23 Apr 2020

Perspecta Labs Wins $14.5m Autonomous Cyber-Defense Contract

Perspecta Labs, which is the research arm of Perspecta Inc., has recently been awarded a significant defensive cyber-contract that is potentially worth $14.5 million. The contract was awarded to the company by the US Army Combat Capabilities Development Command (CCDC), as well as two similar entities. The contract was considered

Read More
23 Apr 2020

Oil and Gas Companies Targeted With Agent Tesla Malware

Recent spearphishing campaigns have targeted the oil and gas industry, using the so-called Agent Tesla spyware Trojan. According to security firm Bitdefender, attackers impersonated an Egyptian state oil company called Enppi, (Engineering for Petroleum and Process Industries) to launch attacks against organizations in several countries including Malaysia, the US, Iran,

Read More
23 Apr 2020

Connected Home Hubs Open Houses to Full Remote Takeover

According to researchers at ESET, three different connected home hub systems, Fibaro Home Center Lite, Homematic Central Control Unit, and Elko’s eLAN-RF-003 contain serious bugs that could allow for unauthenticated remote code execution (RCE) as well as information disclosure and man-in-the-middle attacks. The home hubs are used to connect to

Read More
22 Apr 2020

DoppelPaymer Ransomware hits Los Angeles County city, leaks files

The DoppelPaymer Ransomware has reportedly attacked the City of Torrance in the LA metropolitan area of California. The attackers unencrypted data stolen and encrypted devices, demanding 100 bitcoin in ransom for a decryptor. The threat actors also published sensitive files, threatening to leak more if the ransom request is not

Read More
22 Apr 2020

New iOS exploit discovered being used to spy on China’s Uyghur minority

Yesterday, a security firm stated that it discovered a new iOS exploit, named Insomnia, that works against iOS 12.3, 12.3.1, and 12.3.2. The security firm, Volexity, also stated that it believes the exploit was used to spy on the pressed Uyghur minority population in China. Apple patched this vulnerability behind

Read More
21 Apr 2020

US Bans Church Website Selling COVID19 ‘Miracle’ Treatment

The Genesis II Church of Health and Healing (Genesis) was found to be in violation of the Federal Food, Drug, and Cosmetic Act earlier this week, and they were ordered to shut down a website advertising a miracle cure for COVID-19, brain cancer, HIV/AIDS, and Alzheimer’s disease. Genesis was found

Read More
21 Apr 2020

Twitter Fails to Obtain Permission to Disclose Surveillance Requests

Recently, the US government declared that Twitter’s release of transparency reports could harm national security. Twitter has been releasing the reports since 2012, in which they provide information on legal requests for account information and content removal, as well as copyright and trademark notices, platform manipulation and advertisers. The reports

Read More
21 Apr 2020

Bitcoin Stealers Hide in 700+ Ruby Developer Libraries

Security researchers have identified roughly 760 malicious libraries uploaded by cybercriminals to RubyGems, which contain open source components that are commonly used as building blocks by software developers. The malicious libraries steal Bitcoin, and have been identified in the Ruby programming language codebase. Threat analysts at ReversingLabs stated that cybercriminals

Read More
21 Apr 2020

267 million Facebook profiles sold for $600 on the dark web

Security researcher Bob Diachenko discovered 267 million Facebook profiles being sold on dark web sites and hacker forums for over $600 apiece. Diachenko uncovered the stolen account credentials for sale last month. However, none of the records include passwords, instead containing information that could allow attackers to conduct spear-phishing or

Read More
20 Apr 2020

GitHub Shares Details on Six Chrome Vulnerabilities

GitHub has released new information on six vulnerabilities that were uncovered by one of its security researchers. The vulnerabilities are in the WebAudio component of Chrome. The vulnerabilities were reported to Google by GitHub Security Lab in February and March. The security researcher identified several Chrome sandbox escape vulnerabilities, and

Read More