Sat.Jun 15, 2019 - Fri.Jun 21, 2019

article thumbnail

Backdoor Built into Android Firmware

Schneier on Security

In 2017, some Android phones came with a backdoor pre-installed : Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here , the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered.

Firmware 255
article thumbnail

Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy

Krebs on Security

A medical billing firm responsible for a recent eight-month data breach that exposed the personal information on nearly 20 million Americans has filed for bankruptcy, citing “enormous expenses” from notifying affected consumers and the loss of its four largest customers. The filing, first reported by Bloomberg, comes from the Retrieval-Masters Creditors Bureau , the parent company of the American Medical Collection Agency (AMCA).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Update 144

Troy Hunt

So first things first - my patience for the Instamics we're wearing just reached zero. One of them recorded and one of them didn't which means we've had to fallback to audio captured by the iPhone I was recording from so apologies it's sub-par. I ended up just uploading the unedited clip direct from the phone because frankly, after trying to recover the non-existent audio both my time and patience were well into the red.

155
155
article thumbnail

Happy Juneteenth!

Adam Shostack

Juneteenth is the celebration of the end of slavery in the US. We should have more holidays that celebrate freedom for the sake of freedom. So happy Juneteenth, everyone!

113
113
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Risks of Password Managers

Schneier on Security

Stuart Schechter writes about the security risks of using a password manager. It's a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned. My particular choices about security and risk is to only store passwords on my computer -- not on my phone -- and not to put anything in the cloud.

article thumbnail

Is Your Data Safe in the Cloud?

Thales Cloud Protection & Licensing

As organizations move more of their sensitive data to cloud platforms for the efficiency, flexibility and scalability that it promises, security and control continue to be a significant obstacle to this adoption. Although the 2019 Thales Data Threat Report-Global Edition tells us that 90% of organizations report using the cloud and 71% say they are using sensitive data in cloud environments, it also finds that, globally, 60% of organizations surveyed have been breached at some point in their his

More Trending

article thumbnail

The Evolution of Identity

Dark Reading

How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.

article thumbnail

Hacking Hardware Security Modules

Schneier on Security

Security researchers Gabriel Campana and Jean-Baptiste Bédrune are giving a hardware security module (HSM) talk at BlackHat in August: This highly technical presentation targets an HSM manufactured by a vendor whose solutions are usually found in major banks and large cloud service providers. It will demonstrate several attack paths, some of them allowing unauthenticated attackers to take full control of the HSM.

Firmware 227
article thumbnail

Quantum-Resistant TLS in Go

Thales Cloud Protection & Licensing

Quantum computing attacks may have already begun. Confidential data is being exchanged using algorithms that will eventually be broken by quantum computers. Even though attackers cannot break the communications today (for we lack sufficiently powerful quantum computers), they can patiently record them for future analysis. Perhaps the most popular way to share confidential data between two remote parties is through a TLS connection.

article thumbnail

New phishing campaign targets bank customers with WSH RAT

Security Affairs

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT.

Banking 102
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Attackers Exploit MSP's Tools to Distribute Ransomware

Dark Reading

Early information suggests threat actors gained access to the managed service provider's remote monitoring and management tools and used them to attack the firm's clients.

article thumbnail

How Apple's "Find My" Feature Works

Schneier on Security

Matthew Green intelligently speculates about how Apple's new "Find My" feature works. If you haven't already been inspired by the description above, let me phrase the question you ought to be asking: how is this system going to avoid being a massive privacy nightmare? Let me count the concerns: If your device is constantly emitting a BLE signal that uniquely identifies it, the whole world is going to have (yet another) way to track you.

Marketing 220
article thumbnail

Iranian Hackers Launch a New US-Targeted Campaign as Tensions Mount

WIRED Threat Level

Three cybersecurity firms have identified phishing attacks stemming from Iran—that may lay the groundwork for something more destructive.

article thumbnail

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Security Affairs

Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux bot AESDDoS. Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA).

DDOS 93
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

How Hackers Emptied Church Coffers with a Simple Phishing Scam

Dark Reading

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.

