Cybersecurity News & Analysis | SC Media | Info Security News



Cozy Bear tracks: Phishing campaign looks like work of Russian APT group


Recently detected spear phishing activity suggests that the Russian APT group Cozy Bear may have emerged from its hibernation and become actively operative once more. Last last week, respected cybersecurity firms CrowdStrike and FireEye both issued warnings referencing a widespread phishing campaign targeting multiple industry sectors, while implementing the tactics, techniques and procedures of Cozy…

dirty cow

DirtyCOW is back in backdoor attack targeting Drupal Web Servers


Threat actors are using the DirtyCOW bug to exploit a backdoor in Drupal Web Servers. Impreva researcher Nadav Avital spotted the attack on Oct. 31 exploiting the Drupalgeddon2 and DirtyCOW, bugs as well as system misconfigurations to persistently infect vulnerable Drupal web servers and take over user machines, according to a Nov. 19 blog post. Researchers noted this…

Vision Direct breach exposes customers’ personal, financial data


Personal and financial data entered by customers who ordered or updated information on the website was compromised and stolen between November 3 to November 8, the London-based company warned in an updated online alert. The data compromised included “full name, billing address, email address, password, telephone number and payment card information, including card number,…

Samsung updates Smart TV privacy policy to clarify collection of user data

Study finds privacy concerns amidst Black Friday tech deals


Consumers may want to think twice before taking advantage of the Black Friday discounts offered on the latest Smart TVs after a recent study found 25 percent of Americans worry their conversations are being monitored through their smart TVs. The study was conducted by Propeller Insights on behalf of ExpressVPN  and surveyed 1,000 U.S. adults, finding that 29…

Make-A-Wish website compromised for cryptomining campaign


Not even the Make-A-Wish Foundation is off limits for some unscrupulous cybercriminals, as evidenced by a cryptojacking operation that compromised the charitable organization’s international website. Simon Kenin, security researcher at Trustwave, reported in a company blog post today that malicious actors injected a CoinImp browser-based cryptomining script that would harness the processing power of any…

Instagram flaw exposes user passwords


A security flaw in Instagram’s recently released “Download Your Data” tool could have exposed some user passwords, the company reportedly told users. The tool, revealed by Instagram right before the GDPR regulation went into effect, is designed to let users see and download the personal data that the social media platform had collected on them.…

Children’s smartwatches once again found vulnerable


China-based company MiSafe is once again making headlines with its unsecured products after a pen tester found that its child tracking smartwatches were found to be highly insecure. MiSafe previously made controversy after firm’s Mi-Cam baby monitors were found to be susceptible to unauthenticated access and hijacking of arbitrary baby monitors. Pen Test Partners researchers…

Privilege escalation bug patched in Accelerated Mobile Pages WordPress plug-in


A WordPress plug-in used to build faster-loading web pages was discovered to contain a privilege escalation vulnerability that allows unauthorized attackers to inject malicious HTML code into the main page. In a company blog post yesterday, researchers at WebARX disclosed the bug, which resides in the “MP for WP – Accelerated Mobile Pages” plug-in. The…

Change of stRATegy? Cybercrime group TA505 tests new tRAT malware


A newly discovered remote access trojan nicknamed tRAT has apparently attracted the interest of TA505, a cybercriminal group known for launching prolific banking malware and ransomware attacks. In a company blog post yesterday, researchers at Proofpoint reported observing  several phishing campaigns in September and October that attempted to infect victims with the malware. One of…

Federal agencies fall short on data breaches, GAO report says

GSA looks to issue new rules for gov’t contractor data breach reporting


The General Services Administration (GSA) has issued a proposal for new guidelines on data breaches disclosure that government contractors must follow and give the government access to their system in the event of a breach. The GSA proposal will amend the General Services Administration Acquisition Regulation (GSAR) requiring contractors to report any cyber incidents that…

Next post in Government/Defense