Cybersecurity News & Analysis | SC Media | Info Security News

Security News

Adversary harboring DopplePaymer ransomware targets industrial sector

A cyber adversary in possession of both ransomware and point-of-sale malware was recently found to have obtained “a deep level of access” to the infrastructures of at least two targets, including a U.S.-based aluminum and stainless steel gratings company, researchers have reported. Judging by the choice of targets, the actor has a particular interest in…

Patched bug allows beaming of malicious apps to NFC-enabled Android devices

Google last month patched an Android bug that could allow attackers to transfer a malicious application to a nearby NFC-enabled device via the Android Beam feature, bypassing security mechanisms in the process. The vulnerability was discovered in early 2019 by the research team at Nightwatch Cybersecurity, which late last month published a company blog post…

facebook

Facebook app developers told to delete group member info

For the last 18 months some of Facebook’s developers have had access to private user information contained within some of the social media site’s groups. The information was accessible through the Facebook Group’s API which allowed those developing apps for a group to see information such as names and profile pictures in connection with group…

Post-Brexit, EU, U.K. must join forces on cybersecurity, top negotiator says

The EU and U.K. must join forces after Brexit to fight cyberthreats, the European Commission’s top Brexit negotiator told attendees at the Web Summit in Lisbon. “Our new partnership should include the exchange of information on cyber incidents, attackers’ techniques, threat analysis and best practice, including when those target the correct functioning of democratic systems,”…

Steyer aide resigns after accessing volunteer data collected by Harris campaign

Presidential candidate Tom Steyer’s campaign said it doesn’t possess the volunteer voter data collected by Sen. Kamala Harris’s campaign that was lifted by Steyer aide Dwane Sims, who accessed the information via an account he had while working with the South Carolina Democratic Party. “We take this matter very seriously, and that is why we…

breaches hurt stocks

Traders exploit ‘infinite money cheat code’ bug on Robinhood Markets system

Traders are exploiting a glitch in the Robinhood Markets Inc. system – referred to as an “infinite money cheat code” by users in the WallStreetBets forum on Reddit – to excessively tap borrowed funds to trade stocks. The Robinhood Markets system lets traders borrow money from the company or trade on margin for a $5-per-month…

Ransomware attack delays government services in Nunavut, Canada

A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files. The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be…

Capesand EK attacking IE, Flash vulnerabilities

The new Capesand exploit kit, possibly derived from an older EK, has been found being used to take advantage of Internet Explorer and Adobe Flash vulnerabilities. Trend Micro’s Elliot Cao, Joseph C. Chen and William Gamazo Sanchez came across Capesand while tracking a campaign that was using the Rig EK to DarkRAT and njRAT malware.…

Next post in Mobile Security