27 Jul 2020

DJI Drone App Riddled With Privacy Issues, Researchers Allege

According to researchers with Synacktiv, several privacy errors and vulnerabilities lie within the DJI GO 4 application, which is designed to act as a remote control app for the DJI drone models. According to researchers, the application opens users’ sensitive data and continues to run in the background after it’s

Read More
27 Jul 2020

Malware is down, but IoT and ransomware attacks are up

According to a threat report published by SonicWall in the middle of 2020, malware attacks declined by 24% globally in the first half of the year. However, the report also states that IoT attacks and ransomware attacks have increased, with the US experiencing a huge 109% jump in the number

Read More
24 Jul 2020

Russia’s GRU Hackers Hit US Government and Energy Targets

Russia’s GRU intelligence agency has been responsible for some of the most aggressive cyberattacks in history, including blackouts and destructive worms. The group was also tied to a massive misinformation campaign as well as a hacking and leaking operation that was created to skew the outcome of the 2016 US

Read More
24 Jul 2020

Malicious ‘Blur’ Photo App Campaign Discovered on Google Play

Researchers at the White Ops Satori Threat Intelligence and Research Team have uncovered a new campaign consisting of malicious photo apps on Google Play. The malicious apps flood Android devices with random ads aiming to compromise the victim’s device rather than functioning as advertised. According to researchers, the app also

Read More
24 Jul 2020

Twilio Security Incident Shows Danger of Misconfigured S3 Buckets

A cloud communications platform, Twilio, has publicized a security incident in which attackers were able to gain access to sensitive data due to a misconfigured Amazon AWS S3 bucket. According to researchers, the attackers were able to modify the TaskRouter JavaScript SDK, and the SDK path had been left publicly

Read More
24 Jul 2020

Garmin services and production go down after ransomware attack

Garmin, a smartwatch and wearable technology company, has been forced to suspend several of its services due to a ransomware attack. Garmin shut down its sites on July 23 to deal with encryption on its internal network and production systems. The company will perform maintenance for multiple days, which entails

Read More
23 Jul 2020

Over 1500 Exposed Online Databases Wiped by “Meow” Attacker

Researcher Bob Diachenko discovered a new campaign consisting of 1500 online databases being wiped by an unknown attacker for no reason. The one similarity between the databases is that they were misconfigured and exposed to the public. Diachenko found a misconfigured databased belonging to a company based in Hong Kong,

Read More
23 Jul 2020

Lazarus Group Surfaces with Advanced Malware Framework

North Korean hacking group called Lazarus Group has emerged with a new multipurpose malware framework that targets a variety of systems, including Windows, Linux, and macOS. The APT has named the sophisticated malware framework MATA. Kaspersky researchers discovered the new framework when investigating a series of attacks that utilized the

Read More
23 Jul 2020

Leak Exposes Private Data of Genealogy Service Users

Researchers at WizCase discovered a misconfigured ElasticSearch server that held the personal information of 60,000 Ancestry.com users. The data contained files belonging to Software MacKiev and was accidentally left open and unencrypted. The leak puts the customers at risk for cyberattack attempts, including fraud and phishing. The data set included

Read More
22 Jul 2020

Diebold ATM Terminals Jackpotted Using Machine’s Own Software

Diebold, a leading ATM manufacturer, has issued a public warning that cybercriminals have been illegally dispensing cash across Europe through compromising ATM machines using a black box with proprietary code in attacks. The criminals are utilizing software from the manufacturer in a campaign across Europe to exfiltrate money from ATMs.

Read More