Cybersecurity News & Analysis | SC Media | Info Security News

Security News

Locky TrickBot geography

Trickbot variant using fake shipping info in the wild

A new Trickbot variant has appeared on Trend Micro’s radar that uses a URL redirect in a spam email as a tactic to sidestep spam filters set to block the malware. The spam email is well-constructed and legitimate appearing with content that indicates a processed order is ready for shipping and includes a shipping number…

Breach of Stack Overflow’s production systems exposes data on roughly 250 users

An unauthorized party accessed Stack Overflow’s production systems earlier this month and executed privileged web requests that exposed information on roughly 250 public network users, the Q&A website for programmers announced last Friday. Stack Overflow Vice President of Engineering Mary Ferguson said in a May 17 blog post that the intruder exploited a bug in…

ACLU backs Calif. legislation to curb facial recognition tech with body cams

Just days after San Francisco became the first city to ban the use of facial recognition technology by law enforcement and government agencies, a coalition led by the ACLU of California is backing a bill that would “prevent the use of face surveillance and other biometric surveillance technology with police body cameras and similar devices”…

AppSec attack and defense: The password domino effect

The discourse around application security makes for a complex discussion. Experts seldom reach agreement in defining the best strategy in the face of the myriad of threats that individuals and organizations face. That said, one truth is held unanimously: There is no “silver bullet.” In other words, no security solution can compensate for the inherent…

Donald Trump

Hackers add bogus scores to Trump’s U.S. Golf Association account

Hackers accessed President Trump’s U.S. Golf Association account and added four fake golf scores for games allegedly played at two courses. After being alerted to media reports, “as we dug into the data it appears someone has erroneously posted a number of scores on behalf of the GHIN user,” Golfweek cited Craig Annis, the managing…

robot_1276011

UNESCO gives gender equality recommendations for AI

UNESCO produced in collaboration with EQUALS Skills Coalition listed a set of recommendations designed to promote gender equality and eliminate stereotypes in AI applications. The new publication advises companies and governments to end the practice of making digital assistants female by default, explore the feasibility of developing a gender neutral “machine gender” voice assistants and…

Slack logo

Slack patches flaw that could allow attackers to hijack downloaded documents

The developers of the work collaboration app Slack have issued a security update for its desktop client following the discovery of a medium-severity download hijack vulnerability that could let attackers modify the location where downloaded files are stored. Malicious actors could exploit the flaw to steal and spy on users’ documents by uploading them to…

New Jersey amends data breach law, expanding definition of personal info

New Jersey last week officially passed Bill S-52, which amends its previous data breach notification law. Governor Phil Murphy signed the bipartisan legislation into law on May 10, after the bill sailed through the state’s General Assembly and Senate last February. The new law expands the definition of what constitutes personal information that, if exposed in…

Next post in Data Breach