American Payroll Association discloses credit card theft incident
The American Payroll Association (APA) disclosed a data breach affecting members and customers after attackers successfully planted a web skimmer on the organization's website login and online store checkout pages. APA is a nonprofit professional association with more than 20,000 members and 121 APA-affiliated local chapters that organizes training seminars and conferences, attended every year by over 36,000 professionals. The organization also issues industry-recognized certifications and provides professionals with a library of resource texts. READ MORE...
Hackers are backdooring QNAP NAS devices with 3-year old RCE bug
Hackers are scanning for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions, trying to exploit a remote code execution (RCE) vulnerability addressed by QNAP in a previous release. According to a report published today by researchers at Qihoo 360's Network Security Research Lab (360 Netlab), unknown threat actors are currently exploiting a remote command execution vulnerability due to a command injection weakness in QNAP NAS devices' firmware. READ MORE...
The most popular brand websites that hackers use for typosquatting campaigns
The most imitated websites that credential-stealing, financially-motivated hackers have resorted to mimicking include Wells Fargo, Netflix, Facebook, and Microsoft, according to new Palo Alto Networks research published Tuesday. Some of the other top brands that hackers have mimicked with typosquatting, a technique that relies on victims glancing over typos in website names that appear similar to other popular legitimate sites, also include PayPal, Apple, Royal Bank of Canada, LinkedIn, Google... READ MORE...
Malware authors trick Apple into trusting malicious Shlayer apps
The authors of the Mac malware known as Shlayer have successfully managed to get their malicious payloads through Apple's automated notarizing process. Since February 2020 all Mac software distributed outside of its Mac App Store must be notarized by Apple to be able to run on macOS Catalina and above. The notarization process requires developers to submit software they built for the macOS platform to be scanned through Apple's notary service, an automated system designed to scan submitted software. READ MORE...
Over 400 GOV.UK domains found on spam blacklists
Hundreds of domains managed by the U.K. government are on DNS-based blacklists creating email communication problems. Multiple government agencies, councils, and public welfare agencies rely on GOV.UK domain infrastructure to provide online services to Britain's residents. Being on an automated IP blacklist usually signifies a problem with your mail infrastructure: most likely either your server has been sending spam, or was compromised at some point. DNS-based IP "blackhole" list READ MORE...
Security teams stretched to breaking point trying to secure new remote working regimes
The cybersecurity skills shortage means that many organizations are in urgent need of talented and experienced security professionals. This has been intensified by the pandemic, with security teams stretched to breaking point trying to secure new remote working regimes against the influx of opportunistic cyberattacks. There is a human cost to this high-pressure environment and new research from SIRP shows that the additional burdens placed on security operations center (SOC) teams due to COVID-19 has affected staff churn rates. READ MORE...
Trump adviser reportedly wants to let COVID-19 spread, repeat Sweden's mistakes
A new adviser to President Donald Trump is reportedly advocating that the pandemic coronavirus spread largely unrestrained so that the United States can reach "herd immunity"-an idea that infectious disease experts call "absolutely absurd," "simply wrong," and a strategy that actually amounts to the absence of a strategy, which could leave hundreds of thousands of more Americans dead. Still, according to reporting by The Washington Post, the idea is being pushed by Scott Atlas. READ MORE...
How far can you drive an electric car at 70mph before it stops?
The personal car has been sold to society as an engineered expression of freedom, as told through stories as varied as the dust bowl migration of The Grapes of Wrath to the irresponsible road racers of The Cannonball Run. And decades of dependence on fast-flowing liquid hydrocarbons for fuel have left little tolerance for spending many minutes more plugged in and stationary, waiting for lithium-ion cells to recharge. READ MORE...
Facebook threatens to block news-sharing in Australia
Facebook has threatened to block users and publishers in Australia from sharing news on its platform if the country presses ahead with a landmark proposal to force big tech to pay media groups for carrying their content. The US social media platform said it would "reluctantly stop allowing publishers and people in Australia from sharing local and international news on Facebook and Instagram" if the draft legislation comes into force. "This is not our first choice-it is our last. READ MORE...
- ...in 1875, science fiction author Edgar Rice Burroughs, the creator of Tarzan of the Apes and John Carter of Mars, is born in Chicago, IL.
- ...in 1950, German automotive designer Porsche releases the 356, the first automobile to be independently manufactured and sold by the company following WWII.
- ...in 1952, Ernest Hemingway's Pulitzer-prize winning novel "The Old Man and the Sea" is first published.
- ...in 1985, a joint French-American expedition locates the wreckage of the RMS Titanic on the bottom of the North Atlantic.
