The past week brought a heaping helping of not so comforting cybersecurity news, starting with President Donald Trump's apparent plans to pull out of the Cold War-era Open Skies treaty! An iTunes Bug Let Hackers Spread Ransomware | WIRED www.wired.com /story/ itunes ...hack ...news Researchers from Morphisec Labs spotted a ransomware hackers using a zero day bug in iTunes for Windows to attack an automotive industry target. The flaw specifically relates to the Apple Software ...!! We explained why that would be as bad an idea as it sounds . But that's just for starters.
Also not doing enough: Twitter, which this week acknowledged that it had fed user phone numbers provided for two-factor authentication into its ad-targeting engine . This is bad-- But maybe not unexpected, given how little the big tech platforms care about your privacy and security, especially compared to their profits! An iTunes Bug Let Hackers Spread Ransomware – DigitalMunition www.digitalmunition.me/ ...2 An iTunes Bug Let Hackers Spread Ransomware The past week brought a heaping helping of not so comforting cybersecurity news, starting with President Donald Trump's apparent plans to pull out of the Cold War-era Open Skies treaty. We …!! A less cut-and-dried controversy is swirling around the nascent idea of encrypting Domain Name System lookups , which both Google Chrome and Mozilla's Firefox support! An iTunes Bug Let Hackers Spread Ransomware | Elexonic elexonic.com/2019/10/13/ ...-ransomware An iTunes Bug Let Hackers Spread Ransomware by elexonic October 13, 2019 written by elexonic October 13, 2019 The past week brought a heaping helping of not so comforting cybersecurity news, starting with President Donald Trump's apparent plans to pull out of the Cold War-era Open Skies treaty.!! Some security professionals argue that it makes it harder to defend networks against certain attacks, while offering minimal benefit.
Other things to check out:
A Bug in Popular Android Phones Gives Hackers Full Control | WIRED
The theme of this week is by now a familiar one: "Things keep getting worse." Starting with the security of countless so-called real-time operating systems that all share some variation on the same decades-old code . That makes them all vulnerable to the set of Urgent/11 vulnerabilities we reported on just the other week. And as is so often the case with these sort of devices and ancient code, there's really no good way to fix them. And that was just the start of the week.
As a bookend, the US attorney general William Barr sent a sternly worded letter to Facebook on Friday, encouraging the company not to go forward with its plans for cross-platform end-to-end encryption, in the process reigniting the decades-old encryption debate . But while Barr had his counterparts from the UK and Australia backing up his push, it's unclear what if any actual authority he would have to weaken encryption without laws on the books forcing it. (Also, it would be a truly terrible idea.)
Microsoft Says Iran-Linked Hackers Targeted U.S. Presidential Campaign : NPR
Microsoft said it has seen "significant cyber activity" by a hacker group with suspected ties to Iran. Drew Angerer/Getty Images hide caption
Microsoft says a hacker group with ties to Iran has targeted a U.S. presidential campaign, in the latest sign that foreign governments may try to influence the 2020 election.
They compromised four accounts, but none were associated with the political campaign or government officials, Microsoft said.
"While the attacks we're disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks," Burt wrote in the blog post. "This effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering."
State tech workers train to foil hackers | WRAL TechWire
State and local technology experts met in Raleigh on Friday to talk about how government agencies can keep data safe.
Cyberattacks against state and local governments are on the rise, with agencies often seen as an easier target than businesses:
“If you think about all the services that a government entity provides to its citizens, the impact is immeasurable,” said Maria Thompson, chief risk officer in the state Department of Information Technology.
* * *
In an average month, Thompson said, state computer systems are hit with 12 million malicious events. Organized crime rings around the world are making money by stealing personal information off computers, she said.
“They've monetized this,” she said. “They're always on, trying to penetrate our environments, trying to get access to our data.”
Many things are taking place:
EU warns of 5G cybersecurity risks, potential attacks from 'state-backed' hackers | Fox
The European Union is fearful that 5G networks could cause "security challenges" if they're exposed to state-backed companies.
In a statement , the E.U. said that “security challenges” are likely to be more “prominent” on 5G networks, but did not single out any companies from China, including Huawei.
“Among the various potential actors, non-EU States or State-backed are considered as the most serious ones and the most likely to target 5G networks,” the E.U. said in the release.
* * *
Earlier this year, Secretary of State Mike Pompeo testified before a Senate Appropriations subcommittee and warned about the "risk of having network systems co-located with Huawei systems." And in April, former House Intelligence Committee Chair Mike Rogers spoke at a discussion hosted by the Heritage Foundation and described Huawei as “a functioning subservient enterprise to Chinese intelligence and defense services.”
Ransomware: Prepare for hackers launching even more destructive malware attacks | ZDNet
The threat from ransomware continues to grow and it's possible that the file-encrypting malware attacks could become far more destructive as cyber criminals evolve and change their tactics.
However, cyber criminals are becoming more efficient , picking and choosing their targets with the aim of causing the highest amount of damage possible to organisations in order to demand much higher ransomware! An iTunes Bug Let Hackers Spread Ransomware - NB News ...-ransomware An iTunes Bug Let Hackers Spread Ransomware - NB News The previous week introduced a heaping serving to of not so comforting cybersecurity information, beginning with President Donald Trump's obvious plans to drag out of the Chilly Conflict-era Open Skies treaty. We defined why that might be as unhealthy an thought because it sounds.!! To emphasise this – although without providing specific examples - the report details how in some cases, the ransom demanded is in excess of one million Euros.
But while ransomware in its current state is predominantly a means of making money for cyber criminals, the Europol report warns there's a risk of cyber criminals deploying ransomware attacks as a means of pure sabotage, something private companies are growing fearful of.
No comments:
Post a Comment