Coronavirus scientists are big targets for foreign cyber-espionage, FBI says
Nation-state hackers have been running cyber-espionage operations against medical research organizations in the U.S. that are studying the novel coronavirus, according to the FBI. "We have certainly seen reconnaissance activity and some intrusions into some of those institutions, especially those that have publicly identified themselves as working on COVID-19 related research," the deputy assistant director of the FBI's cyber division, Tonya Ugoretz, said Thursday. READ MORE...
Streaming TV Fraudsters Steal Millions of Ad Dollars in 'ICEBUCKET' Attack
A massive television ad fraud campaign that abuses the programmatic advertising ecosystem for connected TV (CTV) has successfully impersonated more than 2 million people in over 30 countries so far during its run, defrauding more than 300 different brands out of their ad dollars. The recently uncovered CTV operation was bent on tricking advertisers into thinking there were real people watching TV on the other side of the screen, when in reality they were bots. READ MORE...
What fools these mortals be: 'Shakespearean' hackers hit Azerbaijani government and energy sectors
A mysterious set of hackers has in recent months launched data-stealing attacks against Azerbaijan government officials and companies in the country's wind industry, researchers from Cisco Talos said Thursday. The attackers are using a new hacking tool, whose code is littered with references to English playwright William Shakespeare, to try to gain remote access to target computers and exfiltrate data automatically. READ MORE...
Zoom Rolls Out New Measures as Security Fears Mount
Videoconferencing platform Zoom is rolling out a number of measures meant to stem criticism over how it has handled security as users flock to the application during the coronavirus pandemic. Zoom chief executive Eric Yuan laid out steps Wednesday that the company is taking against problems such as data hacking and harassment by individuals who crash sessions in what is referred to as "Zoombombing." READ MORE...
Hackers steal WiFi passwords using upgraded Agent Tesla malware
Some new variants of the Agent Tesla info-stealer malware now come with a dedicated module for stealing WiFi passwords from infected devices, credentials that might be used in future attacks to spread to and compromise other systems on the same wireless network. The new samples are heavily obfuscated and are designed by the malware's author to collect wireless profile credentials from compromised computers. READ MORE...
Krebs on Security: Sipping from the Coronavirus Domain Firehose
Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing pressure to do more to combat scams and misinformation during the COVID-19 pandemic. READ MORE...
Poorly Secured Docker Image Comes Under Rapid Attack
In a vivid example of why cloud infrastructure needs strong security, a simple Docker container honeypot was used for four different criminal campaigns in the span of 24 hours, in a recent lab test. Akamai security researcher Larry Cashdollar set up the Docker image to see what kind of notice it might attract from the wider web's cadre of cyberattackers. He implemented SSH protocol for encryption and implemented a "guessable" root password. READ MORE...
Pentagon Paid Out $290,000 for Vulnerabilities in Air Force Data Center
The Pentagon's latest bug bounty challenge, Hack the Air Force 4.0, has resulted in the discovery of over 400 vulnerabilities and rewards totaling more than $290,000. Hack the Air Force 4.0, conducted by the U.S. Department of Defense in collaboration with the Defense Digital Service and bug bounty platform HackerOne, was the Pentagon's tenth bug bounty program. READ MORE...
Office printers: The ticking IT time bomb hiding in plain sight
Office printers don't have to be security threats: with foresight and maintenance they're very easily threat-proofed. The problem is that system administrators rarely give the humble printer (or scanner, or multifunction printer) much attention. But hackers haven't forgotten about printers. Last summer, a Russian hacker group penetrated numerous organizations by first infiltrating unprotected printers, which were connected to the same network as every other device. READ MORE...
- ...in 1907, Ellis Island processes 11,747 new immigrants, more than any other day in its 62-year history.
- ...in 1937, Daffy Duck makes his film debut in the Porky Pig cartoon "Porky's Duck Hunt."
- ...in 1959, actor Sean Bean ("Goldeneye", "The Fellowship of the Ring") is born in Yorkshire, England.
- ...in 1970, Apollo 13 returns safely to Earth after emergency in-flight repairs force an early end to its mission.
