07-02-202109-02-2021

Security daily (08-02-2021)

Use new account assignment APIs for AWS SSO to automate multi-account access

In this blog post, we’ll show how you can programmatically assign and audit access to multiple AWS accounts for your AWS Single Sign-On (SSO) users and groups, using the AWS Command Line Interface (AWS CLI) and AWS CloudFormation. With AWS SSO, you can centrally manage access and user permissions to all of your accounts in […] (AWS Security Blog)

Hacker breached Florida water facility to alter sodium hydroxide level, police say

An unidentified hacker on Feb. 5 broke into the computer system of a water treatment plant for a town outside of Tampa, Florida, and temporarily changed the plant’s sodium hydroxide setting to a potentially dangerous level, local authorities said Monday. The attacker changed the level of sodium hydroxide in the water treatment plant in the town of Oldsmar from about 100 parts per million to 11,100 parts per million, said Bob Gualtieri, the sheriff of Pinellas County, Florida. Treatment plants use sodium hydroxide to make water drinkable, but it can be unsafe for people in large quantities. The breach did not cause any harm to public health, but it is a stark reminder of the risks that come with increasingly digitized critical infrastructure. “This is somebody that is trying, at least it appears on the surface, to do something bad … It’s a bad actor,” Gualtieri said at a press […] The post Hacker breached Florida water facility to alter sodium hydroxide level, police say appeared first on CyberScoop. (CyberScoop)

Barcode scanner in Google Play Store became malware after years of popularity, researchers say

An app with more than 10 million downloads from the Google Play Store recently took a hard turn to the dark side, according to antivirus company Malwarebytes. The Barcode Scanner app had appeared in the store for years, but in December it became clear that it “had gone from an innocent scanner to full on malware,” writes Nathan Collier, a researcher for the Silicon Valley company. Malwarebytes said Google Play removed the app in early December after users reported that it was opening the default web browsers on phones to serve up ad pages — without any direct action by the device owners themselves. The company is labeling the malicious code as a trojan. “It is frightening that with one update an app can turn malicious while going under the radar of Google Play Protect,” Collier writes. The researcher makes a clear distinction: There are many ways apps can go […] The post Barcode scanner in Google Play Store became malware after years of popularity, researchers say appeared first on CyberScoop. (CyberScoop)

Two Iranian hacking groups appear to be actively snooping on critics around the globe

Two suspected Iranian government-connected hacking groups are actively spying on dissidents around the world in renewed eavesdropping campaigns, researchers said in reports out Monday morning. One of the groups, known as Domestic Kitten or APT-C-50, notched victims in seven countries, Check Point Research found: Iran, the U.S., the U.K., Pakistan, Afghanistan, Turkey,and Uzbekistan. The other, known as Infy or Prince of Persia, snooped on dissidents in 12 countries, Check Point found in joint research with SafeBreach. Both companies were founded in Israel, which counts Iran as one of its chief nemeses. The U.S. also counts Iran among the handful of its biggest adversaries in cyberspace. Check Point has reported on both groups in the past, but the the company said its research uncovered new activity and fresh techniques. “The operators of these Iranian cyber espionage campaigns seem to be completely unaffected by any counter-activities done by others, even though they […] The post Two Iranian hacking groups appear to be actively snooping on critics around the globe appeared first on CyberScoop. (CyberScoop)

Naked Security Live – Jargonbuster: Bugs, vulns, 0-days and exploits

Latest Naked Security Live talk - watch now! (Naked Security)

Big Jump In RDP Attacks As Hackers Target Staff Working From Home

(News ≈ Packet Storm)

Government Censorship Threats Over TikTok Spiked Interest In VPNs

(News ≈ Packet Storm)

Iran Hides Spyware In Wallpaper, Restaurant, And Game Apps

(News ≈ Packet Storm)

Google Chrome Zero-Day Afflicts Windows, Mac Users

(News ≈ Packet Storm)

Billions of Passwords Offered for $2 in Cyber-Underground

About 3.27 billion stolen account logins have been posted to the RaidForums English-language cybercrime community in a 'COMB' collection. (Threatpost)

Critical WordPress Plugin Flaw Allows Site Takeover

A patch in the NextGen Gallery WordPress plugin fixes critical and high-severity cross-site request forgery flaws. (Threatpost)

Ransomware Demands Spike 320%, Payments Rise

Remote work continues to fueling a spike in phishing and cyberattacks, particularly in the U.S. (Threatpost)

Fake Forcepoint Google Chrome Extension Hacks Windows Users

In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to. (Threatpost)

07-02-202109-02-2021

/security-daily/ 09-02-2021 23:44:23