Cyber Security News for 13Apr2020

Anchor on ocean bottom underwater. 3D rendering
  1. “VENTURE ONLINE NOWADAYS, and your presence is immediately logged and tracked in all manner of ways. Sometimes this can be helpful—like when you want to see new movies similar to ones you’ve watched in the past—but very often it feels invasive and difficult to control. Here we’re going to show you how to cover some of those tracks, or not to leave any in the first place. This isn’t quite the same as going completely invisible online, or encrypting every single thing you do. But it should help you sweep up most records of your online activity that you’d rather disappear.” https://www.wired.com/story/how-to-cover-your-tracks-browsing-web-online/
  2. “Will We Accept Being Monitored Via Our Smartphones As A Way Out Of The Pandemic, And Will We Have Any Say In The Matter?” https://www.forbes.com/sites/enriquedans/2020/04/12/will-we-accept-being-monitored-via-our-smartphones-as-a-way-out-of-the-pandemic-and-will-we-have-any-say-in-thematter/#2cafb5783379
  3. “A malware distributor has decided to play a nasty prank by locking victim’s computers before they can start Windows and then blaming the infection on two well-known and respected security researchers. Over the past 24 hours, after downloading and installing software from what appears to be free software and crack sites, people suddenly find that they are locked out of their computer before Windows starts.” https://www.bleepingcomputer.com/news/security/new-wiper-malware-impersonates-security-researchers-as-prank/
  4. “Global pump maker DESMI said on Friday it was hit by cyber attack and it was restoring its IT systems after the security incident. The attack took place on the night to Thursday, during Coronavirus pandemic employees at the company are working from home. All the systems at the company have been shut down following the cyber attack.”  https://securityaffairs.co/wordpress/101495/hacking/desmi-discloses-cyber-attack.html
  5. “A malware distributor has decided to play a nasty prank by locking victim’s computers before they can start Windows and then blaming the infection on two well-known and respected security researchers.” https://www.blackhatethicalhacking.com/news/new-wiper-malware-impersonates-security-researchers-as-prank/
  6. “An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police. The operation was conducted with the support of Europol, Interpol, and the FBI along with web hosting providers and domain registrars.” https://securityaffairs.co/wordpress/101502/cyber-crime/ddos-for-hire-shutdown.html
  7. “The code looked sound, as it was clearly written by highly competent engineers. But after waiting over a week for technical documentation they requested from the startup, the Trail of Bits team had nothing to work off beyond a single page that amounted to a security policy.” https://www.cyberscoop.com/online-voting-election-security-voatz-app-risky-business/
  8. “Attackers tried obtaining large tax refunds by posing as clients of Weber and Company, the California-based accounting firm revealed last week. The scammers apparently accessed clients’ personal data — including, perhaps, Social Security numbers and bank account information — and used that to file fraudulent returns” https://www.cyberscoop.com/tax-scam-weber-and-company-hackers-irs/
  9. “Cloudflare announced that it has moved from Google’s reCAPTCHA to hCaptcha, an independent alternative CAPTCHA provider focused on user privacy.” https://www.bleepingcomputer.com/news/technology/cloudflare-drops-googles-recaptcha-due-to-privacy-concerns/
  10. “Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain.” https://threatpost.com/overlay-malware-exploits-chrome-browser-targets-banks-and-heads-to-spain/154713/
  11. “In the latest example of the Pentagon trying to mitigate foreign propaganda, U.S. officials admonished the governments of Russia, China and Iran for leveraging the international COVID-19 outbreak to summon anti-American sentiment. U.S. officials, in a statement Monday on a government website, accused state-funded media agencies, like Russia’s Sputnik News, of creating mistrust in credible information in order to create confusion.” https://www.cyberscoop.com/pentagon-bristles-russian-coronavirus-propaganda/
  12. “Oracle will detail 405 new security vulnerabilities Tuesday, part of its quarterly Critical Patch Update Advisory.” https://threatpost.com/oracle-tackles-405-bugs-for-april-quarterly-patch-update/154737/
  13. “FTC has received more than 16K Coronavirus-related reports from consumers. Consumers reported losing a total of $12.78M to fraud w/ a reported median loss of $570,” https://www.bleepingcomputer.com/news/security/us-consumers-report-12m-in-covid-19-scam-losses-since-january/

#security #cybersecurity #itsecurity #privacy #phishing #ddos #recaptcha #hcaptcha