News

tripwire.com

The NHS has only suffered six ransomware attacks since the WannaCry worm, investigation reveals

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since.

Read more in my article on the Tripwire State of Security blog.

Smashing Security #163: Russian heists and Ring wrongs

Should possessing malware be illegal in itself? How did a Russian cryptocurrency exchange millionaire lose his fortune? And what on earth are Amazon Ring doorbell cams up to now?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Lisa Forte, and Adrian Sanabria from Thinkst Canary.

bitdefender.com

Teleworking threats in the security spotlight in the run-up to the Tokyo Olympics

The Japanese government hopes to to avert the travel chaos during the Olympics by getting more than 600,000 staff to work from home for at least two weeks from July 24 2020.

But what about the security of those teleworkers?

Read more in my article on the Bitdefender Business Insights blog.

Win $1.5 million hacking an Android phone

If you can crack the security of the Titan M chip found on the Google Pixel 3, Pixel 3a, and Pixel 4 smartphones, you could be in for a big reward…

1 in 10 Macs hit by crude malware that poses as Flash Player update, reports Kaspersky

If the criminals are continuing to make money by infecting Apple Mac computers in this fashion, whatever makes you think that they’ll come up with a more original social engineering trick?

Windows 7 definitely won’t ever receive any more bug fixes (errm… apart from this one for its wallpaper)

We definitely definitely absolutely won’t ever ever be releasing any more updates for Windows 7, said Microsoft earlier this month.

Now there’s an update on its way to fix a cosmetic bug in how Windows 7 displays users’ desktop wallpaper…

16 NFL teams have their social media accounts hijacked by OurMine hacking gang

Yesterday the social media accounts of at least 16 NFL teams were hijacked by a hacking gang with a history of mischievous attacks.

A Magecart hacking gang may have been caught by police for the first ever time

Police in Indonesia, working alongside Interpol, have arrested three men suspected of being part of a gang engaged in Magecart attacks that skimmed payment card information from online shoppers.

Microsoft’s Internet Explorer zero-day workaround is breaking printing

Microsoft’s workaround for an unpatched vulnerability that is being exploited in targeted attacks by hackers appears to be causing printer errors.

Trend Micro anti-virus zero-day exploited in attack on Mitsubishi Electric

There is some egg on the face of Trend Micro after it is revealed their anti-virus software was exploited to steal data from Mitsubishi Electric, but they aren’t the real villains of the story.

Webex flaw allowed anyone to join private online meetings – no password required

Cisco, the makers of Webex, had warned users of the online conferencing service that a vulnerability allowed unauthorised remote users to listen in on private online meetings – without having to enter a password.

We’re dung for! Hackers hit firms with ransomware by exploiting Shitrix flaw

The REvil (also known as Sodinokibi) ransomware is being planted on corporate networks by hackers exploiting the Shitrix flaw in Citrix servers.

Want your photo removed from our facial recognition database? Just send us your photo and government-issued ID…

Controversial firm Clearview AI which stole your photographs from social media sites to feed their facial recognition database expects you to send them your photos and a scan of your ID if you want to have your data removed.

Uhh, yeah. Right.

Sonos backtracks (a little) over its software updates fustercluck

The maker of wireless home sound systems got itself into hot water after it announced that if you had a mixture of new and old Sonos hardware in your home then *none* of it would be receiving software updates after May.

Whoops! LastPass accidentally deleted its browser extension from the Chrome store. But it’s back now

Someone at LastPass must be feeling 5!ck as a p4rr0t right now, after human error meant that its browser extension was accidentally deleted from the Chrome web store.

Although an embarrassing goof, it’s something of a storm in a teacup security-wise.

tripwire.com

Ransomware: The average ransom payment has doubled in just three months

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better.

Read more in my article on the Tripwire State of Security blog.