Cybersecurity News
Chrome 87 released with fix for NAT Slipstream attacks, broader FTP deprecation
Support for FTP links will be disabled for 50% of Chrome 87 users, with a complete removal scheduled for Chrome 88.17 November 2020
Security Risks Discovered in Tesla Backup Gateway
Cybersecurity researchers report on the security and privacy risks of leaving a Tesla Backup Gateway exposed to the Internet.17 November 2020
An Inside Look at an Account Takeover

17 November 2020
Cisco Patches Critical Flaw After PoC Exploit Code Release

17 November 2020
Be Very Sparing in Allowing Site Notifications
An increasing number of websites are asking visitors to approve "notifications," browser modifications that periodically display messages on the user's mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling that communications pathway to scammers and online hucksters.17 November 2020
Ransomware Operator Promotes Distributed Storage for Stolen Data
The criminals behind the DarkSide ransomware-as-a-service operation say the system will be harder to take down.17 November 2020
Researchers warn of internet security risks connected to Tesla Backup Gateway
Hundreds of Tesla gateway systems have been found, exposed and open, online.17 November 2020
Some Apple Apps on macOS Big Sur Bypass Content Filters, VPNs

17 November 2020
Twitter hires veteran hacker Mudge as head of security

Peiter Zatko’s appointment follows mass attack on social media platform in July
Twitter has appointed one of the world’s most respected hackers as its new head of security in the wake of a humiliating mass attack in July.
The company has placed Peiter Zatko in charge of protecting its platform from threats of all varieties, poaching him from the payments startup Stripe. Zatko is better known as Mudge, his handle for more than 20 years of operation on both sides of the information security arena.
Related: Why are public thinkers flocking to Substack? | Sean Monahan
Continue reading...17 November 2020
Firefox 83 released with 'HTTPS-Only Mode' that only loads HTTPS sites
Mozilla expects that HTTPS-Only Mode will soon become the default browsing state for most web browsers.17 November 2020
Cryptocurrency platform dangles ‘bug bounty’ carrot to hacker who stole $2 million
Akropolis has not yet gone to law enforcement, giving the hacker time to consider the proposal.17 November 2020
More than 200 systems infected by new Chinese APT 'FunnyDream'
New Chinese APT discovered targeting Southeast Asian governments.17 November 2020
More than 245,000 Windows systems still remain vulnerable to BlueKeep RDP bug
Millions of computers and servers across the globe remain unpatched for some of today's most dangerous bugs.17 November 2020
Breakdown of a Break-in: A Manufacturer's Ransomware Response
The analysis of an industrial ransomware attack reveals common tactics and proactive steps that businesses can take to avoid similar incidents.16 November 2020
Dating Site Bumble Leaves Swipes Unsecured for 100M Users

16 November 2020
Global Pandemic Fuels Cyber-Threat Workload for National Cyber Security Centre, Shows Annual Review
From securing the Nightingale hospitals to tackling threats to vaccine research and production, a large part of the National Cyber Security Centre's (NCSC) recent work in the UK has been related to the coronavirus pandemic, as Ron Alalouff discovered when reporting on its Annual Review.16 November 2020
Attackers Target Porn Site Goers in ‘Malsmoke’ Zloader Attack

16 November 2020
Twitter Taps Mudge
Noted security researcher Peiter Zatko joins the social network as head of security.16 November 2020
Citrix SD-WAN Bugs Allow Remote Code Execution

16 November 2020
New Zoom feature can alert room owners of possible Zoombombing disruptions
The new "At-Risk Meeting Notifier" Zoom feature scans the internet and alerts conference organizers when a link to their Zoom meeting has been posted online.16 November 2020