Category Archives: Latest Security News

Proposed Bill Would Strengthen California’s Data Breach Notification Law

A new bill would strengthen California’s data breach notification law by expanding the types of information of whose exposure businesses are legally obligated to inform their customers. On 21 February, California Attorney General Xavier Becerra and Assembly Member Marc Levine (D-San Rafael) revealed AB 1130. This bill would require businesses to notify customers of a […]… Read More

The post Proposed Bill Would Strengthen California’s Data Breach Notification Law appeared first on The State of Security.

GitHub Ups the Rewards, Expands the Scope of Its Bug Bounty Program

Web-based hosting service GitHub has decided to increase both the potential reward amounts and scope of its bug bounty program. On 19 February, GitHub announced its decision to raise its reward amounts. Security researchers can now expect to earn a minimum of $617 for reporting a low-severity vulnerability in the service’s products. On the other […]… Read More

The post GitHub Ups the Rewards, Expands the Scope of Its Bug Bounty Program appeared first on The State of Security.

Separ Infostealer Using “Living off the Land” Tactics to Target Businesses

The Separ infostealer is using what’s known as “Living off the Land” tactics to target businesses as part of an ongoing attack campaign. Digital security company Deep Instinct detected the campaign and observed that an infection begins when an employee at a business organization receives a phishing email. The email comes with an attached PDF […]… Read More

The post Separ Infostealer Using “Living off the Land” Tactics to Target Businesses appeared first on The State of Security.

Decryptor Now Available for Files Affected by GandCrab Ransomware v5.1

Researchers have released an updated decryptor that allows victims of GandCrab ransomware version 5.1 to recover their affected files for free. On 19 February, Bitdefender announced that they had developed the decryptor in collaboration with the Romanian police, Europol and other law enforcement entities. This new utility builds upon the work of two previous tools […]… Read More

The post Decryptor Now Available for Files Affected by GandCrab Ransomware v5.1 appeared first on The State of Security.

DataCamp Implements Partial Password Reset After Data Security Incident

Online data science learning platform DataCamp implemented a password reset for some of its users potentially affected by a data security incident. According to a statement published on its website, DataCamp discovered on 11 February 2019 that a third party had gained unauthorized access to its systems. In the process, the intruders might have exposed […]… Read More

The post DataCamp Implements Partial Password Reset After Data Security Incident appeared first on The State of Security.

High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts

Often claimed as a worst-case scenario, a container breakout vulnerability has been discovered in RunC, the universal container runtime used by Docker, Kubernetes and other containerization systems. Further research has discovered that a similar version of the same vulnerability affects the LXC and Apache Mesos packages. Identified as CVE-2019-5736, this vulnerability grants root access to […]… Read More

The post High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts appeared first on The State of Security.

Dunkin’ Says Credential Stuffing Attacks Targeted DD Perks Accounts

Dunkin’ Brands Inc. (“Dunkin'”) said that bad actors recently used credential stuffing attacks to target some DD Perks accounts. Kari McHugh, senior director of customer relations at Dunkin’, wrote in a sample letter sent to the Office of the Vermont Attorney General that the company detected a wave of credential stuffing attacks near the beginning […]… Read More

The post Dunkin’ Says Credential Stuffing Attacks Targeted DD Perks Accounts appeared first on The State of Security.

U.S. Senators Concerned by Government Employees’ Use of Foreign VPNs

Two U.S. Senators expressed their concern that federal government employees could be undermining the United States’ national security by using VPNs made by foreign companies. In a letter dated 7 February 2019, U.S. Senators Marco Rubio (R-FL) and Ron Wyden (D-OR) brought up the issue of VPN usage in the federal government to Christopher Krebs, […]… Read More

The post U.S. Senators Concerned by Government Employees’ Use of Foreign VPNs appeared first on The State of Security.

Australia Investigating Digital Attack Attempt against Federal Parliament

Australia’s security agencies have launched an investigation into a digital attack attempt against the country’s Federal Parliament. Sources told the Australian Broadcasting Company that security personnel caught digital attackers in the early stages of breaking into the Federal Parliament’s computer network. It’s unclear whether bad actors stole any information. As a precaution, authorities reset lawmakers’ […]… Read More

The post Australia Investigating Digital Attack Attempt against Federal Parliament appeared first on The State of Security.

Phishers Leveraging Google Translate to Target Google and Facebook Users

Phishers are leveraging Google Translate in their attempts to steal the login credentials for users’ Google and Facebook accounts. Larry Cashdollar, a member of Akamai’s Security Intelligence Response Team (SIRT), received an email in early 2019 informing him that someone had accessed his Google account from a new Windows device. On his phone, the email […]… Read More

The post Phishers Leveraging Google Translate to Target Google and Facebook Users appeared first on The State of Security.

Software Vulnerabilities Used by 200 VT Towns Left Employees’ SSNs Exposed

Vulnerabilities in software used by 200 Vermont municipalities left town employees’ Social Security Numbers and other information exposed. Brett Johnson, owner of IT company simpleroute, discovered the flaws after two Vermont towns hired him to do some work for them back in 2017. According to a report in which he wrote about the weaknesses, Johnson […]… Read More

The post Software Vulnerabilities Used by 200 VT Towns Left Employees’ SSNs Exposed appeared first on The State of Security.

