Cybersecurity News & Analysis | SC Media | Info Security News

Security News

Former Cambridge Analytica exec cooperating with Mueller probe

By

A former Cambridge Analytica executive is cooperating with Special Counsel Robert Mueller’s investigation into collusion between the Trump campaign and Russian operatives. A spokesperson for the data analytics firm’s former business development director, Brittany Kaiser, said she was subpoenaed by Mueller, according to a report in the Guardian, and was also assisting in ongoing Congressional investigations. “This…

Australian flag

Australian PM says parliament, political party hacks work of state actor

By

Australian Prime Minister Scott Morrison said Monday that “a sophisticated state actor” was behind the hacks of parliament and the country’s political parties first reported February 8. “Our cyber experts believe that a sophisticated state actor is responsible for this malicious activity,” The Register cited Morrison as saying. “There are a limited number of countries but…

Gnosticplayers selling third round of databases on Dream Market

By

The hacker known as Gnosticplayers has placed a third set of databases up for sale on the Dream Market dark web marketplace. This round includes an additional eight databases with data from 92.76 million users, according to a report in ZDNet, with each database going for 2.6249 bitcoin or about $9,400. The report said the hacker claimed…

The road ahead in cyber

By

No matter how sharp or savvy, what prodigious prognosticator could have 30 years ago forecast the earth-shaking events that have brought cyber-attacks and cybersecurity center stage? While recent events certainly make it difficult to conjure what the next 30 years, or even the next 10, will have in store in cyber, long-time IT security experts—armed…

‘Old Phantom Crypter’ supplants older Microsoft Office exploit builder tools

By

Out with the old, in with the… Old Phantom Crypter, which despite its name is actually a new Microsoft Office exploit builder that’s been surpassing its predecessors in popularity among the cybercriminal community. Gabor Szappanos, principal malware researcher at SophosLabs, described the ascendance of Old Phantom yesterday in a company blog post, which links to…

Ransomware attackers exploit old plug-in flaw to infect MSPs and their clients

By

Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in…

Google Play announces 2019 malicious app crackdown

By

Google Play announced it will continue its crackdown on malicious apps into 2019 by focusing more on user privacy, developer integrity and harmful app contents and behavior. Google said it plans to introduce additional policies for device permissions and user data throughout the year, according to a Feb. 13 blog post. “In addition to identifying…

Coffee Meets Bagel daters credentials among 617M records for sale on Dream Market cyber-souk

By

Those looking for love on Coffee Meets Bagel before May 2018 may have gotten more exposure than they were bargaining for – the online dating site confirmed on Valentine’s Day that it had been breached and that daters’ personal information may have been “acquired by an unauthorized party.” “Receiving an email from a dating app…

Report describes Scarlet Widow romance cyber scam

A new report about a Nigeria-based cybercrime ring describes in detail how lonely targets are emotionally preyed upon and in some cases bilked of their life savings through romance scams. Citing data from the Better Business Bureau, Agari Cyber Intelligence Division (ACID) reports such scams have led to personal losses of nearly $1 billion in…

Mozilla Foundation issues Firefox updates

By

Mozilla Foundation has issued security advisories for several vulnerabilities in Firefox ESR 60.5.1 and Firefox 65.0.1. The updates patch a use-after-free in skia flaw, an integer overflow in Skia flaw, and a buffer overflow in Skia with accelerated Canvas 2D vulnerability in Firefox ESR 60.5.1, all of which are rated high. The buffer overflow flaw…

Next post in Security News