• New Payments Platform Australia Exposed PayID Records Due to Client-side Technical Issues
    PayID records were exposed by a vulnerability in one of the financial institutions sponsored by Cuscal Limited. The exposed PayID records include PayID names and the associated account numbers.Read More
  • United States remains the worst-hit country in data breaches that occurred in first half of 2019
    There were 3,816 data breaches in the first six months of 2019, which resulted in the compromise of 4.1 billion records. Eight data breaches in the first half of 2019, accounted for the compromise of 3.2 billion records.Read More
  • Beapy/PCASTLE cryptocurrency miner can pause and spread laterally while you play intensive games
    The worm-cryptominer combo possess advanced cryptomining capabilities and can spread laterally to compromise multiple victims’. The cryptominer keeps itself stealthy by halting its operations if performance-intensive tasks such as popular games are running on the victims' computer.Read More
  • Hackers Target Website of World's Second Oldest Amusement Park Tivoli Gardens
    The compromised guest information includes names, date of birth, e-mail addresses, phone numbers, addresses, previous purchases, as well as credit card details. Upon discovery, Tivoli’s IT department took the necessary immediate steps and secured the website.Read More
  • Free online sandbox services can expose companies’ confidential documents, new study warns
    Researchers found over 200 malicious documents related to invoices and purchase orders. CVs and professional certificates were two other prevalent documents that were uploaded to the online sandbox services.Read More
  • Macon County Circuit Clerk Website Hacked By Iranian Hackers
    Attackers hacked the website of Macon County Circuit Clerk and defaced the webpage with a graphic of a person in a Guy Fawkes mask. However, the county’s Information Technology department restored the webpage.Read More
  • Ransomware modifications and infection attempts doubled in Q2 2019
    According to Kaspersky statistics, 232,292 unique users were targeted by ransomware attacks in Q2 2019, which is 46% more than Q2 2018 (158,921 users). The ransomware family that attacked users most often in Q2 2019 (23.4%) was WannaCry, followed by Gandcrab (13.8%).Read More
  • New variant of Bolik banking trojan distributed via fake Fake NordVPN Website
    Attackers hacked the website of Macon County Circuit Clerk and defaced the webpage with a graphic of a person in a Guy Fawkes mask. However, the county’s Information Technology department restored the webpage.Read More
  • Nokia 8 gets August security update 2019 in select markets
    According to Nokiapoweruser, the August security update 2019 for Nokia 8 is a 86MB download. When the update becomes available, you will either be prompted to download the update or check manually. You can check for update from Settings >> System Updates >> Check for update. The August security update is an important update since it addresses a critical vulnerability in the system. The Finnish company recently announced that it will offer security updates for another year to Nokia 3, Nokia 5, Nokia 6 and Nokia 8. These devices will move from monthly security update to quarterly update cycle.Read More
  • Medical device cybersecurity will be rubbish for 20 more years
    "Everything with a power point is probably connected, or will be shortly," says Christopher Neal, chief information security officer (CISO) of Ramsay Health Care. Even if those connected devices aren't transmitting patient medical data, increasingly they're conveying information about their own health. Australia's Therapeutic Goods Administration (TGA) issued its own Medical device cyber security guidance for industry last month. "There's good guidance, but any systems built with that guidance are probably three to four years away from market, and most of this gear's built to last 10 to 15 years," Neal said. "If you don't know about it you can't secure it," Neal said, so he launched a project to map all the devices across the organisations 74 hospitals. According to Neal, at Ramsay "there's an IT and organisational maturity that's a long way off".Read More
  • Chinese Cyber-Spies Target US-Based Research University
    In April 2019, the group targeted a publicly-accessible web server at a U.S.-based research university, exploiting CVE-2019-3396, a vulnerability in Atlassian Confluence Server, for path traversal and remote code execution. The attackers used custom JSON POST requests to run commands and force the vulnerable system to download an additional file, which was identified as a variant of the China Chopper web shell. Next, the attackers downloaded two additional files onto the system, the first of which was used to deploy the HIGHNOON backdoor, which consists of a loader, a dynamic-link library (DLL), and a rootkit. Within the next 35 minutes, the attackers used both the China Chopper web shell and the HIGHNOON backdoor to issue commands to the system. The attackers were also observed performing additional reconnaissance and downloading two additional files, representing the dropper and encrypted/compressed payload components of the ACEHASH malware, a credential theft and password dumping utility. “Ultimately, the attacker was able to exploit a vulnerability, execute code, and download custom malware on the vulnerable Confluence system.Read More
  • Moscow's blockchain voting system cracked a month before election
    A French security researcher has found a critical vulnerability in the blockchain-based voting system Russian officials plan to use next month for the 2019 Moscow City Duma election. Pierrick Gaudry, an academic at Lorraine University and a researcher for INRIA, the French research institute for digital sciences, found that he could compute the voting system's private keys based on its public keys. Moscow blockchain voting system encryption broken in 20 minutes When deployed next month, Moscow's internet voting system would become the first blockchain-based system used in a legally binding election, and not just in limited tests. The French academic was able to test Moscow's upcoming blockchain-based voting system because officials published its source code on GitHub in July, and asked security researchers to take their best shots. This closed-source nature around electronic voting machines and election systems used in the US is the reason why Microsoft recently announced plans to open-source on GitHub a new technology for securing electronic voting machines.Read More