Scammers Threatening YouTube Content Creators with Channel Suspension

Scammers are now using the threat of channel suspension to coerce YouTube content creators into meeting their demands and sending over money. These digital attackers are specifically targeting YouTube’s policy infringement system through which users can report a video that they feel violates the video-sharing website’s policies for acceptable content. When it receives such a […]… Read More

The post Scammers Threatening YouTube Content Creators with Channel Suspension appeared first on The State of Security.

Houzz Says Security Incident Might Have Exposed User Data

Home design website and community Houzz revealed that a security incident might have exposed some users’ personal and account data. On 1 February, Houzz published a security update explaining that it detected the security event in late December 2018. The company didn’t provide exact details about how it learned of the incident. It simply stated […]… Read More

The post Houzz Says Security Incident Might Have Exposed User Data appeared first on The State of Security.

Airbus Reveals It Suffered a Digital Security Incident

European aerospace corporation Airbus SE has revealed that a digital security incident recently affected some of its computer systems. In a press release published on 30 January, Airbus confirmed that its “Commercial Aircraft business” information systems suffered a security incident. The corporation said that the event did not affect Airbus’ commercial operations. But it clarified […]… Read More

The post Airbus Reveals It Suffered a Digital Security Incident appeared first on The State of Security.

Judge Denies Approval of $50M Settlement to Yahoo Data Breach Lawsuit

A federal judge has denied the approval of a proposed $50 million settlement to a class action lawsuit over a data breach at Yahoo. On 28 January, Judge Lucy Koh rejected the settlement in a order submitted to the San Jose division of the U.S. District Court in the Northern District of California. The settlement, […]… Read More

The post Judge Denies Approval of $50M Settlement to Yahoo Data Breach Lawsuit appeared first on The State of Security.

Untold Number of Discover Card Account Holders Notified of Data Breach

An undisclosed number of Discover card account holders have learned of a data breach that might have compromised their account information. According to Bleeping Computer, Discover Financial Services first learned of the security incident on 13 August 2018. The American financial services company subsequently filed data breach notices with the California Attorney General’s office on […]… Read More

The post Untold Number of Discover Card Account Holders Notified of Data Breach appeared first on The State of Security.

Video-Sharing Platform Targeted by Credential Stuffing Attacks

Bad actors have targeted a video-sharing technology platform with credential stuffing attacks in order to hijack users’ accounts. On 25 January, Dailymotion published a statement on its website in which it announced that it had been the subject of “a large-scale computer attack.” After discovering the digital offensive, Dailymotion’s technical teams implemented various security measures […]… Read More

The post Video-Sharing Platform Targeted by Credential Stuffing Attacks appeared first on The State of Security.

Malspam Campaign Targeting Russian Speakers with Redaman Malware

An ongoing malicious spam campaign is currently targeting Russian-speaking users with samples of the Redaman banking malware. Since at least September 2018, the malspam campaign has been sending out malicious spam emails written in Russian to users who mostly have email addresses ending in “.ru.” The emails use various subject lines, message content and attachment […]… Read More

The post Malspam Campaign Targeting Russian Speakers with Redaman Malware appeared first on The State of Security.

Malvertising Campaign Used Steganography to Distribute Shlayer Trojan

A short-lived malvertising campaign leveraged a steganography-based payload to target Mac users with the Shlayer trojan. Named for its use of veryield-malyst[dot]com as one of its ad-serving domains, the “VeryMal” threat actor conducted its malvertising campaign between 11 January 2019 and 13 January 2019. That’s not a long time period to remain active. But the […]… Read More

The post Malvertising Campaign Used Steganography to Distribute Shlayer Trojan appeared first on The State of Security.

DHS Issues Emergency Directive on DNS Infrastructure Tampering

The Department of Homeland Security (DHS) has issued an emergency directive that requires federal agencies to mitigate the threat of Domain Name System (DNS) infrastructure tampering. In “Emergency Directive 19-01,” DHS explains that it’s been working with the Cybersecurity and Infrastructure Security Agency (CISA) to track a campaign of DNS infrastructure tampering. A hijack in […]… Read More

The post DHS Issues Emergency Directive on DNS Infrastructure Tampering appeared first on The State of Security.

Adware Installers Disguised as Cracks Installing STOP Ransomware

STOP ransomware is using adware installers disguised as cracks as a new method of distributing itself to unsuspecting users. According to Bleeping Computer creator and owner Lawrence Abrams, websites known for distributing software cracks, or software which has been modified to remove or disable certain features, commonly use adware bundles to generate revenue. These bundles […]… Read More

The post Adware Installers Disguised as Cracks Installing STOP Ransomware appeared first on The State of Security.

