Welcome to the Kaspersky Transatlantic Cable podcast. To kick off the 119th edition of the podcast, Dave and I take a look at a reported bug in Facebook’s iOS app. The question is, is it overhyped or something that should concern you?
Cybercriminals attempted to install Cyborg ransomware on target machines by deceiving victims with a fraudulent Windows update.
Anthony Webb, EMEA Vice President at A10 Networks
It is often written that 5G will usher in the Fourth Industrial Revolution and change the economy. The speeds and capacity that 5G network promises to bring has the potential to be an indispensable technology. Verizon estimated that by 2035, 5G “will enable £10.5 trillion of global economic output and support 22 million jobs worldwide.
Post on Reddit:https://www.reddit.com/r/Monero/comments/dyfozs/security_warning_cli_binaries_available_on/Warning Monero users: If you downloaded Monero in the past 24 hours you may have installed malware. Monero’s official website served compromised binaries for at least 30 minutes during the past 24 hours. Investigations are ongoing. https://t.co/geqA4dIPar
— dark.fail (@DarkDotFail) November 19, 2019
Hancitor (also known as Chanitor or Tordal) is malware spread through malicious spam (malspam). Hancitor infections most often include Pony and Evil Pony as follow-up malware. Hancitor also pushed Zeus Panda Banker as additional follow-up malware until November 2018, when it switched from Zeus Panda Banker to Ursnif. Follow-up malware usually remained Pony, Evil Pony, and/or Ursnif until July 2019, when we started seeing Cobalt Strike as additional follow-up malware.
The bill, called the National Security and Personal Data Protection Act, would subject a litany of companies with ties to countries of “national security concern,” including Russia and China, to a new privacy regime. Sens. Tom Cotton (R-Ark.) and Marco Rubio (R-Fla.) also signed onto the bill on Monday. Hawley’s bill would apply to tech companies that are subject to Chinese or Russian law, or are under the jurisdiction of those countries in a way that would allow those governments to access user data without “respect for civil liberties and privacy,” according to the bill. Those companies would not be allowed to collect private data beyond what is required to run their services or transfer data on U.S. users to countries of concern. They would also be required to store information on U.S. users in the United States itself, and would have to submit a yearly report proving their compliance with the law once a year to the Federal Trade Commission, the U.S. attorney general, and all state attorneys general.
Many say they used unique userIDs and passwords to access the streaming platform. But Jason Hill, a lead researcher with CyberInt, says it looks like many were stolen because people use the same passwords for different sites. Mr Hill said that hackers can lift someone’s password from a different site which has previously been hacked and then try it on a new site, like Disney+. If it works, they steal the account. The streaming service does not have two-factor authentication. Others are concerned because they can use their Disney+ login to access other products the company provides, like the Disney store and its recreation parks.
As you build on AWS, you create AWS Identity and Access Management (IAM) roles to enable teams and applications to use AWS services. As those teams and applications evolve, you might only rely on a sub-set of your original roles to meet your needs. This can leave unused roles in your AWS account. To help you identify these unused roles, IAM now reports the last-used timestamp that represents when a role was last used to make an AWS request. You or your security team can use this information to identify, analyze, and then confidently remove unused roles. This helps you improve the security posture of your AWS environments. Additionally, by removing unused roles, you can simplify your monitoring and auditing efforts by focusing only on roles that are in use. You can review when a role was last used to access your AWS environment in the IAM console, using the AWS Command Line Interface (AWS CLI), or AWS SDK.
When disability rights lawyer Haben Girma, who is blind and deaf, booked an apartment in London via Airbnb last month, she says the host cancelled her reservation after she disclosed that her guide dog would be joining her.
Crazed Indiana officer Daryl Jones was fired after bullying two black men for “acting suspicious” after they bought a bunch of goods from Nordstrom Rack.
The unhinged officer came up to the men, who were sitting in their car in front of the department store, and asked for their ID. When the Nordstrom customers repeatedly asked why, the officer’s only response was that they were acting suspicious. When they asked for the officer’s name, he wouldn’t give it to them. When they questioned his behavior, he said, “I got my rights to do anything I want to do, I’m a police officer.”
Since it first launched over 10 years ago, the Amazon EC2 Instance Metadata Service (IMDS) has helped customers build secure and scalable applications. The IMDS solved a big security headache for cloud users by providing access to temporary, frequently rotated credentials, removing the need to hardcode or distribute sensitive credentials to instances manually or programatically. Attached locally to every EC2 instance, the IMDS runs on a special “link local” IP address of 169.254.169.254 that means only software running on the instance can access it. For applications with access to IMDS, it makes available metadata about the instance, its network, and its storage. The IMDS also makes the AWS credentials available for any IAM role that is attached to the instance.
Tuesday, a group of cybersecurity companies, domestic violence charities, and digital activists formally announced a coalition to try and stop the spread of so-called stalkerware, as well as a website to help stalkerware victims. Stalkerware are apps or malware that can, among other things, steal messages, log movements, and remotely turn on a phone’s camera without the owner’s knowledge or consent. Often abusive partners use stalkerware to monitor their spouse.
For any organization, the primary objective of a “crisis” is to get through the event with as little long-term impact as possible. This means all the elements of your company that were thriving beforehand should still be thriving afterwards. From this perspective, it’s not enough to get a system back up and running after a data breach, if you’ve damaged other parts of the business in the process – for example, your customers lose trust in you and take their business elsewhere.
Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge.
Alex Gold is co-founder of Myia, an intelligent health platform employing novel biometric data to predict and prevent costly medical events. Previously, Alex was Venture Partner at BCG Digital Ventures and a co-founder of Traction, a marketplace of digital marketing experts. More posts by this contributor
Over the past decade, software developers and growth marketers have automated most qualitative user feedback and testing. And yet, what about testing with communities like patients or senior citizens who may be more challenging to reach?
The National Security Agency (NSA) has released a Cyber Advisory that addresses managing risk from Transport Layer Security Inspection (TLSI). This short, informative document defines TLSI (a security process that allows incoming traffic to be decrypted, inspected, and re-encrypted), explains some risks and associated challenges, and discusses mitigations.
The weakness, which is tracked as CVE-2019-2234, also allowed would-be attackers to track the physical location of the device, assuming GPS data was embedded into images or videos. Google closed the eavesdropping hole in its Pixel line of devices with a camera update that became available in July. Checkmarx said Samsung has also fixed the vulnerability, although it wasn’t clear when that happened. Checkmarx said Google has indicated that Android phones from other manufacturers may also be vulnerable. The specific makers and models haven’t been disclosed.
National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA says it expects to have all facilities fully back up and running normally within the next week.