- Italy's Antitrust Regulator Fines Google and Apple for "Aggressive" Data Practiceson November 27, 2021
Italy's antitrust regulator has fined both Apple and Google €10 million each for what it calls are "aggressive" data practices and for not providing consumers with clear information on commercial uses of their personal data during the account creation phase. The Autorità Garante della Concorrenza e del Mercato (AGCM) said "Google and Apple did not provide clear and immediate information on the
- Israel Bans Sales of Hacking and Surveillance Tools to 65 Countrieson November 27, 2021
Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reported by the Israeli business newspaper Calcalist, now only includes 37 countries, down from the previous 102:
- Metropolitan school system blocks threats with cybersecurity platformon November 26, 2021
A large K-12 school system implemented a cybersecurity platform from CloudCover to mitigate cyber risk.
- Hackers Targeting Biomanufacturing Facilities With Tardigrade Malwareon November 26, 2021
An advanced persistent threat (APT) has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called "Tardigrade." That's according to an advisory published by Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) this week, which noted that the malware is actively spreading across the sector with the likely goal of
- Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectableon November 26, 2021
A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his malware installer has been used in a variety of recent campaigns to deliver information stealers, RATs, and even LockBit ransomware,
- CronRAT: A New Linux Malware That’s Scheduled to Run on February 31ston November 26, 2021
Researchers have unearthed a new remote access trojan (RAT) for Linux that employs a never-before-seen stealth technique that involves masking its malicious actions by scheduling them for execution on February 31st, a non-existent calendar day. Dubbed CronRAT, the sneaky malware "enables server-side Magecart data theft which bypasses browser-based security solutions," Sansec Threat Research said
- How access control is fueling change in our physical spaceson November 26, 2021
Access control applications in business environments and commercial real estate can provide necessary data on COVID-19 workplace developments.
- Data loss: The ins and outson November 26, 2021
Is your organization prepared to prevent and recover from potential data loss?
- Product Releases Should Not Be Scaryon November 25, 2021
Every Product Manager and Software Developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. The smart are always quick to adapt to new, innovative technologies, and this mindset is exactly what makes normal companies great. The landscape is changing fast, especially in IT. Change isn't just necessary, but more often than
- New Twists on Gift-Card Scams Flourish on Black Fridayon November 25, 2021 in Malware, Web Security
Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday.
- Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malwareon November 25, 2021
A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines. "[T]he stealer is a PowerShell script, short with powerful collection capabilities — in only ~150 lines, it provides the
- If You're Not Using Antivirus Software, You're Not Paying Attentionon November 25, 2021
Stop tempting fate and take a look at our picks for the best antivirus programs on the market today. Every year there are billions of malware attacks worldwide. And these threats are constantly evolving. So if you are not currently using antivirus software, or you still rely on some free software you downloaded back in 2017, you are putting your cybersecurity in serious jeopardy. Need help
- Warning — Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wildon November 25, 2021
Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos disclosed that it "detected malware samples in the wild that are attempting to take advantage of this
- VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Clienton November 25, 2021
VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Tracked as CVE-2021-21980, the bug has been rated 7.5 out of a maximum of 10 on the CVSS scoring system,
- GoDaddy Data Breach Exposes Over 1 Million WordPress Customers' Dataon November 25, 2021
Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission (SEC), the world's largest domain registrar said that a malicious third-party managed to gain
- Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globallyon November 25, 2021
Multiple security weaknesses have been disclosed in MediaTek system-on-chips (SoCs) that could have enabled a threat actor to elevate privileges and execute arbitrary code in the firmware of the audio processor, effectively allowing the attackers to carry out a "massive eavesdrop campaign" without the users' knowledge. The discovery of the flaws is the result of reverse-engineering the Taiwanese
- Apple is suing NSO Groupon November 24, 2021
Apple is suing NSO Group, an Israeli firm that sells software to government agencies and law enforcement that enables them to hack iPhones.
- Nominate the top cybersecurity leaders in the security industryon November 24, 2021
Security magazine is now accepting nominations for its 2022 Top Cybersecurity Leaders program. Learn how to submit nominations here.