Scams 98
article thumbnail

Maciej Ceg?owski on Privacy in the Information Age

Schneier on Security

Maciej Ceg?owski has a really good essay explaining how to think about privacy today: For the purposes of this essay, I'll call it "ambient privacy" -- the understanding that there is value in having our everyday interactions with one another remain outside the reach of monitoring, and that the small details of our daily lives should pass by unremembered.

article thumbnail

Tricky Scam Plants Phishing Links in Your Google Calendar

WIRED Threat Level

Scammers are taking advantage of default calendar settings to try to trick users into clicking malicious links.

Scams 102
article thumbnail

From Targeted Attack to Untargeted Attack

Security Affairs

Today I’d like to share an interesting and heavily obfuscated Malware which made me thinking about the meaning of ‘Targeted Attack’ Nowadays a Targeted Attack is mostly used to address state assets or business areas. For example a targeted attack might address Naval industry ( MartyMcFly example is definitely a great example) or USA companies ( Botnet Against USA, Canada and Italy is another great example) and are mainly built focusing specific target sectors.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Inside the FBI's Fight Against Cybercrime

Dark Reading

Heavily outnumbered and outpaced by their targets, small FBI cybersquads have been quietly notching up major wins against online criminals operating out of home and abroad.

article thumbnail

Data, Surveillance, and the AI Arms Race

Schneier on Security

article thumbnail

Consumers Urged to Junk Insecure IoT Devices

Threatpost

A security researcher who disclosed flaws impacting 2 million IoT devices in April - and has yet to see a patch or even hear back from the manufacturers contacted - is sounding off on the dire state of IoT security.

IoT 77
article thumbnail

Bird Miner, a macOS miner that runs by emulating Linux

Security Affairs

Security experts at Malwarebytes have discovered a new macOS crypto miner, tracked as Bird Miner, that works by emulating Linux. Researchers at MalwareBytes have spotted a new cryptominer, tracked as Bird Miner, that targets macOS and emulates Linux. The malware spreads via a cracked installer for the music production software Ableton Live that is distributed on a piracy website called VST Crack, and that is over 2.6 GB in size. “ A new Mac cryptocurrency miner Malwarebytes detects as Bird

Malware 88
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

How Fraudulent Domains 'Hide in Plain Sight'

Dark Reading

Cybercriminals use new types of top-level domains, topical keywords, and targeted emails to trick victims into clicking malicious links.

100
100
article thumbnail

Cop Gets $585K After Colleagues Snooped on Her DMV Data

WIRED Threat Level

A jury this week finds that Minneapolis police officers abused their license database access. Dozens of other lawsuits have made similar claims.

88
article thumbnail

Feds: Cyberattack on NASA’s JPL Threatened Mission-Control Data

Threatpost

Rampant security-operations bungling allowed cyberattackers to infiltrate JPL's network, which carries human mission data.

article thumbnail

The Riviera Beach City pays $600,000 in ransom

Security Affairs

The Riviera Beach City, Florida, agreed to pay $600,000 in ransom to decrypt its data after a ransomware-based attack hit its computer system. The Riviera Beach City Council voted unanimously to pay $600,000 in ransom to decrypt its records after a ransomware attack hit its systems. The council has previously agreed to spend $941,000 to modernize the entire IT infrastructure after hackers broke into the city’s system three weeks ago, ecrypting data managed by the City.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.

article thumbnail

Customers of 3 MSPs Hit in Ransomware Attacks

Dark Reading

Early information suggests threat actors gained access to remote monitoring and management tools from Webroot and Kaseya to distribute malware.

article thumbnail

The Global Hawk Drone Iran Shot Down Was a $220M Surveillance Monster

WIRED Threat Level

The Global Hawk can fly at an altitude of 55,000 feet and stay aloft for 30 hours straight.

article thumbnail

Microsoft Pushes Azure Users to Patch Linux Systems

Threatpost

Microsoft is urging users to patch every Exim installation in their organization and make sure that they are updated to the most recent version, Exim version 4.92.

74
article thumbnail

XSS flaw would have allowed hackers access to Google’s network and impersonate its employees

Security Affairs

Bug hunter Thomas Orlita discovered an XSS vulnerability in Google’s Invoice Submission Portal that would have allowed attackers access to Google’s internal network. The Czech researcher Thomas Orlita discovered an XSS vulnerability in Google’s Invoice Submission Portal that would have allowed attackers access to part of Google’s internal network.

article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Did you know that 2021 was a record-breaking year for ransomware? The days of a “once in a while” attack against businesses and organizations are over. Cyberthreats have become a serious issue. With 495.1 million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists.