<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 10/12/2020

Hacking

DHS: Unknown hackers targeted the US Census Bureau network

The US Department of Homeland Security said that unknown threat actors have targeted the US Census network during the last year in its first-ever Homeland Threat Assessment (HTA) report released earlier this week. The US Census Bureau is the largest US federal government statistical agency responsible for collecting statistical data about the US economy and population. This data is then used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year. READ MORE...


Largest cruise line operator Carnival confirms ransomware data theft

Carnival Corporation, the world's largest cruise line operator, has confirmed that the personal information of customers, employees, and ship crews was stolen during an August ransomware attack. Carnival is included in both the S&P 500 and the FTSE 100 indices and it has more than 150,000 employees from roughly 150 countries and over 13 million guests each year. The company operates nine cruise line brands (Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, Seabourn). READ MORE...

Malware

Google boosts malware protection for high-risk accounts

Google has added improved malware protection for all Google Chrome users who are also enrolled in the company's Advanced Protection Program (APP). Google's Advanced Protection Program is a free service that aims to protect the accounts of users including but not limited to activists, journalists, business leaders, and political teams who have a higher risk of being targeted by online attacks. APP blocks unauthorized access to enrolled users' accounts, offers additional protection from harmful downloads. READ MORE...


Software AG IT giant hit with $23 million ransom by Clop ransomware

The Clop ransomware gang hit the network of German enterprise software giant Software AG last Saturday, asking for a ransom of $23 million after stealing employee information and company documents. Software AG is a software company headquartered in Darmstadt, Germany, with more than 5,000 employees and operations in over 70 countries around the globe. Software AG's customer list includes organizations from government, banking, transportation, insurance, retail, and more, Airbus, Lufthansa, DHL. READ MORE...


Latest Version of MalLocker Android Ransomware Packs New Tricks

Like most such mobile malware, the new one doesn't encrypt data but attempts to make an infected system impossible to use, Microsoft says. Security researchers at Microsoft have spotted a dangerous new version of MalLocker, a constantly evolving Android ransomware family that has been floating around in the wild since at least 2014. The new version is notable for how it surfaces the ransom demand on infected devices and its integration of an open source machine-learning module for context-aware. READ MORE...

Information Security

Ransomware Attackers Buy Network Access in Cyberattack Shortcut

Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be buying in. For prices between $300 and $10,000, ransomware groups have the opportunity to easily buy initial network access to already-compromised companies on underground forums. Researchers warn this opportunity gives groups like Maze or Sodinokibi the ability to more easily kickstart ransomware attacks across various industries. READ MORE...

Exploits/Vulnerabilities

Researchers' experience with Apple offers peek at 'confusing' vulnerability award process

Five researchers who found 55 vulnerabilities in Apple's online services and assets, some of which were critical vulnerabilities, received nearly $300,000 from the Silicon Valley giant Thursday - but it was a journey to get there. At first, the researchers were only paid a fraction of that, and the road to a larger payment - which appears to align more with typical Apple vulnerability research rewards - has been frustrating and confusing, according to one of the researchers involved. READ MORE...

Science & Culture

Google wants to turn YouTube into QVC with new shopping features

A fresh report from Bloomberg details Google's new plan to squeeze even more revenue out of YouTube, which is already a $15 billion-a-year business. Google apparently wants to turn YouTube into a shopping destination, where viewers can watch things like product unboxings, makeup, or cooking videos and immediately buy featured products directly through YouTube. The report says YouTube is currently "testing these features with a limited number of video channels" and "[t]he goal is to convert YouTube's bounty of videos into a vast catalog of items. READ MORE...


Top Belgium Telecoms Firm Drops Huawei

Belgium's dominant telecom operator Proximus said Friday that it will gradually replace its equipment from the Chinese manufacturer Huawei with products from Finnish supplier Nokia and Sweden's Ericsson. The sensitive decision comes at a time when the United States is heaping pressure on its European allies to shun equipment from Chinese firms in developing their 5G networks. The Belgian capital Brussels hosts the headquarters of the NATO military alliance as well as the European Union. READ MORE...

On This Date

  • ...in 1492, Christopher Columbus and his crew make landfall in the Bahamas, believing incorrectly that he had reached the East Indies.
  • ...in 1810, the citizens of Munich, Germany hold the first Oktoberfest.
  • ...in 1901, President Theodore Roosevelt officially renames the "Executive Mansion" to the White House.
  • ...in 1979, Douglas Adams' comedic science fiction novel "The Hitchhiker's Guide to the Galaxy" is published.