Month: January 2019

0 Comments
by John E Dunn It’s 2019’s first browser update week with both Google and Mozilla tidying up security features and patching vulnerabilities in Chrome and Firefox for Mac, Windows, and Linux. But for Chrome security in version 72, it’s more about what’s being taken out than what’s being added. One of these changes is the
0 Comments
Facebook just announced its latest round of “coordinated inauthentic behavior,” this time out of Iran. The company took down 262 Pages, 356 accounts, three Facebook groups and 162 Instagram accounts that exhibited “malicious-looking indicators” and patterns that identify it as potentially state-sponsored or otherwise deceptive and coordinated activity. As Facebook Head of Cybersecurity Policy Nathaniel
0 Comments
European airplane maker Airbus admitted yesterday a data breach of its “Commercial Aircraft business” information systems that allowed intruders to gain access to some of its employees’ personal information. Though the company did not elaborate on the nature of the hack, it claimed that the security breach did not affect its commercial operations. So, there’s
0 Comments
Grab’s fundraising push continues unabated after the Southeast Asian ride-hailing firm announced that it has raised $200 million from Central Group, a retail conglomerate based in Thailand. Central’s business covers restaurants, hotels and more than 30 malls in Thailand, while it has operations in markets that include Vietnam and Indonesia. Its public-listed holding companies alone are worth more
0 Comments
It’s 2019 and technology is becoming more sophisticated and prevalent than ever. With more technology comes greater connectivity. In fact, by 2020, there will be more than 20 billion internet-connected devices around the world. This equates to more than four devices per person. As we adopt new technology into our everyday lives, it’s important to consider
0 Comments
During a recovery, is your organization’s storage secure? System attackers and data thieves are cowards, so it’s only natural that they’re attracted to enterprise systems when they’re most vulnerable. Disaster recovery is a complex and multifaceted operation, and your DR team members are likely already spreading themselves thin trying to ensure a speedy and complete
0 Comments
From January 25 to 28, 2019, multiple organizations, including Discover Financial Services, Verity Medical Foundation, Verity Health Systems and Allen Chern LLP, have made routine filings in accordance with California state law, reporting cybersecurity incidents that may or may not be data breaches, according to the office of the Attorney General (AG).   The AG’s website notes, “In
0 Comments
A file-hosting service registered within the last week is being used to spread information-stealing malware in another FormBook campaign, currently attacking retail and hospitality businesses both within and outside of the US, according to Deep Instinct. Though FormBook has been around since approximately 2016, this newest version is being discussed and shared in underground hacking
0 Comments
by Paul Ducklin Apple is scrambling to fix an embarrassingly dangerous “snooping” bug in its popular FaceTime app. In the meantime, Apple has apparently disabled the Group Facetime feature entirely, preferring to inflict a service outage than to leave the exploitable privacy hole gaping open. The bug was reported on well-known Mac news site 9to5Mac,
0 Comments
A new variant of the password-stealing Ursnif bank Trojan has been found in the wild delivering fileless infections while remaining undetected, according to Cisco Talos Intelligence. In a blog post, researchers wrote that the banking Trojan employs “fileless persistence which makes it difficult for traditional anti-virus techniques to filter out the C2 traffic from normal traffic.
0 Comments
by Matt Boddy Every so often I receive an unsolicited friend request on social media from an attractive woman doing a suggestive pose in her profile picture. I’m not just showing off that I get the occasional friend request from an attractive lady. The person in the profile picture of these accounts probably looks nothing
0 Comments
Among the increased number of malicious JavaScript email attachments observed in January 2019, ESET researchers have spotted a large wave of ransomware-spreading spam targeting Russian users January 2019 has seen a dramatic uptick in detections of malicious JavaScript email attachments, an attack vector that mostly lay dormant throughout 2018.  Among the “New Year edition” of
0 Comments
A team at a robot cybersecurity startup has released a free, open-source tool for information security professionals to help them easily ‘footprint’ and detect unprotected robots, not only connected to the Internet, but also to the industrial environments where they operate. Dubbed “Aztarna,” the framework has been developed by Alias Robotics, a Spanish cybersecurity firm
0 Comments
Didi Chuxing, China’s largest ride-hailing startup which claims over 550 million registered users, is deepening its focus on electric vehicles after it announced a joint venture with BAIC, a state-owned automotive giant. ‘Jingju’ — as the venture is called — is a partnership between Didi and BAIC affiliate Beijing Electric Vehicle that will develop “next-generation connected-car
0 Comments
Google Cloud Platform (GCP) services have been targeted by a newly discovered malware campaign delivering malware via PDF file decoys, according to Netskope Threat Research Labs. Attackers are reportedly using the Google Cloud App Engine platform to deliver malware with PDF decoys, identified as PDF_Phish.Gen, and GCP URLs that redirect victims to malicious payloads. *UPDATE*