Cybersecurity

National Cyber Awareness System #StopRansomware: Cuba Ransomware CISA Releases Three Industrial Control Systems Advisories CISA Releases Seven Industrial Control Systems Advisories CISA Adds Two Known Exploited Vulnerabilities to Catalog Mozilla Security Advisories Security Vulnerabilities fixed in Thunderbird 102.5.1 mfsa2022-50 Ubuntu Security Notices USN-5755-2: Linux kernel vulnerabilities USN-5756-2: Linux kernel (GKE) vulnerabilities USN-5758-1: Linux kernel vulnerabilities …

Please be aware that due to a certificate rotation on our main website and audio distribution server, our podcast’s Spotify feed is currently down and won’t show any new episodes. Until this issue is resolved on Spotify’s side, you can subscribe via the RSS feed above or via any other podcatcher to get new episodes. …

Platform certificates from major Android vendors and software makers have leaked and were used to sign malware, the Android Security Team discovered last month. Platform certificates are digital certificates used by Android OEMs and ODMs to sign versions of the Android OS they deploy on their devices, their firmware, and official vendor apps they might …

Updated on 2022-12-04: Researchers find bugs allowing access, remote control of cars Not a great week for car makers. @samwcyo and team discovered two sets of flaws — one affecting Hyundai and Genesis cars and another affecting Honda, Nissan, Infiniti and Acura vehicles. The bugs allow remote access and control over thousands of cars made …

Updated on 2022-12-04: Researcher says Eufy cameras aren’t as local-only as it claims Anker’s Eufy smart home cameras promise that they’ll store your data locally. Your video footage “never leaves the safety of your home,” and is only transmitted to your phone via end-to-end encryption, with no way for Eufy to access the data. Except, …

Updated on 2022-12-04 U.K. water supplier hacked: Not a great week for the 1.7 million customers of South Staffs Water and Cambridge Water in the U.K., whose parent company has confirmed a breach of customer bank details — though it’s not saying how many customers are actually affected (assume the worst). The water supplier is …

Updated on 2022-12-01: Vatican DDoS The official website of the Vatican went offline on Wednesday following a DDoS attack carried out by pro-Russian hacktivists. As CNA points out, the attack came a day after Moscow criticized Pope Francis’s latest condemnation of Russia’s invasion of Ukraine. Read more: The Vatican says it’s been hacked — again …

Updated on 2022-12-01: TrustCor removed from Mozilla root store Mozilla’s security team has decided to remove the TrustCor certificate authority from the Firefox root store, a system that controls which certificates are trusted by the Firefox browser. The decision comes after a group of academics found ties between the Panamanian company and companies from the …

Updated on 2022-12-01: Predatory lending apps Mobile security firm Lookout found 251 Android and 35 iOS lending apps that engaged in predatory and abusive behavior toward their users. The apps offered users loans but, in return, requested access to excessive permissions and personal user information, such as contacts, local files, and SMS messages. The apps …

Updated on 2022-12-01 There’s also a new ransomware strain in town, and its name is Trigona. Read more: Trigona ransomware spotted in increasing attacks worldwide Overview A previously unidentified ransomware has reemerged as the new Trigona ransomware and launched a new Tor site to accept ransom payments in Monero. Read more: Trigona ransomware spotted in …

Updated on 2022-12-01 Schoolyard Bully Mobile security firm Zimperium said it discovered a new Android trojan named Schoolyard Bully that has been active since 2018. Disguised as educational apps in both the Google Play Store and other third-party app stores, this malware has been downloaded more than 300,000 times across 71 countries. Zimperium says the …

Updated on 2022-12-02 North Korea-linked APT37, aka ScarCruft, was found leveraging a previously undocumented backdoor, named Dolphin, against South Korean entities. Read more: Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin Updated on 2022-12-01: ScarCruft’s Dolphin ESET has put out a report on Dolphin, a new backdoor they spotted in attacks carried out by …

Updated on 2022-12-01: e-Tugra vulnerabilities Security researcher Ian Carroll has disclosed a series of misconfigurations in the infrastructure of e-Tugra, a Turkey-based certificate authority. Carroll said the misconfigured infrastructure allowed them to get access to backend systems controlling the CA’s systems and even to massive troves of highly-sensitive customer data. Read more: Security concerns with …

A UK high court judge has ordered half a dozen cryptocurrency exchanges to divulge the identities of account holders allegedly linked to a 2020 cryptocurrency heist. The incident involved the theft of what was worth at the time $10.7 million in digital assets. In his ruling, High Court Justice Christopher Butcher said the exchanges must …

The US Cybersecurity and Infrastructure Security Agency (CISA) has added an unspecified vulnerability in Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) catalog. The flaw affects Oracle Fusion Middleware Access Manager and “allows an unauthenticated attacker with network access via HTTP to take over the Access Manager product.” CISA has specified a mitigation due …