Trending Articles

Medical Device Security Alerts: The Latest Updates

Data Breach Today

More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.

Three Charged in July 15 Twitter Compromise

Krebs on Security

Three individuals have been charged for their alleged roles in the July 15 hack on Twitter , an incident that resulted in Twitter profiles for some of the world’s most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Business ID Theft Soars Amid COVID Closures

Krebs on Security

Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned.

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

The Last Watchdog

It took a global pandemic and the death of George Floyd to put deep-seated social inequities, especially systemic racism, front and center for intense public debate. Related: Will ‘blockchain’ lead to more equitable wealth distribution?

IT 198

Garmin allegedly paid for a decryptor for WastedLocker ransomware

Security Affairs

BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware.

Hackers Broke Into Real News Sites to Plant Fake Stories

WIRED Threat Level

A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO. Security Security / Cyberattacks and Hacks

More Trending

Is Your Chip Card Secure? Much Depends on Where You Bank

Krebs on Security

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based

Sales 209

Survey of Supply Chain Attacks

Schneier on Security

The Atlantic Council has a released a report that looks at the history of computer supply chain attacks.

Access 104

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

The FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. and foreign government organizations. The FBI has issued a new security flash alert to warn of Netwalker ransomware attacks targeting U.S. and foreign government organizations.

How the Alleged Twitter Hackers Got Caught

WIRED Threat Level

Bitcoin payments and IP addresses led investigators to two of the alleged perpetrators in just over two weeks. Security Security / Cyberattacks and Hacks

Garmin Confirms Hackers Encrypted Several Systems

Data Breach Today

Navigation and Smartwatch Company Stops Short of Using Term 'Ransomware' Garmin acknowledged Monday that a "cyberattack" that encrypted several of its systems led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline.

'Hidden Property Abusing' Allows Attacks on Node.js Applications

Dark Reading

A team of researchers from Georgia Tech find a new attack technique that targets properties in Node.js and plan to publicly release a tool that has already identified 13 new vulnerabilities

90

A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account

Security Affairs

A critical flaw in the wpDiscuz WordPress plugin could be exploited by remote attackers to execute arbitrary code and take over the hosting account. Security experts from Wordfence discovered a critical vulnerability impacting the wpDiscuz WordPress plugin that is installed on over 80,000 sites.

Access 101

The Garmin Hack Was a Warning

WIRED Threat Level

As ransomware groups turn their attention to bigger game, expect more high-profile targets to fall. Security Security / Cyberattacks and Hacks

Twitter Hackers Targeted Employees With Phone Phishing

Data Breach Today

Social Media Firm Says Fraudsters Executed Their Cryptocurrency Scam Within a Day The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

Most of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal.

Sales 192

Universities across the UK and North America confirm cyber attack

IT Governance

A software supplier used by some of the UK’s biggest universities has confirmed that it suffered a cyber attack in May.

GDPR 87

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers.

3 Arrested for Massive Twitter Breach

Dark Reading

Three individuals aged 17, 19, and 22 have been charged for their alleged roles in the massive July 15 Twitter attack

79

Dave: Mobile Banking App Breach Exposes 3 Million Accounts

Data Breach Today

Hack Blamed on Credentials Stolen via Breach of Third-Party Service Provider Waydev Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud.

Incognito Mode May Not Work the Way You Think It Does

WIRED Threat Level

Every browser has a private mode—but the privacy it offers has a limit. Security Security / Privacy

IT 72

Fake Stories in Real News Sites

Schneier on Security

Fireeye is reporting that a hacking group called Ghostwriter broke into the content management systems of Eastern European news sites to plant fake stories.

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way! How to hack IoT & RF Devices with BürtleinaBoard. Disclaimer : due to a complaint from the citizens of my native city in Italy… I had to rename #PiadinaBoard into #BurtleinaBoard.

IoT 108

Citizens Are Increasingly Worried About How Companies Use Their Data

Dark Reading

With data privacy important to almost every American, more than two-thirds of those surveyed say they don't trust companies to ethically sell their data

Lazarus Group Reportedly Now Wielding Ransomware

Data Breach Today

Kaspersky Discovers 2 Incidents Involving VHD Ransomware The Lazarus Group, the North Korean hacking group behind the WannaCry worm, the theft of $81 million from a Bangladesh bank and the attacks on Sony Pictures, apparently is expanding into ransomware, according to the security firm Kaspersky

Children Stream on Twitch—Where Potential Predators Find Them

WIRED Threat Level

A WIRED investigation found dozens of channels belong to children apparently under 13, and anonymous chat participants sending inappropriate messages their way. Security Security / Security News

Billions of Devices Impacted by Secure Boot Bypass

Threatpost

The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.

ShinyHunters leaked over 386 million user records from 18 companies

Security Affairs

ShinyHunters, a trusted threat actor, is offering on a hacker forum the databases stolen from eighteen companies, over 386 million user records available online. The known threat actor ShinyHunters has begun leaking for free the databases of multiple companies on a hacker forum.

Dark Web Travel Fraudsters Left Hurting From Lockdowns

Dark Reading

Shadow travel businesses that depend on loyalty program fraud have been impacted just like the legitimate travel orgs they prey on

78

The Hacker Battle for Home Routers

Data Breach Today

Trend Micro Says Botnet Families Fight for Control of Vulnerable Routers Trend Micro says it has seen increasing attempts to infect home routers for use as proxies and for DDoS attacks.

IT 217

Rite Aid Used Facial Recognition in Stores for Nearly a Decade

WIRED Threat Level

A SubStack email mess, a Nintendo leak, and more of the week's top security news. Security Security / Security News

Images in Eye Reflections

Schneier on Security

In Japan, a cyberstalker located his victim by enhancing the reflections in her eye , and using that information to establish a location. Reminds me of the image enhancement scene in Blade Runner. That was science fiction, but now image resolution is so good that we have to worry about it

IT 80

FBI warns US companies on the use of Chinese Tax Software

Security Affairs

The FBI has issued an alert to warn US organizations of the risk associated with the use of Chinese tax software that could be infected with malware.

Twitter: Employees Compromised in Phone Spear-Phishing Attack

Dark Reading

The attack earlier this month started with a spear-phishing attack targeting Twitter employees, the company says in a new update