Robert Abel SC Media | Page 3 of 176

Robert Abel

Content Coordinator/Reporter

Most recent articles by Robert Abel

Judge rejects Yahoo’s data breach settlement proposal

By

A federal judge in San Jose, California rejected Yahoo’s proposed data breach settlement offer faulting Yahoo’s lack of transparency, Yahoo’s proposed a $50 million payout, plus two years of free credit monitoring for about 200 million people in the United States and Israel was rebuffed by U.S. District Judge Lucy Koh, who said she couldn’t…

Huawei responds to allegations of NSA hacking

U.S. criminally charges Huawei with stealing intellectual property and violating sanctions

By

U.S. federal prosecutors Monday filed criminal charges against Chinese telecommunications firm Huawei alleging the company stole intellectual property from T-Mobile and violated U.S. sanction orders. The 10-count indictment charges Huawei with conspiracy to steal trade secrets, wire fraud and obstruction of justice as the result of employees trying to steal trade secrets about a robot…

Experts share new insight on Sandworm APT exploits, BlackEnergy malware

GreyEnergy threat group linked to Zebrocy

By

Kaspersky researchers have discovered overlap between the GreyEnergy threat group, considered the successor to  BlackEnergy, and the Sofacy subset Zebrocy. Researchers described GreyEnergy and BlackEnergy as an advanced threat group that possesses extensive knowledge on penetrating their victim´s networks and exploiting any available vulnerabilities. The threat actor is also known for updating its tools and…

Hakai and Yowai botnets abuse ThinkPHP vulnerabilities

By

Cybercriminals are exploiting vulnerabilities in the ThinkPHP open source framework to expand the Hakai and Yowai botnets. The botnets can be used to breach web servers and launch DDoS attacks against websites using a  vulnerability in the framework’s invokeFunction method to execute malicious code on the underlying server, Trend Micro researchers said in a Jan.…

facebook

EPIC, Open Markets Institute and other groups urge FTC to break up Facebook

By

The Electronic Privacy Information Center announced it has joined a coalition of groups urging the Federal Trade Commission (FTC ) in a letter to break up Facebook  as well as issue strong penalties against the social media giant. The coalition also consists of the Open Market Institute,Electronic Privacy Information Center Color of Change, Common Sense…

Phishing attacks posing as missed voicemails nab credentials

By

Threat actors are sending out a wave of phishing emails disguised as missed voicemail notifications in an attempt to bypass both email scanners and user suspicions. The attack is sent in the form of an email purporting to be a notification about a voice message using subject lines such as “PBX Message,” “Voice:Message” or “Voice…

FDA presents guidelines for medical device security

Patient data of 70,000 compromised in Kansas-based Valley Hope Association breach

By

Kansas-based Valley Hope Association addiction treatment centers are notifying patients their personal information may have been compromised in a phishing attack which granted unauthorized access to an employee’s email account. An investigation revealed on Nov. 23, 2018, that the threat actors logged into the account between Oct. 9-10, 2018, resulting in a risk of unauthorized…

DarkHydrus RogueRobin uses Google Drive as C2 channel

By

A custom malware dubbed RogueRobin is using Google Drive as an alternative command and control channel. Palo Alto’s Unit 42 researchers have been monitoring the malware used by the DarkHydrus APT group and which is hidden in a series of Arabic language spear phishing emails laced with macro-enabled Excel documents with the .xlsm file extensions,…

AppleMalware2

Apple releases updates for iOS, macOS, tvOS, watchOS and other products

By

Apple Tuesday released updates to address vulnerabilities in several of its products including its macOS and iOS operating systems. The iOS updates include a patch for a FaceTime vulnerability which would allow a remote attacker to infiltrate a FaceTime call causing arbitrary code execution which affected  iPhone 5s and later, iPad Air and later, and…

Abuse.ch takes down 100K malware distribution sites in 10 months

By

Swiss non-profit threat sharing, Abuse.ch, announced its platform has managed to takedown 100,000 malware distribution sites in 10 months in a recent project which consisted of sharing malicious URL used for distribution. Abuse.ch’s URLhaus project was launched last year to collect malicious URLs by allowing anyone to sign up with a Twitter account to report…

Next post in Cybercrime