- 45% of companies do not employ a CISOon November 24, 2021
Navisite's "The State of Cybersecurity Leadership and Readiness" report found that 45% of companies do not employ a Chief Information Security Officer (CISO).
- 9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGalleryon November 24, 2021 in Malware, Mobile Security
A new trojan called Android.Cynos.7.origin, designed to collect Android users’ device data and phone numbers, was found in 190 games installed on over 9M Android devices.
- Apple alerts journalists, activists about state-sponsored hacking attempts after NSO Group suiton November 24, 2021 in Threats, Apple, Citizen Lab, NSO Group, spyware
On the same day Apple announced a lawsuit against Israeli spyware vendor NSO Group for developing hacking tools to help breach iOS technology, the company was notifying potential targets of those exploits. El Faro, a news organization in San Salvador, El Salvador, reported late Tuesday that 12 of its staff members received notices from the company, which warned that that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID.” The company also sent notices to four others in San Salvador who are “leaders of Civil Society organizations and opposition political parties,” the news organization reported. Notices were also sent to six Thai activists and researchers critical of the government there, Reuters reported. NSO Group develops software designed to allow access to target devices through various bugs in Apple’s technology. A company spokesperson told CyberScoop Tuesday that its The post Apple alerts journalists, activists about state-sponsored hacking attempts after NSO Group suit appeared first on CyberScoop.
- Ohio introduces first responder wellness programon November 24, 2021
The Ohio Department of Public Safety has opened a new office focusing on first responder mental health. The Office of First Responder Wellness aims to help address post-traumatic stress and other wellness topics pertaining to first responders.
- GoDaddy Breach Widens to Include Reseller Subsidiarieson November 24, 2021 in Breach, Hacks, Privacy, Web Security
Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen.
- Incident reporting, ransomware payment legislation faces trouble in Senateon November 24, 2021 in Government, Policy, Threats, Congress, Gary Peters, incident reporting, Mark Warner, National Defense Authorization Act, ransomware, Rick Scott, rob portman, Sen. Rob Portman, Senate Homeland Security and Governmental Affairs Committee, Susan Collins
Legislation requiring critical infrastructure owners to report major cyber incidents to the federal government, and mandating that ransomware victims disclose when they make payments, has hit a significant snag in the Senate. A bipartisan group of senators announced a proposal in November that would require critical infrastructure owners and operators to report within 72 hours to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency when they suffer major cyber incidents, as defined by CISA. It also would require reporting of ransomware payments to CISA from a broader set of organizations, excluding only individuals and some smaller businesses, within 24 hours. Advocates hope that by requiring swift reporting of major incidents, federal officials can help reduce the damage more quickly. Gathering intelligence about ransomware payments would help law enforcement and national security officials understand and act on digital extortion trends, officials say. Backers were unable to advance the proposal last The post Incident reporting, ransomware payment legislation faces trouble in Senate appeared first on CyberScoop.
- Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Makeron November 24, 2021 in Government, Malware, Mobile Security, Privacy, Vulnerabilities
Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company's woes.
- 5 minutes with Chris Hass: Why you shouldn't rely on cyber insuranceon November 24, 2021
Security talks to Chris Hass, former Department of Defense cybersecurity analyst, about why companies shouldn't rely on cyber insurance and what can be done to prepare instead.
- Attackers Actively Target Windows Installer Zero-Dayon November 24, 2021 in Malware, Vulnerabilities
Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month.
