Fri.Jul 31, 2020

Medical Device Security Alerts: The Latest Updates

Data Breach Today

More Devices Affected by 'Ripple20' Vulnerabilities Federal regulators have issued another round of security alerts about vulnerabilities in medical device products from several manufacturers, including an update on those affected by so-called "Ripple-20" flaws earlier identified in the Treck TCP/IP stack.

Three Charged in July 15 Twitter Compromise

Krebs on Security

Three individuals have been charged for their alleged roles in the July 15 hack on Twitter , an incident that resulted in Twitter profiles for some of the world’s most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

3 Charged in Twitter Hack

Data Breach Today

Florida Teen, 2 Others Charged in Connection With Compromising 130 Accounts A Florida teenager was arrested and two others were charged in connection with hacking 130 high-profile Twitter accounts to pull off a cryptocurrency scam, prosecutors say

223
223

How the Alleged Twitter Hackers Got Caught

WIRED Threat Level

Bitcoin payments and IP addresses led investigators to two of the alleged perpetrators in just over two weeks. Security Security / Cyberattacks and Hacks

Twitter Hackers Targeted Employees With Phone Phishing

Data Breach Today

Social Media Firm Says Fraudsters Executed Their Cryptocurrency Scam Within a Day The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says

'Hidden Property Abusing' Allows Attacks on Node.js Applications

Dark Reading

A team of researchers from Georgia Tech find a new attack technique that targets properties in Node.js and plan to publicly release a tool that has already identified 13 new vulnerabilities

90

More Trending

3 Arrested for Massive Twitter Breach

Dark Reading

Three individuals aged 17, 19, and 22 have been charged for their alleged roles in the massive July 15 Twitter attack

79

Blackbaud's Bizarre Ransomware Attack Notification

Data Breach Today

Software Vendor 'Normalizes Hacking,' Fails to Account for Notification Delay How many different shades of bizarre is the data breach notification issued by software vendor Blackbaud?

Updates provided by Red Hat for BootHole cause systems to hang

Security Affairs

Red Hat is warning customers to not install the package updates released to address the BootHole vulnerability due to possible problems reported by the users.

FBI: COVID-19-Themed Phishing Spreads Netwalker Ransomware

Data Breach Today

Attacks Target Government Agencies and a Variety of Others The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere.

EU has imposed sanctions on foreign actors for the first time ever

Security Affairs

For the first-ever time, the EU has imposed economical sanctions on Russia, China, and North Korea following cyber-attacks aimed at the EU and its member states.

Analysis: The Hacking of Mobile Banking App Dave

Data Breach Today

The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities

GDPR 150

Twitter: Employees Compromised in Phone Spear-Phishing Attack

Dark Reading

The attack earlier this month started with a spear-phishing attack targeting Twitter employees, the company says in a new update

Cisco fixes critical and high-severity flaws in Data Center Network Manager

Security Affairs

Cisco addressed critical and high-severity vulnerabilities affecting its Data Center Network Manager (DCNM) network management platform. Cisco addressed this week some critical and high-severity vulnerabilities impacting its Data Center Network Manager (DCNM) network management platform.

3 Ways Social Distancing Can Strengthen your Network

Dark Reading

Security teams can learn a lot from the current pandemic to make modern hybrid business networks stronger and more resilient. Here's how

IndieFlix streaming service leaves thousands of confidential agreements, filmmaker SSNs, videos exposed on public server

Security Affairs

The CyberNews research team discovered an unsecured data bucket on a publicly accessible Amazon Simple Storage (S3) server containing confidential data belonging to IndieFlix. Original post at: [link].

