June 15, 2021

Following two different malware attacks that occurred in 2019 causing the breach of sensitive information of 2,400 Ministry of Defence (Mindef) and Singapore Armed Forces (SAF) employees, two companies have been fined $43,000 in total. ST Logistics and…

Read More Two Companies Have to Pay $43,000 Over Private Information Breaches Impacting SAF and Mindef Employees

A new variant of the Mirai botnet, tracked as Moobot, was spotted scanning the Internet for vulnerable Tenda routers. Researchers from AT&T Alien Lab have spotted a new variant of the Mirai botnet, tracked asu Moobot, which was scanning the Internet for the CVE-2020-10987 remote code-execution (RCE) issue in Tenda routers. The botnet was linked […]

The post Cyberium malware-hosting domain employed in multiple Mirai variants campaigns appeared first on Security Affairs.

Read More Cyberium malware-hosting domain employed in multiple Mirai variants campaigns

Japanese multinational conglomerate Fujifilm announced that it has restored operations following the recent ransomware attack. On June 4, the Japanese multinational conglomerate Fujifilm announced that it was hit by a ransomware attack and shut down its network in response to the incident. Around two weeks later the Japanese giant announced that it has restored operations following […]

The post Fujifilm restores operations after recent ransomware attack appeared first on Security Affairs.

Read More Fujifilm restores operations after recent ransomware attack

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. The news of the availability of the source […]

The post The source code of the Paradise Ransomware was leaked on XSS hacking forum appeared first on Security Affairs.

Read More The source code of the Paradise Ransomware was leaked on XSS hacking forum

Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire.

Based on preliminary reports published by the team of experts that New Hampshire engaged to examine an election discrepancy, it appears that a buildup of dust in the read heads of optical-scan voting machines (possibly over several years of use) can cause paper-fold lines in absentee ballots to be interpreted as votes… New Hampshire (and other states) may need to maintain the accuracy of their optical-scan voting machines by paying attention to three issues:…

Read More Andrew Appel on New Hampshire’s Election Audit

Reality Winner, a former NSA contractor who leaked classified documents to the press in 2017, has been released from prison to home confinement. Reality Winner is a former NSA intelligence contractor who leaked a classified hacking report to the press in 2017. The FBI arrested Reality Leigh Winner on 3rd June for leaking classified information to […]

The post Former NSA contractor Reality Winner who leaked gov report will be released on November appeared first on Security Affairs.

Read More Former NSA contractor Reality Winner who leaked gov report will be released on November

The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

Just how did a self-employed web site designer and mother of two come to work for one of the world’s most rapacious cybercriminal groups and then leave such an obvious trail of clues indicating her involvement with the gang? This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers.

Read More How Does One Get Hired by a Top Cybercrime Gang?

Instagram has addressed a new flaw that allowed anyone to access private accounts viewing archived posts and stories without having to follow them. Researcher Mayur Fartade has found a vulnerability in Instagram that allowed anyone to access private accounts, viewing archived posts and stories without having to follow them. The expert reported the flaw to […]

The post Instagram flaw allowed to see private, archived Posts/Stories of users without following them appeared first on Security Affairs.

Read More Instagram flaw allowed to see private, archived Posts/Stories of users without following them

Cisco unveils a host of hybrid cloud goodies, GoDaddy announces a bunch of upgrades and integrations, and Mississauga’s smart city’s ambitions take another step forward.

The post Coffee Briefing, June 15, 2021 – Cisco unveils hybrid cloud goodies; GoDaddy upgrades; Mississauga’s smart city update first appeared on IT World Canada.

Read More Coffee Briefing, June 15, 2021 – Cisco unveils hybrid cloud goodies; GoDaddy upgrades; Mississauga’s smart city update

The MASQ tool could be used by attackers to emulate device fingerprints thus allowing them to bypass fraud protection controls The Resecurity® HUNTER unit has identified a new tool available for sale in the Dark Web called MASQ, enabling bad actors to emulate device fingerprints thus allowing them to bypass fraud protection controls, including authentication mechanisms. One of the […]

The post Wear your MASQ! New Device Fingerprint Spoofing Tool Available in Dark Web appeared first on Security Affairs.

Read More Wear your MASQ! New Device Fingerprint Spoofing Tool Available in Dark Web