attacks appeared first on WeLiveSecurity
13 January 2020
5 major US wireless carriers vulnerable to SIM swapping attacks
When it comes to protection against this insidious type of scam, the telcos’ authentication procedures leave a lot be desired, a study finds
The post 5 major US wireless carriers vulnerable to SIM swapping attacks appeared first on WeLiveSecurity
13 January 2020
Phishing for Apples, Bobbing for Links
Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures has emerged as the most targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or stolen. Today's piece looks at the well-crafted links used in some of these lures.13 January 2020
Texas School District Loses $2.3M to Phishing Attack
The Manor Independent School District is investigating a phishing email scam that led to three separate fraudulent transactions.13 January 2020
‘Cable Haunt’ Bug Plagues Millions of Home Modems
The issue lies in underlying reference software used by multiple cable-modem manufacturers to create device firmware.
13 January 2020
Unpatched Citrix Flaw Now Has PoC Exploits
Over 25,000 servers globally are vulnerable to the critical Citrix remote code execution vulnerability.
13 January 2020
Will This Be the Year of the Branded Cybercriminal?
Threat actors will continue to grow enterprise-style businesses that evolve just like their legitimate counterparts.13 January 2020
Texas school district falls for email scam, hands over $2.3 million
There are “strong” leads but no real indication of who is responsible.13 January 2020
‘Rosegold’ National Lottery hacker steals £5, lands prison sentence
The Sentry MBA brute-force account cracking tool was used to compromise user accounts.13 January 2020
US troops deploying to the Middle East told to leave personal devices at home
US military officials fear operational security (OpSec) failures in handling personal devices might put soldiers in danger.13 January 2020
Don't Lose That Device
Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.13 January 2020
The five: ransomware attacks
Software that demands money with menaces has hit the big time. Here are some of its most lucrative formsCyber-attacks that threaten to publish a victim’s data or block access to it unless a ransom is paid have grown internationally since 2012.
Continue reading...12 January 2020
Academic research finds five US telcos vulnerable to SIM swapping attacks
Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks.11 January 2020
Proof-of-concept code published for Citrix bug as attacks intensify
Two Citrix bug (CVE-2019-19781) exploits have been published on GitHub yesterday, making future attacks trivial for most hackers.11 January 2020
Alleged Member of Neo-Nazi Swatting Group Charged
Federal investigators on Friday arrested a Virginia man accused of being part of a neo-Nazi group that targeted hundreds of people in "swatting" attacks, wherein fake bomb threats, hostage situations and other violent scenarios were phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target's address.10 January 2020
Synopsys Buys Tinfoil
Tinfoil Security's dynamic application and API security testing capabilities will be added to Synopsys Software Integrity Group.10 January 2020
Major Brazilian Bank Tests Homomorphic Encryption on Financial Data
The approach allowed researchers to use machine learning on encrypted data without first decrypting it.10 January 2020
Hundreds of millions of cable modems are vulnerable to new Cable Haunt vulnerability
Cable modems using Broadcom chips are vulnerable to a new vulnerability named Cable Haunt, researchers say.10 January 2020
6 Unique InfoSec Metrics CISOs Should Track in 2020
You might not find these measurements on a standard cybersecurity department checklist. But they can help evaluate risks you haven't even considered yet.
10 January 2020