New Initiative Links Cybersecurity Pros to Election Officials

Dark Reading

A University of Chicago Harris School of Public Policy initiative will build a database of cybersecurity volunteers

Data and Goliath Book Placement

Schneier on Security

Notice the copy of Data and Goliath just behind the head of Maine Senator Angus King. This demonstrates the importance of a vibrant color and a large font. books dataandgoliath schneiernews

62

CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report

Threatpost

The corporate-travel leader has confirmed an attack that knocked systems offline. Breach Malware $4.5 million carson wagonlit corporate travel Customer Data cwt cyberattack data breach data exfiltration Extortion official statement ragnar locker ransom ransomware travel agency

Twitter Hacker Arrested

Schneier on Security

A 17-year-old Florida boy was arrested and charged with last week's Twitter hack. News articles. Boing Boing post. Florida state attorney press release. This is a developing story. Post any additional news in the comments. cybersecurity hacking scams socialmedia twitter

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

Threatpost

The flaws have been confirmed by Grandstream, but no firmware update has yet been issued. Vulnerabilities Web Security analog telephone adapter ata CVE-2020-5760 CVE-2020-5761 CVE-2020-5762 CVE-2020-5763 firmware update grandstream ht800 series Security Vulnerabilities unpatched VoIP

Department of Commerce Publishes FAQs Regarding Impact of Schrems II Decision

Hunton Privacy

The U.S. Department of Commerce has issued two new sets of FAQs in light of the Court of Justice of the European Union’s (“CJEU’s”) recent decision to invalidate the EU-U.S. Privacy Shield in Schrems II.

Partnering to deliver accessible content

OpenText Information Management

Reviewing a bank statement, checking an electricity bill, or even reading a restaurant menu — simple, everyday actions that most people take for granted may be impossible for those with a visual impairment.

Twitter: Epic Account Hack Caused by Mobile Spearphishing

Threatpost

Hackers "mislead certain employees" to gain access to internal tools to take over high-profile accounts and push out a Bitcoin scam.

Gephardt: Protecting yourself from cybersecurity risks while working from home via KSL.com

IG Guru

Check out the link to the article here. The post Gephardt: Protecting yourself from cybersecurity risks while working from home via KSL.com appeared first on IG GURU. Business Cyber Security information privacy information security Risk News Security WOH Working from Home

Risk 56

Authorities Arrest Alleged 17-Year-Old ‘Mastermind’ Behind Twitter Hack

Threatpost

Three have been charged in alleged connection with the recent high-profile Twitter hack - including a 17-year-old teen from Florida who is the reported "mastermind" behind the attack. Government Hacks Vulnerabilities arrest attack Cybersecurity hacker mobile spearphishing twitter Twitter Hack

The Guide to Backup Tape Rotation and Vaulting Schemes

Record Nations

Among all the various methods and formats, tape backups stand alone as one of the most cost-efficient and long-lasting options for backing up data.

IT 52

Anti-NATO Disinformation Campaign Leveraged CMS Compromises

Threatpost

Researchers uncovered a disinformation campaign aiming to discredit NATO via fake news content on compromised news websites. Uncategorized Web Security COVID-19 disinformation influence campaign NATO

CMS 80

Who Is Infosource? An Interview With Johann Hoepfner About Printing, Capture, and More

Document Imaging Report

To help everyone get to know Infosource a little better (me included!), I had a conversation with Johann Hoepfner, Managing Director, about the combination of Infosource, DIR, and Harvey Spencer Associates ; the industry; and a few other items snuck in too.

Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More

Threatpost

Threatpost editors break down the top themes, speakers and sessions to look out for this year at Black Hat 2020 - from election security to remote work and the pandemic.

FinCEN Alerts Financial Institutions on COVID-19 Related Scams

Rippleshot

The Financial Crimes Enforcement Network (FinCEN) issued another COVID-19 related alert for financial institutions about cyber-enabled crime and payment fraud schemes that continue to rise during the pandemic.

Leading With Our Values: How TRUcentrix is Helping Our Community

Rocket Software

In March 2020, the entire world was altered. No matter who or where you were, the COVID-19 pandemic marked a collective change—one we may never recover from. At Rocket Software, we pivoted internally as quickly as we could.

Data Poisoning: a Ticking Time Bomb

Information Matters

Data Poisoning as an Attack Vector As artificial intelligence (AI) and its associated activities of machine learning (ML) and deep learning (DL) become embedded in the economic and social fabric of developed economies, maintaining the security of these systems and the data they use is paramount.

Weekly Update 202

Troy Hunt

Unfortunately, our run of good luck here down in Aus has taken a bit of a turn COVID wise. Not so much in my home state, but the southern states have been copping it so this week, I pulled the pin on snowboarding.