News

bitdefender.com

$20,000 up for grabs in Xbox Live security hole hunt

Microsoft is inviting gamers, security researchers, and technologists to pit their wits against the Xbox network in the search for security vulnerabilities.

Read more in my article on the Hot for Security blog.

€13 million Maltese bank cyber-heist – six men arrested in UK

The UK’s National Crime Agency (NCA) have arrested a total of six men as part of an investigation into the hack of a Maltese bank in February 2019.

Sonos goofs again – this time revealing customers’ email addresses in Cc: blunder

Sonos’s customer support team tried to make grumpy customers happier by telling them their emails would take a little longer than normal to answer.

But boy oh boy, they only made things worse.

97% of airports showing signs of weak cybersecurity

New research has shone on a light on what appears to be a shocking lack of security at the world’s airports.

Boffins at ImmuniWeb took a look at 100 of the world’s largest airports, and only found three that passed with flying colours for their web and app security.

The autofill email goof that exposed vulnerable students and cost the University of East Anglia £140,000

“Please delete the email we just sent you without opening or reading…”

Yeah, like that’s going to work…

bitdefender.com

ProtonMail and StartMail blocked as Russia hunts for bomb threat spammers

ProtonMail is the second encrypted email provider in the last week to find itself blocked from its Russian users, after authorities in the country said threats had been spammed out claiming that bombs had been planted in public places.

Read more in my article on the Hot for Security blog.

tripwire.com

The NHS has only suffered six ransomware attacks since the WannaCry worm, investigation reveals

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since.

Read more in my article on the Tripwire State of Security blog.

Smashing Security #163: Russian heists and Ring wrongs

Should possessing malware be illegal in itself? How did a Russian cryptocurrency exchange millionaire lose his fortune? And what on earth are Amazon Ring doorbell cams up to now?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte, and Adrian Sanabria from Thinkst Canary.

bitdefender.com

Teleworking threats in the security spotlight in the run-up to the Tokyo Olympics

The Japanese government hopes to to avert the travel chaos during the Olympics by getting more than 600,000 staff to work from home for at least two weeks from July 24 2020.

But what about the security of those teleworkers?

Read more in my article on the Bitdefender Business Insights blog.

Win $1.5 million hacking an Android phone

If you can crack the security of the Titan M chip found on the Google Pixel 3, Pixel 3a, and Pixel 4 smartphones, you could be in for a big reward…

1 in 10 Macs hit by crude malware that poses as Flash Player update, reports Kaspersky

If the criminals are continuing to make money by infecting Apple Mac computers in this fashion, whatever makes you think that they’ll come up with a more original social engineering trick?

Windows 7 definitely won’t ever receive any more bug fixes (errm… apart from this one for its wallpaper)

We definitely definitely absolutely won’t ever ever be releasing any more updates for Windows 7, said Microsoft earlier this month.

Now there’s an update on its way to fix a cosmetic bug in how Windows 7 displays users’ desktop wallpaper…

16 NFL teams have their social media accounts hijacked by OurMine hacking gang

Yesterday the social media accounts of at least 16 NFL teams were hijacked by a hacking gang with a history of mischievous attacks.

A Magecart hacking gang may have been caught by police for the first ever time

Police in Indonesia, working alongside Interpol, have arrested three men suspected of being part of a gang engaged in Magecart attacks that skimmed payment card information from online shoppers.

Microsoft’s Internet Explorer zero-day workaround is breaking printing

Microsoft’s workaround for an unpatched vulnerability that is being exploited in targeted attacks by hackers appears to be causing printer errors.

Trend Micro anti-virus zero-day exploited in attack on Mitsubishi Electric

There is some egg on the face of Trend Micro after it is revealed their anti-virus software was exploited to steal data from Mitsubishi Electric, but they aren’t the real villains of the story.