Let's Encrypt discovers CAA bug, must revoke customer certificates
On Leap Day, Let's Encrypt announced that it had discovered a bug in its CAA (Certification Authority Authorization) code. The bug opens up a window of time in which a certificate might be issued even if a CAA record in that domain's DNS should prohibit it. As a result, Let's Encrypt is erring on the side of security and safety rather than convenience and revoking any currently issued certificates it can't be certain are legitimate. READ MORE...
Super Tuesday Marks First Major Security Test of 2020
Tuesday's presidential primaries across 14 states mark the first major security test since the 2018 midterm elections, with state and local election officials saying they are prepared to deal with everything from equipment problems to false information about the coronavirus. States have been racing to shore up cybersecurity defenses, replace vulnerable voting equipment and train for worst-case scenarios since it became clear that Russia had launched an effort to interfere in the 2016 presidential election. READ MORE...
Cathay Pacific slammed for security failures following hack which exposed 9.4 million people worldwide
The UK's Information Commissioner's Office (ICO) has fined Cathay Pacific for "a number of basic security inadequacies" which resulted in hackers stealing the data of 9.4 million people worldwide. In October 2018, the Hong Kong-based airline admitted that hackers had broken into its internal systems and accessed passenger data - including names, nationalities, dates of birth, phone numbers, email addresses, postal addresses, passport details, frequent flier numbers, and historical travel information. READ MORE...
CIA Hackers Targeted China in Decade-Long Campaign: Chinese Security Firm
A report published on Monday by Chinese cybersecurity firm Qihoo 360 claims that the U.S. Central Intelligence Agency (CIA) conducted an 11-year-long cyberespionage operation aimed at China's critical industries. Qihoo's research revolves around the Vault 7 files published in 2017 by WikiLeaks. The Vault 7 files include exploits and tools used by the CIA to target computers, routers, mobile devices, and IoT systems. READ MORE...
Ransomware Attackers Use Your Cloud Backups Against You
Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you. Recently the DoppelPaymer Ransomware operators published on their leak site the Admin user name and password for a non-paying victim's Veeam backup software. This was not meant to expose the information to others for further attacks but was used as a warning to the victim that the ransomware operators had full access to their network, including the backups. READ MORE...
Cobalt Ulster Strikes Again With New ForeLord Malware
A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat (APT) group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between mid-2019 and mid-January 2020. The emails were targeting organizations in Turkey, Jordan, Iraq, as well as in Georgia and Azerbaijan, researchers said last week at the RSA Conference. READ MORE...
Why 'free' Wi-Fi isn't really free
How much would you 'pay' for 'free' Wi-Fi? Would you give away your birthday? Your travel details? Your home address? Your phone number? Well, a couple of weeks ago, a security researcher in the UK was looking around online when he came across yet another company that had joined the 100 million club. That's the name we jokingly coined back in 2013 when Adobe infamously suffered a breach that exposed 150,000,000 encrypted password records in one go. READ MORE...
Krebs on Security: The Case for Limiting Your Browser Extensions
Last week, KrebsOnSecurity reported to health insurance provider Blue Shield of California that its Web site was flagged by multiple security products as serving malicious content. Blue Shield quickly removed the unauthorized code. An investigation determined it was injected by a browser extension installed on the computer of a Blue Shield employee who'd edited the Web site in the past month. READ MORE...
MediaTek Bug Actively Exploited, Affects Millions of Android Devices
Google has addressed a high-severity flaw in MediaTek's Command Queue driver that developers said affects millions of devices - and which has an exploit already circulating in the wild. Also in its March 2020 Android Security bulletin, issued this week, Google disclosed and patched a critical security vulnerability in the Android media framework, which could enable remote code execution within the context of a privileged process. READ MORE...
