Bradley Barth SC Media | Page 73 of 80

Bradley Barth

Senior Reporter

Most recent articles by Bradley Barth

Facebook rejects 82 more fake accounts, groups and pages allegedly linked to Iran

Two months after Facebook removed 652 inauthentic pages, groups and accounts for spreading misinformation and stoking political discord in other nations, Facebook announced on Friday that it banished another 82 offenders for the same reason. Back in August, Facebook identified Iran and Russia as the chief culprits behind the fraudulent activity. This time around, Iran…

‘Narwhal Spider’ group’s spam campaign targets Japanese recipients with URLZone malware

A newly discovered spam campaign powered by version two of the well-known Cutwail botnet has been found targeting Japanese users in an attempt to infect them with the URLZone (aka Bebloh) banking trojan. In a company blog post yesterday, Crowdstrike researchers Sebastian Eschweiler, Brett Stone-Gross and Bex Hartley note that the operation leverages the art of…

Uber (1)

Report: Pair indicted in Lynda.com breach also responsible for Uber incident

Two individuals who were indicted last August for stealing information from the LinkedIn training site Lynda.com back in 2016 are reportedly the same pair of hackers responsible for the 2016 Uber breach that affected 57 million worldwide users. Citing two people close to the case, a TechCrunch report revealed the connection between the two incidents…

Microsoft warns of attacks leveraging Word zero-day, releases temp fix

Researchers report vulnerability in Microsoft Word’s online video feature

Researchers at Israel-based cyberattack simulation company Cymulate are claiming to have found a vulnerability in Microsoft Word’s online video feature that can allow malicious actors to replace legitimate YouTube iframe code with malicious HTML/JavaScript code. In a company press release, Cymulate warns that the unpatched zero-day flaw requires no special configuration to reproduce and potentially affects…

Cisco patches command injection bug in Webex Meetings Desktop App for Windows

Cisco Systems yesterday released a security update that patches a high-severity command injection vulnerability in its Webex Meetings Desktop App for Windows. Discovered specifically within the app’s update service, the flaw results from insufficient validation of user-supplied parameters, Cisco reports in an advisory. If the bug is not properly fixed, an authenticated, local attacker could use…

Survey: Federal agencies slow to migrate to cloud, despite promise of security

Although a cloud-based architecture would offer cybersecurity benefits to federal agencies whose systems are in need of digital defense, many government entities are not yet ready to make the migration, based on the results of a new survey. Conducted by Alexandria, Va.-based MeriTalk, a public-private partnership whose mission is to improve the outcomes of government IT,…

Philippines orders Facebook to offer ID protections following breach

Among the 30 million accounts affected in the September 2018 Facebook data breach incident were 755,973 users in the Philippines, and now the Southeast Asian nation is demanding action from the social media company, according to a report from area news outlet ABS-CBN News. The report states that Manila’s National Privacy Commission yesterday ordered Facebook to file a…

Enigmatic cyber espionage campaign revives source code from old foe APT1

A newly discovered cyber espionage campaign targeting South Korea, the U.S. and Canada features malware that reuses old source code associated with the seemingly dormant or disbanded APT1 threat group. The findings raise the possibility that the reputed Chinese threat actor has resumed operations, especially because its source code was never released to the public, according to…

Next post in APTs/cyberespionage