Smominru hijacks half a million PCs to mine cryptocurrency, steals access data for Dark Web sale

Commodity cryptomining appears to be shifting to a data theft model.

Twitter may have shared user data with ad partners without user consent

Twitter said it shared some user data such as country and device type with some advertisers since May 2018.

New ‘warshipping’ technique gives hackers access to enterprise offices

Delivery workers may inadvertently provide the bridge between hacker and victim.

Facebook files lawsuit against two Android app developers for click fraud

Facebook sues LionMobi and JediMobi, two Android app developers.

Security bugs in popular Cisco switch brand allow hackers to take over devices

The three vulnerabilities are as bad as it gets in terms of security flaws -- an authentication bypass, a remote code execution, and a command injection.

AT&T employees took bribes to plant malware on the company's network

DOJ charges Pakistani man with bribing AT&T employees more than $1 million to install malware on the company's network, unlock more than 2 million devices.

Unpatched KDE vulnerability disclosed on Twitter

Just viewing --not running-- a malicious .desktop or .directory file inside a file browser can run malicious code on a user's system.

QualPwn vulnerabilities in Qualcomm chips let hackers compromise Android devices

Patches for the QualPwn vulnerabilities have been released earlier today by both Qualcomm and the Android team.

FBI warns of rising trend where cybercriminals recruit money mules via dating sites

Instead of requesting money from victims, romance scammers are now tricking partners into relaying stolen funds.

Microsoft: Russian state hackers are using IoT devices to breach enterprise networks

Microsoft said it detected Strontium (APT28) targeting VoIP phones, printers, and video decoders.

Let's Unzip the Fly - PSW #614

This week, we welcome Sam Straka, Technical Product Manager at LogRhythm, to talk about LogRhythm's Next Gen SIEM Platform orchestration! In our second segment, we welcome Doug Coburn, Director of Professional Services at Signal Sciences, to talk about how Signal Sciences is Implemented, and we'll take a look at installing Signal Sciences in a Kubernetes environment and the Signal Sciences dashboard! In the Security News, the U.S. Government issues a light aircraft cyber alert, thieves steal a laptop with 30 years of Data from University of Western Australia, RCE is possible by exploiting flaws in Vxworks, and the alleged Capital One hacker is barely bothered to hide!

 

To learn more about LogRhythm, visit: https://securityweekly.com/logrhythm

To learn more about Signal Sciences, visit: https://signalsciences.com/psw

Full Show Notes: https://wiki.securityweekly.com/Episode614

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Monzo admits to storing payment card PINs in internal logs

Bug in Monzo mobile apps sent account PINs to internal logs. The logs were encrypted, Monzo said.

Microsoft launches Azure Security Lab, expands bug bounty rewards

Researchers can earn up to $40,000 for reporting Azure vulnerabilities.

MegaCortex ransomware slams enterprise firms with $5.8 million blackmail demands

New malware strains are hitting enterprise companies in Europe and the US.

Google, Arm team up to tackle memory vulnerabilities through MTE

It is hoped that adopting MTE might help track and detect memory security flaws.

A cyber-espionage group has been stealing files from the Venezuelan military

It is unclear if the Machete group is state-sponsored, or a freelancer selling data to the highest bidder.

Cloudflare terminates service to 8chan after recent US shootings

8chan has harbored a community of hate and three mass-shooters have now hosted manifestos on the platform.

Cyberattacks against industrial targets have doubled over the last 6 months

12,000 workstations on average will be damaged in cases of destructive malware.

US military purchased $32.8m worth of electronics with known security risks

List of vulnerable products purchased by the DoD includes Lexmark printers, GoPro cameras, and Lenovo computers.

GitHub sued for aiding hacking in Capital One breach

Class-action lawsuit filed in California against Capital One... and GitHub???

New Dragonblood vulnerabilities found in WiFi WPA3 standard

Two new Dragonblood bugs allow attackers to recover passwords from WPA3 WiFi networks

GermanWiper ransomware hits Germany hard, destroys files, asks for ransom

Users advised not to pay the ransom under any circumstances!

