China could soon have stronger privacy laws than the U.S.
www.protocol.com/china/china-privacy-laws-surpass-usa In late April, China unveiled the second draft of the country’s privacy law, the Personal Information Protection Law, for public comment. The law is expected to pass by the end of the year, and would shield Chinese internet users from excessive data collection and misuse of personal data by tech companies and even, to some extent, by the government.
Amazon’s Sidewalk Network Is Turned On by Default. Here’s How to Turn It Off
www.inc.com/jason-aten/amazons-sidewalk-network-is-turned-on-by-default-heres-how-to-turn-it-off.html First, let’s talk about Sidewalk. The idea behind is actually really smart–make it possible for smart home devices to serve as a sort of bridge between your WiFi connection and one another. That way, if your Ring doorbell, for example, isn’t located close to your WiFi router, but it happens to near an Echo Dot, it can use Sidewalk to stay connected.
Mobile app developers misconfiguration of third party services leave personal data of over 100 million exposed
research.checkpoint.com/2021/mobile-app-developers-misconfiguration-of-third-party-services-leave-personal-data-of-over-100-million-exposed/ Real-time database allows application developers to store data on the cloud, making sure it is synched in real-time to every connected client. This service solves one of the most encountered problems in application development, while making sure that the database is supported for all client platforms. But what happens if the developer behind the app does not configure their real-time database with . one of the most basic features authentication?
The Full Story of the Stunning RSA Hack Can Finally Be Told
www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told/ In 2011, Chinese spies stole the crown jewels of cybersecuritystripping protections from firms and government agencies worldwide. Heres how it happened.
Hetzner cloud server provider bans cryptocurrency mining
www.bleepingcomputer.com/news/cryptocurrency/hetzner-cloud-server-provider-bans-cryptocurrency-mining/ “With storage boxes this leads to problems with the bandwidth on the host systems. With chia mining there is also the problem that the hard drives are extremely stressed by the many read and write processes and will therefore break.”
Android Issues Patches for 4 New Zero-Day Bugs Exploited in the Wild
thehackernews.com/2021/05/android-issues-patches-for-4-new-zero.html Google on Wednesday updated its May 2021 Android Security Bulletin to disclose that four of the security vulnerabilities that were patched earlier this month by Arm and Qualcomm may have been exploited in the wild as zero-days.
Russian hacker sentenced to 5 years for $1.5 million tax fraud
therecord.media/russian-hacker-sentenced-to-5-years-for-1-5-million-tax-fraud/ Anton Bogdanov, a 35-year-old who is also known online as Kusok, participated in a scheme in which he stole personal information and used it to file fraudulent tax returns on behalf of Americans between June 2014 and November 2016. Bogdanov and his co-conspirators exploited a vulnerability in a remote access program used by the tax preparation firms to allow employees to log in to systems . from home and while traveling, according to an indictment.
Craig Federighi says the Mac has an unacceptable malware problem
9to5mac.com/2021/05/19/craig-federighi-mac-malware-problem/ As detailed earlier this afternoon, Craig Federighi is currently testifying during the Apple vs. Epic lawsuit. While facing questioning from Apples lawyers, Federighi made some interesting comments about security, particularly noting that the Mac currently has a level of malware that Apple does not find acceptable.
Apple macOS SMB server signature verification information disclosure vulnerability
talosintelligence.com/vulnerability_reports/TALOS-2021-1237 [Analysis of a patched vuln] An information disclosure vulnerability exists in the SMB Server Apple macOS 11.1. A specially crafted SMB packet can trigger an integer overflow, leading to information disclosure, cryptographic check bypass and denial of service. This vulnerability can be triggered by sending a malicious packet to the vulnerable server.
Qlocker ransomware shuts down after extorting hundreds of QNAP users
www.bleepingcomputer.com/news/security/qlocker-ransomware-shuts-down-after-extorting-hundreds-of-qnap-users/ The Qlocker ransomware gang has shut down their operation after earning $350,000 in a month by exploiting vulnerabilities in QNAP NAS devices.
