Cybersecurity News


Malicious ‘Blur’ Photo App Campaign Discovered on Google Play

Malicious ‘Blur’ Photo App Campaign Discovered on Google Play Twenty-nine bad mobile apps with a combined 3.5 million downloads bombard users with out-of-context ads.
24 July 2020

FBI warns US companies about backdoors in Chinese tax software

Following the GoldenHelper and GoldenSpy malware reports, the FBI is now warning US companies operating in China.
24 July 2020

Smartwatch maker Garmin hit by outages after ransomware attack

Smartwatch maker Garmin hit by outages after ransomware attack

US company forced to shut down call centres, website and some other online services

Garmin has been forced to shut down its call centres, website and some other online services after a ransomware attack encrypted the smartwatch maker’s internal network and some production systems.

The US company shut down services including the official Garmin website and all customer services, including phone lines, online chat and email.

Related: The five: ransomware attacks

Continue reading...
24 July 2020

Twilio Security Incident Shows Danger of Misconfigured S3 Buckets

Twilio says attackers accessed its misconfigured cloud storage system and altered a copy of the JavaScriptSDK it shares with customers.
23 July 2020

DNA Site Leaves Records Open to Law Enforcement

A pair of breaches reset user accounts to allow access for two days.
23 July 2020

Twitter Breach a Reminder of Need to Protect Corporate Social Media Use

Intruders had access to direct messages associated with 36 accounts in last week's attack, social media giant discloses.
23 July 2020

Cisco Network Security Flaw Leaks Sensitive Data

Cisco Network Security Flaw Leaks Sensitive Data The flaw exists in Cisco's network security Firepower Threat Defense (FTD) software and its Adaptive Security Appliance (ASA) software.
23 July 2020

Garmin Suffers Reported Ransomware Attack

Garmin Suffers Reported Ransomware Attack Garmin's services, websites and customer service have all been down since Wednesday night.
23 July 2020

Data Privacy Challenges for California COVID-19 Contact Tracing Technology

Developers, governments, and regulators must work with the cybersecurity industry to apply rigorous standards to contact-tracing apps to make sure that the societal impact of COVID-19 doesn't extend into personal privacy.
23 July 2020

Garmin services and production go down after ransomware attack

Smartwatch and wearable maker Garmin planning multi-day maintenance window to deal with ransomware incident.
23 July 2020

CouchSurfing Investigates Potential Data Breach

The service has reportedly hired a security firm after 17 million user records were found on a public hacking forum.
23 July 2020

Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers

Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers COVID-19 has changed the face of cybercrime, as the latest malware statistics show.
23 July 2020

NY Charges First American Financial for Massive Data Leak

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties.
23 July 2020

Google adds security enhancements to Gmail, Meet and Chat

The tech giant introduces its own version of verified accounts in Gmail, rolls out increased moderation controls in Meet, and enhances phishing protection in Chat

The post Google adds security enhancements to Gmail, Meet and Chat appeared first on WeLiveSecurity

23 July 2020

ASUS Home Router Bugs Open Consumers to Snooping Attacks

ASUS Home Router Bugs Open Consumers to Snooping Attacks The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router.
23 July 2020

Cisco, Zoom and Others Must Bolster Security, Say Privacy Chiefs

Cisco, Zoom and Others Must Bolster Security, Say Privacy Chiefs Privacy commissioners worldwide urged video conferencing systems like Microsoft, Cisco and Zoom to adopt end-to-end encryption, two-factor authentication and other security measures.
23 July 2020

Vulnerable Invisible Salamanders and You: A Tale of Encryption Weakness

Vulnerable Invisible Salamanders and You: A Tale of Encryption Weakness A Black Hat presentation will discuss how vulnerabilities found in Facebook Messenger encryption could mean trouble for your secure messages.
23 July 2020

Deepfakes & James Bond Research Project: Cool but Dangerous

Deepfakes & James Bond Research Project: Cool but Dangerous Open source software for creating deepfakes is getting better and better, to the chagrin of researchers
23 July 2020

Twitter: Hackers Accessed Private Messages for Elite Accounts

Twitter: Hackers Accessed Private Messages for Elite Accounts A Dutch elected official is among those whose DMs were hijacked, the company said.
23 July 2020

8 Cybersecurity Themes to Expect at Black Hat USA 2020

8 Cybersecurity Themes to Expect at Black Hat USA 2020 Here are the trends and topics that'll capture the limelight at next month's virtual event.
23 July 2020