New Phobos Ransomware Using Same Ransom Note as Dharma

A new strain of ransomware known as “Phobos” is using the same ransom note employed by Dharma to demand payment from its victims. Ransomware incident response provider Coveware found that Phobos’ ransom message differs from Dharma’s only in the branding used for its header and footer. Otherwise, the notes are exactly the same. Both crypto-malware […]… Read More

The post New Phobos Ransomware Using Same Ransom Note as Dharma appeared first on The State of Security.

Microsoft Announces Azure DevOps Bug Bounty Program

The Microsoft Security Response Center (MSRC) has announced the creation of a bug bounty program for Azure DevOps services. On 17 January, MSRC said it would begin awarding bounties of up to $20,000 for reports on eligible vulnerabilities affecting Azure DevOps, a cloud service which helps developers collaborate on code across the entire development lifecycle. […]… Read More

The post Microsoft Announces Azure DevOps Bug Bounty Program appeared first on The State of Security.

Nearly 800 Million Email Addresses Exposed in “Collection #1” Data Breach

A data breach known as “Collection #1” exposed approximately 800 million email addresses as well as tens of millions of passwords. In the beginning of January, multiple people reached out to Australian web security expert Troy Hunt about a sizable collection of files hosted on cloud service MEGA. This collection, which is no longer available […]… Read More

The post Nearly 800 Million Email Addresses Exposed in “Collection #1” Data Breach appeared first on The State of Security.

Two Ukrainians Charged with Plot to Hack into SEC and Commit Fraud

The U.S. Department of Justice (DOJ) has charged two Ukrainians with participating in a plot to hack into computers systems at the U.S. Securities and Exchange Commission (SEC) and use the information they stole to commit fraud. On 15 January, the U.S. Attorney’s Office for the District of New Jersey announced a 16-count indictment charging […]… Read More

The post Two Ukrainians Charged with Plot to Hack into SEC and Commit Fraud appeared first on The State of Security.

Del Rio City Hall Disables Internet Connection for All Departments after Ransomware Attack

Officials in the City of Del Rio have disabled the internet connection for all departments at City Hall following a ransomware attack. The City of Del Rio, which is located 152 miles west of San Antonio in Val Verde County, Texas, posted a statement to its website disclosing the attack. Its statement mainly offers insight […]… Read More

The post Del Rio City Hall Disables Internet Connection for All Departments after Ransomware Attack appeared first on The State of Security.

Mozilla Announces It Will Disable Support for Flash Plugin in Firefox 69

Mozilla has announced that it will disable support for the Adobe Flash Player plugin by default in version 69 of its Firefox web browser. On 11 January, Mozilla senior software engineer Jim Mathies opened a Bugzilla ticket announcing his employer’s plan to “disable Flash by default in Nightly 69 and let that roll out.” That’s […]… Read More

The post Mozilla Announces It Will Disable Support for Flash Plugin in Firefox 69 appeared first on The State of Security.

Free Decryption Tool Created for PyLocky Ransomware Family

A researcher has created a free decryption tool which victims of the PyLocky ransomware family can use to recover their affected files. Mike Bautista, a security researcher at the Cisco Talos Intelligence Group, is responsible for developing the tool. Cisco Talos has made this utility freely available for download on GitHub. First reported on by […]… Read More

The post Free Decryption Tool Created for PyLocky Ransomware Family appeared first on The State of Security.

Neiman Marcus to Pay $1.5 Million under Data Breach Settlement

Neiman Marcus Group, Inc. has agreed to pay $1.5 million as part of a settlement for an earlier data breach that exposed customers’ information. Ken Paxton, Attorney General of Texas, announced on 8 January that he and his fellow Attorneys General from 42 other states will enter into the $1.5 million settlement with Neiman Marcus. […]… Read More

The post Neiman Marcus to Pay $1.5 Million under Data Breach Settlement appeared first on The State of Security.

Humana Informs Customers of Third-Party Security Incident

Humana has notified customers of a third-party security incident that might have exposed some of their personal information. According to a breach notification letter obtained by DataBreaches.net, the for-profit American health insurance company learned on 25 October 2018 that bad actors had gained access to the system credentials of some employees at Bankers Life, one […]… Read More

The post Humana Informs Customers of Third-Party Security Incident appeared first on The State of Security.

Kitchen Utensil Manufacturer Discloses Data Breach of E-commerce Site

A manufacturer of kitchen utensils, office supplies and housewares disclosed a data breach of customer information submitted to its e-commerce website. OXO International Ltd confirmed on 17 December 2018 that digital attackers might have compromised the data submitted by customers to its e-commerce website. The manufacturer believes that those responsible for the security incident might […]… Read More

The post Kitchen Utensil Manufacturer Discloses Data Breach of E-commerce Site appeared first on The State of Security.

Alert Service Compromised to Send Out Spam Message

An unknown individual compromised an alert service and abused their access to send out a spam message to some of the service’s customers. The Australian Early Warning Network (EWN) alert service disclosed first in a Facebook post and later on its website that the compromise took place near the beginning of the year: At around […]… Read More

The post Alert Service Compromised to Send Out Spam Message appeared first on The State of Security.