Google Project Zero: 95.8% of all bug reports are fixed before deadline expires

Google Project Zero: Disclosing technical bug reports and PoCs help defenders more than attackers.

DealPly adware abuses Microsoft, McAfee services to evade detection

The malware leverages interesting techniques to avoid discovery by AVs.

Suspected state-sponsored hacking group tried to break into US utilities

Researchers say the phishing attempts were spotted in July.

Poshmark clothing marketplace says hacker stole customer details

Usernames, emails, and hashed passwords were among the stolen data, Poshmark said.

New Windows malware sets up proxies on your PC to relay malicious traffic

New SystemBC malware spotted in the wild helping other malware strains bypass firewalls, hide bad traffic.

Breach alert in South Korea after 1m card details were put up for sale online

Source of the card records remains a mystery. Could be a bank, a restaurant chain, a PoS provider.

Voter records for 80% of Chile's population left exposed online

Chile's Electoral Service confirms the data's authenticity, but denies it owns the leaky server.

Development stops on PowerShell Empire framework after project reaches its goal

Everybody knows that PowerShell can be used for malware now. No need for Empire to exist.

New Mirai botnet lurks in the Tor network to stay under the radar

The malware’s command center is hidden to make takedowns a more complicated process.

FTC: Too many people signed up for Equifax cash, so they'll be getting less than $125

FTC recommends that users switch some of their claims from cash payments to free credit monitoring services, as they provide a better value.

Let It Go - ESW #147

This week, Paul, Matt, and John discuss how Microsoft acquires BlueTalon to bolster data governance offerings, Arduino selects Auth0 as standardized login for open source ecosystem, new code-signing solution released by Venafi, and ExtraHop issues warning about phoning home in new security advisory! In our second segment, we talk Evaluating Security Vendors! In our final segment, we welcome Charles Thompson, Senior Director of Product Management at VIAVI Solutions!

 

To learn more about VIAVI Solutions, visit: https://securityweekly.com/viavi

Full Show Notes: https://wiki.securityweekly.com/ES_Episode147

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Fake iPhone, iPad smuggler lands behind bars

Over 40,000 dodgy devices and accessories were smuggled into the United States.

Cisco to pay $8.6 million for selling vulnerable software to US government

Danish contractor gets $1.6 million of the final settlement for reporting Cisco to the US government.

MICROCHIPS Act wants to secure US govt supply chain against Chinese sabotage

New bill would create new government body tasked with reviewing equipment and technologies used by government agencies and US military.

iPhone Bluetooth traffic leaks phone numbers -- in certain scenarios

The Apple bug that might accidentally help catch people behind the recent malicious AirDrop file sharing epidemic.

Netflix motion tracking reveals what the future of ad engagement data gathering may hold

If you’re moving, perhaps you’re not really paying attention to the content on display.

IoT home security camera allows hackers to listen in over HTTP

Unauthenticated, remote snooping is possible over the Internet.

Google Chrome 76 released for Windows, Mac, and Linux

Chrome 76: Flash will remain disabled by default for all sites, and users will have to activate it on every page visit.

DHS warns about CAN bus vulnerabilities in small aircraft

DHS cyber-security agency CISA recommends that aircraft owners restrict access to planes "to the best of their abilities."

Telegram rolls out fix for voicemail hack used against Brazilian politicians

Telegram reacts after hackers have hijacked more than 1,000 accounts in Brazil.

Apple's AWDL protocol plagued by flaws that enable tracking and MitM attacks

Apple patched a bug in May, but academics say the rest of the flaws require a redesign of some Apple services.

Over half of enterprise firms don’t have a clue if their cybersecurity solutions are working

New research suggests that money is being spent, but throwing cash at security problems isn't resolving anything.

This new Android ransomware infects you through SMS messages

Filecoder isn’t perfect malware but has the potential to become a serious threat.

Thousands of Los Angeles police caught up in data breach, personal records stolen

The department wasn’t aware until directly contacted by the hacker.

Apple’s Siri overhears your drug deals and sexual activity, whistleblower says

Quality control frequently comes across recordings which should not have existed in the first place.

Google researchers disclose vulnerabilities for 'interactionless' iOS attacks

The six bugs, if sold on the exploit market, would have brought in well over $5 million.

