European law-enforcement officials have shut down an encrypted Android-based communications platform used exclusively by criminals to plot murders, traffic illegal drugs, commit money laundering and plan other organized crimes. An international law-enforcement team from the France and the Netherlands cracked the encryption of EncroChat, a secure mobile messaging service that was "one of the largest providers of encrypted communications," according to the U.K.'s National Crime Agency. READ MORE...
An unknown cybercriminal has infiltrated 22,900 unsecured MongoDB databases, wiping their contents and leaving behind a ransom note demanding bitcoin in return for the data. If the ransom isn't paid within two days, they threatened to notify authorities in charge of enforcing the European Union's GDPR. According to ZDNet, which broke the story, the hacker is using automated scripts to scour the internet for MongoDB installations that face the internet with no password protection. READ MORE...
Hackers linked to the North Korean government appear to be behind the Magecart attacks on fashion retailer Claire's and other online stores, Netherlands-based e-commerce security company Sansec reported on Monday. Threat actors linked to North Korea have been known to launch - in addition to espionage and destructive campaigns - financially-motivated attacks, including against cryptocurrency exchanges and banks. READ MORE...
F5 Networks (F5) patched a critical remote code execution (RCE) vulnerability found in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP application delivery controller (ADC). F5 customers using BIG-IP software and hardware solutions include enterprise governments, Fortune 500 firms, banks, service providers, and consumer brands (including Microsoft, Oracle, and Facebook), with the company's website saying that "48 of the Fortune 50 rely on F5." READ MORE...
Beware if you're paying your bills for local government services - the payment information you type into that web form may be heading straight to cybercriminals. Security experts at Trend Micro report that they have identified eight cities in the USA where online payment portals have been compromised to host Magecart-style credit card skimming code. READ MORE...
The US National Security Agency (NSA) has published guidance on how to properly secure IP Security (IPsec) Virtual Private Networks (VPNs) against potential attacks. Besides providing organizations with recommendations on how to secure IPsec tunnels, NSA's VPN guidance also highlights the importance of using strong cryptography to protect sensitive info contained within traffic while traversing untrusted networks when connecting to remote servers. READ MORE...
One of the most-read advice columns on this site is a 2018 piece called "Plant Your Flag, Mark Your Territory," which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration, the IRS and others before crooks do it for you. A key concept here is that these services only allow one account per Social Security number - which for better or worse is the de facto national identifier in the United States. READ MORE...
Apache Guacamole, a popular infrastructure for enabling remote working, is vulnerable to a slew of security bugs related to the Remote Desktop Protocol (RDP), researchers have warned. Admins should update their systems to avoid attacks bent on stealing information or remote code-execution. Once in control of the gateway, an attacker can eavesdrop on all incoming sessions, record all the credentials used, and even start new sessions to control the rest of the computers within the organization. READ MORE...