  • Microsoft Will Pay Hackers $30,000 For Finding Flaws In The New Edge Browser
    Today, Microsoft released the first beta of the all-new Edge browser. Researchers can bank up to $30,000 by discovering "high impact vulnerabilities" in either the beta or the developer release of the Edge browser. An exploit may, for example, have to allow the attacker to break out of Edge's sandbox -- a virtual container that isolates code running in Edge from the rest of the operating system. Since Microsoft is offering up its own bug bounty program, the new Edge browser will reap the benefit of outside help on two fronts. One of the ways Google keeps Chrome secure is by offering bug bounties to researchers who discover vulnerabilities. It may also wind up being the most secure browser around now that Microsoft is willing to make it rain, and that's a pretty good reason to switch browsers in 2019.Read More
  • Bipartisan panel to issue recommendations for defending US against cyberattacks early next year
    The Cyberspace Solarium Commission — made up of bipartisan members of Congress, former government officials and industry representatives — is working toward formulating a comprehensive, strategic approach, commission member Suzanne Spaulding said at the Digital Government Institute’s 930gov conference. The commission was created by the 2019 National Defense Authorization Act (NDAA) and was named after President Eisenhower’s 1953 Solarium Project, which was tasked with developing a strategy to defend the U.S. against threats from the Soviet Union during the Cold War. The 2019 NDAA gave the commission a Sept. 1 deadline to submit its report to Congress, but both the House and Senate versions of the 2020 NDAA call for a later submission date: Feb. 2 in the Senate measure and Sept. 1, 2020, in the House bill.Read More
  • Texas agency blames 'single threat actor' for recent ransomware attacks
    The attacks took place late last week and took down systems of 22 Texas entities. The State Operations Center was immediately activated, and the FBI, the Department of Homeland Security and the Federal Emergency Management Agency are involved in the investigation into the attacks. While DIR has not named those impacted, the city governments of Borger, Texas, and Keene, Texas, have confirmed that they were among the victims of the attack. DIR noted Tuesday that all 22 impacted entities have been contacted by state and federal agencies involved in the response and that 25 percent of those impacted have “transitioned from response and assessment to remediation and recovery, with a number of entities back to operations as usual.” No Texas statewide networks and systems were impacted by the ransomware attacks. DIR recommended that both public and private organizations protect themselves against these types of cyber attacks through keeping software up to date, changing passwords to accounts regularly, modernizing older systems and backing up systems.Read More
  • Cyber crooks scam $184,000 from Collier County
    "The county funds were target of what the FBI identifies as a Business Email Compromise, that resulted in $184,000 being wire-transferred to a bank account fraudulently represented as belonging to Quality Enterprises USA, Inc., a contractor working for the county," wrote a county spokesman on behalf of Collier County and the Clerk of the Circuit Court."The facts of the investigation to date support that the fraud appears to have originated outside the United States," the statement read. "The full $184,000 was recovered from insurance carriers and Quality Enterprises was paid for the work it performed...the perpetrators did not gain access to email accounts or networks, and no ransomware or malware attacks occurred."Christian Wartchow, president of CyberSecure IT Solutions, said that phishing scams like this are on the rise."It's very important to raise your level of awareness about how many bad guys are out there," Wartchow said.Read More
  • VMware acquires security start-up Intrinsic in ongoing cloud push
    Pat Gelsinger, CEO of VMwareEnterprise software company VMware on Tuesday confirmed that it has acquired Intrinsic, a small San Francisco security start-up. Terms of the deal weren't disclosed.The acquisition represents another step in VMware's embrace of cloud technologies, despite VMware's legacy of providing products that companies can use to deploy software in their own data centers.Intrinsic sought to help software developers securely tap serverless computing, an increasingly popular approach that involves automatically triggering a system to operate when certain things happen. Intrinsic's technology lets users set policies about how these systems can operate. "This acquisition brings us unique expertise and technology as we look to expand our VMware AppDefense platform into the public cloud," a spokesperson said.VMware shares have nearly doubled since it formed a major partnership with Amazon Web Services, the market-leading public cloud provider, in 2016. Earlier this year VMware bought Bitnami, a privately held company that made it easy to deploy preliminary software on top of cloud-based servers.Read More
  • MoviePass security lapse exposed customer card numbers
    Movie ticket subscription service MoviePass has exposed tens of thousands of customer card numbers and personal credit cards because a critical server was not protected with a password. Many of the records were normal computer-generated logging messages used to ensure the running of the service — but many also included sensitive user information, such as MoviePass customer card numbers. These MoviePass customer cards are like normal debit cards: they’re issued by Mastercard and store a cash balance, which users who sign up to the subscription service can use to pay to watch a catalog of movies. Each customer card record had the MoviePass debit card number and its expiry date, the card’s balance and when it was activated. The database had more than 58,000 records containing card data — and was growing by the minute. We also found records containing customers’ personal credit card numbers and their expiry date — which included billing information, including names and postal addresses.Read More