15 Jan 2020

2017 Data Breach Will Cost Equifax at Least $1.38 Billion

Equifax has agreed to set aside a minimum of $380.5 million for breach compensation and promises to spend another $1 billion on elevating its information security over the next five years. Customers affected by the breach, almost 147 million US consumers, have one week from today to file a claim.

Read More
09 Jan 2020

TrickBot Adds Custom, Stealthy Backdoor to its Arsenal

TrickBot is evolving to avoid detection by adding a new backdoor to its arsenal. Russian cybercriminals behind the malware have developed “PowerTrick” to infiltrate high-value targets and give TrickBot new capabilities. SentinelLabs stated that PowerTrick was released on Thursday and is designed to execute commands and return results in Base64

Read More
09 Jan 2020

Google Removed Over 1.7K Joker Malware Infected Apps from Play Store

Google has removed 1,700 applications compromised by the Joker Android malware from its Google Play Store to protect consumers from the harmful software. The infected applications have been detected and removed since 2017 when the company began tracking the uploads. CSIS Security Group researchers found 24 apps with over 400,000

Read More
09 Jan 2020

Senator unveils bill to stop the US from sharing intel with countries using Huawei 5G

Senator Tom Cotton introduced legislation that seeks to prohibit the United States from sharing intelligence with countries allowing the Chinese company Huawei to operate 5G technologies. The legislation, which was introduced earlier this week, would have a major impact on both the US foreign policy and on Huawei. The legislation

Read More
08 Jan 2020

TikTok Bugs Put Users’ Videos, Personal Data At Risk

Researchers at Check Point Research have discovered vulnerabilities in the popular video-sharing platform TikTok that allow users to spoof SMS messages and exploit an API flaw that can grand access to users’ personal data. However, ByteDance has since patched these flaws. If left un-updated, intruders could still gain access to

Read More
07 Jan 2020

Microsoft Phishing Scam Exploits Iran Cyberattack Scare

An attackers used the possible Iranian cyberattack warning in a phishing scheme that tries to collect Microsoft login credentials. As the threat of a cyberattack coming from Iran escalates, the government has been issuing warnings to citizens and officials. The attacker created an email phishing scam that pretends to be

Read More
07 Jan 2020

Travelex faces ransom demands following NYE malware attack

Travelex services remain offline after they were hit by a malware attack on New Year’s Eve. The network was compromised after a group of unknown cybercriminals launched a ransomware attack, hoping to meet ransom requests. The currency exchange company stated that all of its services had been taken offline to

Read More
07 Jan 2020

Burner phones are an eavesdropping risk for international travelers

In order to limit the risk of exposing sensitive business data while abroad, international business travelers can use of burner phones with a minimal data footprint. However, Michael Campbell of Privoro warns that because those phones are used only for a single trip and contain as little valuable data as

Read More
07 Jan 2020

Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks

Ransomware actors are actively exploiting a critical flaw in the Pulse Secure VPN service, a security researcher recently discovered. The flaw, tracked as CVE-2019-1150, enables attackers to establish unauthenticated HTTPS connections to enterprise networks using the VPN service. Pulse Secure patched the issue in April of last year, and on

Read More
07 Jan 2020

Magecart Hits Parents and Students via Blue Bear Attack

In October of last year, Magecart actors breached Blue Bear Software, a major e-commerce platform for educational institutions, the vendor’s parent company Active Networks has announced. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the

Read More