- Apple Sues Israel's NSO Group for Spying on iPhone Users With Pegasus Spywareon November 24, 2021
Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. The Cupertino-based tech giant painted NSO Group as "notorious hackers — amoral 21st century mercenaries who have created highly sophisticated
- APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Userson November 24, 2021
A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that allow it to be stealthier and more persistent while passing off as seemingly innocuous app updates to stay under the radar. The new variants have "incorporated new features into their malicious apps that make them more resilient to actions by users, who might try
- Webinar and eBook: The Dark Side of EDR. Are You Prepared?on November 24, 2021
Endpoint Detection and Response (EDR) platforms have received incredible attention as the platform for security teams. Whether you're evaluating an EDR for the first time or looking to replace your EDR, as an information security professional, you need to be aware of the gaps prior already to implementation so you can best prepare how to close the gaps. It's important to understand that each
- Over 9 Million Android Phones Running Malware Apps from Huawei's AppGalleryon November 24, 2021
At least 9.3 million Android devices have been infected by a new class of malware that disguises itself as dozens of arcade, shooter, and strategy games on Huawei's AppGallery marketplace to steal device information and victims' mobile phone numbers. The mobile campaign was disclosed by researchers from Doctor Web, who classified the trojan as "Android.Cynos.7.origin," owing to the fact that the
- Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBoxon November 24, 2021
A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service (DoS) condition. "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox," the advisory reads. "Successful attacks of
- Standardizing video conferencing security guidelines should be a top government priorityon November 24, 2021
The new realities of communicating in the remote work environment have led to a whole new set of challenges. Initiatives related to protecting users on virtual meeting tools should be at the forefront of every government’s cybersecurity agenda.
- Mitigating workplace violence in healthcare with mass notificationon November 24, 2021
Every organization is trying to find ways to mitigate workplace violence, but healthcare organizations have several obstacles that can make this difficult task even more challenging.
- Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcaston November 23, 2021 in Podcasts, Sponsored, Vulnerabilities, Web Security
That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky.
- 'Shiba Inu' token scams surge with the virtual currency's popularityon November 23, 2021 in Financial, Threats, cryptocurrency, Federal Trade Commission (FTC), fraud, scam, Shiba Inu
When the Shiba Inu token, a meme-based virtual currency, hit its highest all-time value in October, it didn’t take long for scammers to seize on the trend for their own benefit. Live YouTube videos promising bogus giveaways of the token have racked up hundreds of thousands of views, while groups on Telegram promoting other frauds have also exploded, according to research shared exclusively with CyberScoop. Many Shiba scams identified by the security firm Tenable all take a nearly identical approach. Accounts live-stream old footage from a June event featuring Jack Dorsey and Elon Musk, a popular name among crypto enthusiasts, with on-screen instructions for users to send an arbitrary amount of currency into a wallet, with the promise of getting twice as much or more in return. Scams have earned $239,000 worth of cryptocurrency since October 20, based on an analysis of online wallet addresses associated with nefarious Shiba Inu-themed pages, The post 'Shiba Inu' token scams surge with the virtual currency's popularity appeared first on CyberScoop.
- Apple sues NSO Group, spyware vendor known for helping governments hack criticson November 23, 2021 in Geopolitics, Threats, Apple, NSO Group, spyware
Apple is suing Israeli spyware vendor NSO Group “to hold it accountable for the surveillance and targeting of Apple users,” the company announced Tuesday. The technology company is seeking to permanently ban NSO Group from using any Apple software, services or devices amid reports that the firm sells technology that makes it possible for governments to hack individual devices to spy on journalists, dissidents and human rights activists. As part of those efforts NSO Group has developed exploits capable of subverting Apple’s security controls, requiring “thousands of hours to investigate the attacks, identify the harm, diagnose the extent of the impact and exploitation, and develop and deploy the necessary repairs and patches to ensure that Apple servers,” the suit says. In a statement, NSO Group claimed without evidence that its technologies have saved lives around the world. The statement did not address Apple’s suit. “State-sponsored actors like the NSO Group The post Apple sues NSO Group, spyware vendor known for helping governments hack critics appeared first on CyberScoop.
- Wesley Story joins Genesys as Chief Information Officeron November 23, 2021
Experienced cybersecurity professional Wesley Story joins Genesys as the new Chief Information Officer (CIO).
- GoDaddy breach: Up to 1.2 million user records compromisedon November 23, 2021
A breach of the GoDaddy Managed WordPress hosting environment exposed information from up to 1.2 million users, including email addresses, login information and more.