February 19, 2021

A privacy bug in the Brave Browser caused the leak of the Tor onion URL addresses visited in the Tor mode by the users. A bug in the Private Window with Tor implemented in the Brave web browser could reveal the onion sites visited by the users. The Tor mode implemented in the Brave web […]

The post Privacy bug in the Brave browser exposes Tor addresses to user’s DNS provider appeared first on Security Affairs.

Read More Privacy bug in the Brave browser exposes Tor addresses to user’s DNS provider

MassLogger Windows credential stealer infamous is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. MassLogger Windows credential stealer is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. Cisco Talos experts uncovered attacks against users in Turkey, Latvia, and Italy, the […]

The post New Masslogger Trojan variant exfiltrates user credentials appeared first on Security Affairs.

Read More New Masslogger Trojan variant exfiltrates user credentials

For most small businesses, the chances of falling prey to a long-term covert surveillance operation by well-resourced, likely state-backed actors are slim. To recap, that is what the evidence suggests happened in the SolarWinds compromise discovered last December. Many believe the company’s Orion update was used to conduct cyber espionage for months prior to being […]

The post Reducing the Time to Discovery: How to Determine if You Have Been Hacked appeared first on Webroot Blog.

Read More Reducing the Time to Discovery: How to Determine if You Have Been Hacked

Buzzwords and acronyms abound in the MSP industry, an unfortunate byproduct of marketing years in the making. Cybersecurity is a hot watercooler topic at any business. Well, now probably more likely a virtual happy hour than a watercooler, but nevertheless cybersecurity remains top-of-mind. To sleep at night, MSPs feel they must enhance or expand their […]

The post Fools Rush in: 5 Things MSPs Should Know Before Adopting EDR appeared first on Webroot Blog.

Read More Fools Rush in: 5 Things MSPs Should Know Before Adopting EDR

The leader of Mexico’s Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico’s top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the organized crime group by KrebsOnSecurity in 2015.

Read More Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

Man allegedly organized teams of people in Canada and the US to launder millions of dollars obtained through ATM cash-out operations as well as a North Korean heist from a bank in Malta

The post U.S. Justice Department says Canadian to plead guilty to laundering money stolen by North Korean cyberattackers first appeared on IT World Canada.

Read More U.S. Justice Department says Canadian to plead guilty to laundering money stolen by North Korean cyberattackers

This podcast looks at a  proposed law by a Canadian Senator to prevent teens from accessing online porn, an FBI warning to home buyers and a look inside a cryptojacking scheme
The post Cyber Security Today – Stop teens from accessing online porn, FBI w…

Read More Cyber Security Today – Stop teens from accessing online porn, FBI warning to home buyers and inside a cryptojacking scheme

Apple launched its M1 chip and cybercriminals developed a malware sample specifically for it, the latest generation of Macs are their next targets. The popular security researcher Patrick Wardle discovered one of the first malware designed to target latest generation of Apple devices using the company M1 chip. The discovery suggests threat actors are tailoring […]

The post Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning appeared first on Security Affairs.

Read More Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning

This report is six months old, and I don’t know anything about the organization that produced it, but it has some alarming data about router security.

Conclusion: Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very old versions of Linux. Most devices are still powered with a 2.6 Linux kernel, which is no longer maintained for many years. This leads to a high number of critical and high severity CVEs affecting these devices.

Since Linux is the most used OS, exploit mitigation techniques could be enabled very easily. Anyhow, they are used quite rarely by most vendors except the NX feature…

Read More Router Security

The Canadian Revenue Agency says online accounts were locked because of an “external threat”, Facebook picks the nuclear option and bans news on its platform in Australia, and Uber takes down the UberCheats app.
The post Hashtag Trending, Feb. 19 – CRA…

Read More Hashtag Trending, Feb. 19 – CRA locks users’ online accounts; Facebook banks news in Australia; Uber takes down UberChats app

Hackers abuse Google Apps Script to steal credit cards, bypass CSP Attackers are abusing Google’s Apps Script business application development platform to steal payment card information from e-stores. Sansec researchers reported that threat actors are abusing Google’s Apps Script business application development platform to steal credit card data provided by customers of e-commerce websites. “Attackers use […]

The post Hackers steal credit card data abusing Google’s Apps Script appeared first on Security Affairs.

Read More Hackers steal credit card data abusing Google’s Apps Script

I seem to have spread myself across a whole heap of different things this week which is fine (it’s all stuff I love doing), but it has made for rather a “varied” video. I’m talking (somewhat vaguely) about the book I’m working on, how Facebook has nuked all news in

Read More Weekly Update 231