Look how many cybercriminals love Cobalt Strike
www.intel471.com/blog/cobalt-strike-cybercriminals-trickbot-qbot-hancitor Despite the obfuscation techniques, Intel 471 has collected a wealth of information on how the cybercrime underground has refashioned this security tool to its advantage. The following takes a deeper look at which threat actor groups and malware families are dropping Cobalt Strike for post-exploitation.
Tracking BokBot Infrastructure
team-cymru.com/blog/2021/05/19/tracking-bokbot-infrastructure/ In the past BokBot was itself primarily distributed via the Emotet botnet. Since the takedown of Emotet earlier this year we have been tracking BokBot to see how the actors might react to and seek to exploit the situation for personal gain.
DHS announces program to mitigate vulnerabilities below the operating system
www.scmagazine.com/home/security-news/vulnerabilities/dhs-announces-program-to-mitigate-vulnerabilities-below-the-operating-system/ Officials from the Cybersecurity and Infrastructure Security Agency announced a new initiative to fight firmware vulnerabilities at the RSA Conference Wednesday afternoon.. In cybersecurity, we spend the majority of our time observing, analyzing, and responding to vulnerabilities in operating systems, and at the application layer, said Rohner. And yet, there are categories of vulnerabilities lurking beneath the proverbial surface that we arent dealing with through our vulnerability research efforts and our incident response activities.
go.recordedfuture.com/hubfs/cta-2021-0520.pdf The sharing of information, tools, and manuals by threat actors on dark web forums allows fraudsters to learn tips and tricks from one another and to continue to refine their techniques to successfully engage with victims. This also lowers the barrier of entry so that even novice threat actors can successfully participate in dating fraud.
TV remote turned into a listening device
www.kaspersky.com/blog/rsa2021-tv-remote-listening-device/40022/ Having studied the remotes firmware (with a copy conveniently stored on the set-top boxs hard drive), the researchers were able to determine the alterations that would enable the firmware to command the remote control to turn on the microphone and transmit sound over the radio channel.
SimuLand: Understand adversary tradecraft and improve detection strategies
www.microsoft.com/security/blog/2021/05/20/simuland-understand-adversary-tradecraft-and-improve-detection-strategies/ SimuLand is an open-source initiative by Microsoft to help security researchers around the world deploy lab environments that reproduce well-known techniques used in real attack scenarios, actively test and verify the effectiveness of related Microsoft 365 Defender, Azure Defender, and Azure Sentinel detections, and extend threat research using telemetry and forensic artifacts generated after each . simulation exercise.
www.bleepingcomputer.com/news/security/spammers-flood-pypi-with-pirated-movie-links-and-bogus-packages/ PyPI is being flooded with spam packages named after popular movies in a style commonly associated with torrent or “warez” sites that provide pirated downloads: watch-(movie-name)-2021-full-online-movie-free-hd-…. In recent months, the attacks on open-source ecosystems like npm, RubyGems, and PyPI have escalated.
Conti ransomware gives HSE Ireland free decryptor, still selling data
www.bleepingcomputer.com/news/security/conti-ransomware-gives-hse-ireland-free-decryptor-still-selling-data/ Today, the ransomware gang posted a link to a free decryptor in their negotiation chat page for the HSE that can be used use to recover encrypted files for free.. However, the threat actors warn that they will still be selling or publishing the stolen private data if a ransom of $19,999,000 is not paid.
Hello, Is It Me Youre Phishing For: Amazon Vishing Attacks
www.armorblox.com/blog/amazon-vishing-voice-phishing-attacks/ In todays Blox Tale, we will look at two Amazon vishing attacks that attempted to steal victims credit card details by sending fake order receipts and including phone numbers to call for processing order returns.
A doctor reveals the human cost of the HSE ransomware attack
blog.malwarebytes.com/ransomware/2021/05/a-doctor-reveals-the-human-cost-of-the-hse-ransomware-attack/ Daniel (not his real name) sat with Malwarebytes Labs on condition of anonymity, to explain how this cyberattack is continuing to affect the lives of vulnerable patients, and the people trying to treat them.