Ransomware infection takes some police car laptops offline in Georgia

Ransomware infection impacted police car laptops for the Georgia State Patrol, Georgia Capitol Police, and the Georgia Motor Carrier Compliance Division.

US files lawsuit against Bitcoin exchange that helped launder ransomware profits

As "Mr. Bitcoin" seems destined to be extradited to Russia, US authorities are trying to recover some of BTC-e's funds in a last ditch effort.

Urgent11 security flaws impact routers, printers, SCADA, and many IoT devices

Security updates are out, but patching will most likely take months, if not years.

Dark Web drug kingpin charged, forfeits $4 million in Bitcoin

The narcotics seller specialized in drugs used to sedate elephants.

DMARC's abysmal adoption explains why email spoofing is still a thing

Fortune 500 companies, Chinese firms, and about everyone else, still lagging in terms of DMARC adoption.

UK made illegal copies and mismanaged Schengen travelers database

EU officials indirectly confirm UK's gross mismanagement detailed in an unconfirmed report last week.

Earn Your Stripes - Business Security Weekly #138

This week, we welcome Todd Fitzgerald, Managing Director/CISO/Cybersecurity Leadership Author at CISO SPOTLIGHT, LLC, to discuss his book, the CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers! In the Leadership and Communications segment, Leading with Trust, Portrait of a CISO, roles and responsibilities, Cybersecurity Risk: What does a "reasonable" posture entail and who says so?, and more!

 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode138

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Hack Naked News #229 - July 30, 2019

This week, a rare steganography hack can compromise fully patched websites, the Louisiana governor declares state of emergency after a local ransomware outbreak, Google found a way to remotely attack Apple iOS devices by sending a boobytrapped iMessage, and 100 million users data stolen in the Capital One breach! In the expert commentary, we welcome Jason Wood, to discuss how the U.S. issues a hacking security alert for small planes!

 

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode229

Visit https://www.securityweekly.com/hnn for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

CAN Bus Network Implementation in Avionics

CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft. CISA is issuing this alert to provide early notice of the report.

Off Guard - Application Security Weekly #71

This week, in the Application Security News, Rare Steganography Hack Can Compromise Fully Patched Websites, Bug Bounties Continue to Rise as Google Boosts its Payouts, Snyk Acquires DevSecCon to Boost DevSecOps Community, and much more! In our second segment, we welcome Murray Goldschmidt, COO & Co-founder of Sense of Security, to talk about The State of Container Security in the Enterprise!

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode71

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

Well Lubricated - Paul's Security Weekly #613

This week, we welcome Troels Oerting, Head of the Global Centre for Cybersecurity at the World Economic Forum, to discuss Integrity through Prevention, and protection and prosecution via people, technology, and processes! In the Security News, a phishing scheme that targets AMEX cardholders, the list of labs affected by the American Medical Collection Agency data breach continues to grow, a Silk Road drug dealer gets caught converting Bitcoin to cash, how GDPR is forcing the tech industry to rethink Identity Management and Authentication, and a Mirai-like botnet wages massive application layer DDoS attack! In our final segment, we air a pre recorded interview with Murray Goldschmidt, to talk about DDoS and Container Security!

 

Full Show Notes: https://wiki.securityweekly.com/Episode613

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

We're Not Investment Bankers - Enterprise Security Weekly #146

This week, Matt and Paul discuss how Synopsys and Ixia announce a collaboration to enable scalable networking SoC validation, Digital Shadows announces significant updates to its SearchLight platform, Check Point introduces high-performance security gateways, and nine steps to lock down corporate browsers! In our second segment, we welcome Luis Giraldo, VP of Strategy at Kaseya, to talk about Unified IT and the capabilities of Kaseya's IT Complete Platform! In our final segment, we welcome Michael Aiello, Director of Product Management of Google Cloud Security, to talk about Security Responsibility in the Hybrid and Multi-Cloud!

 

To learn more about Kaseya, visit: https://securityweekly.com/kaseya

Full Show Notes: https://wiki.securityweekly.com/ES_Episode146

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly