21-05-202023-05-2020

Security daily (22-05-2020)

DHS’s cyber division has stepped up protections for coronavirus research, official says

The Department of Homeland Security’s cybersecurity wing says it has put heightened defense measures for health-care-focused organizations and research facilities in place as foreign government-backed hackers continue to try to steal U.S. coronavirus research. “I just want you to know that we have stepped up our protections of [the Department of Health and Human Services] and [the Centers for Disease Control and Prevention] — our federally-funded research organizations,” Bryan Ware, assistant director of DHS’s Cybersecurity and Infrastructure Security Agency, told industry executives Friday. “[We’ve] significantly accelerated that work.” CISA is regularly scanning the internet-connected devices of top pharmaceutical companies and research institutions for vulnerabilities and trying to get them fixed quickly “because we are seeing adversaries that are targeting them right now,” Ware said on a webinar focused on CISA contracting opportunities. Ware cited efforts by China and other unnamed governments to target vaccine research, echoing recent warnings from CISA and […] The post DHS’s cyber division has stepped up protections for coronavirus research, official says appeared first on CyberScoop. (CyberScoop)

As hackers sell 8 million user records, Home Chef confirms data breach

Meal kit and food delivery company Home Chef has confirmed that hackers breached its systems, making off with the personal information of customers. But only after a hacking group put the stolen data up for sale… Read more in my article on the Hot for Security blog. (Graham Cluley)

EasyJet’s breach notification email to customers – a closer look

Let’s take a closer look at the email EasyJet is sending to customers affected by its recent security breach. Including a brief exploration of how EasyJet’s definition of “recent” might differ from yours or mine… (Graham Cluley)

The ransomware that attacks you from inside a virtual machine

In a recent attack, Ragnar Locker ransomware was seen encrypting victim's files while shielded from security software inside a virtual machine. (Naked Security)

Signal secure messaging can now identify you without a phone number

Signal decouples its secure messaging service from your phone number - a bit. (Naked Security)

Apple and Google launch COVID-19 contact tracing API

The first phase of Apple and Google's contact tracing framework to help identify people at risk from coronavirus. (Naked Security)

How to Find OSINT Data on License Plate Numbers with Skiptracer

While conducting an OSINT investigation, it's important to be able to pull in information based on any clue you uncover. In particular, license plate information can turn up everywhere, from photos to live data to on your own street. You could use that data to find the VIN, see if a Tinder date has hit anyone, find out who's blocking your driveway, and so on. Skiptracer can help get the ball rolling.

To get started, you'll need to have Python 2 installed and updated on your system. The developer of Skiptracer, xillwillx, is in the process of updating the tool to Python 3 since Python 2 is no... more (Null Byte « WonderHowTo)

This 10-Course Blockchain & Ethereum Training Is Just $29 Today

If the interconnected worlds of blockchain, Bitcoin, and cryptocurrencies scare you a bit, you're not alone. Thanks in part to the extreme and seemingly random fluctuations in the value of Bitcoin over the past three years, more than a few developers and investors are wary of the cryptocurrency revolution and its ties to blockchain development.

But despite Bitcoin's recent volatility, most serious economists and monetary specialists agree that cryptocurrencies are here to stay. If you want to stay ahead of the curve in a world that's becoming more reliant on blockchain development and... more (Null Byte « WonderHowTo)

Silent Night Zeus Financial Botnet Sold In Underground Forums

(News ≈ Packet Storm)

Docker Desktop For Windows Patches Privilege Escalation

(News ≈ Packet Storm)

Weird Nintendo Switch Issue Makes It Easier To Guess Passwords

(News ≈ Packet Storm)

Nigerian Scattered Canary Gang Exploits CARES Act

(News ≈ Packet Storm)

Understanding & Stopping Malicious Redirects

Many website owners don’t know they’re infected with malicious redirects until they start getting calls from wary customers. Instead of the site they were expecting, it loaded some pretty shady content from the nether reaches of the internet. Malicious redirects are caused by hackers injecting scripts into infected sites that send visitors to destinations where they usually get scammed or infected with malware. Not to be confused with SEO spam, malicious redirects take away — or redirect — visitors from their intended websites. Continue reading Understanding & Stopping Malicious Redirects at Sucuri Blog. (Sucuri Blog)

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns

Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign. (Threatpost)

Home Chef Serves Up Data Breach for 8 Million Records

The meal-kit company's customer records were leaked as part of the Shiny Hunters breach. (Threatpost)

NSO Group Impersonates Facebook Security Team to Spread Spyware — Report

An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal. (Threatpost)

Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks

Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT. (Threatpost)

21-05-202023-05-2020

/security-daily/ 23-05-2020 23:44:22