InfoSec News 20190711
Top News
-
Marriott faces £99.2 million fine after hack exposed 393 million hotel guest records
"The UK’s Information Commissioner’s Office (IOC) has announced its intention to fine the US hotel group Marriott International £99.2 million (US $123 million) for a data breach that exposed the personal details of hundreds of millions of guests."
TLP1 : Green
-
Did a hacked smart TV upload footage of couple having sofa sex to a porn website?
"Excuse me for being skeptical, but I read a rather peculiar story about a hacked smart TV this week."
TLP1 : Green
-
Europe should heed this wake-up call regarding 5G
"How times change. Not so long ago, the next big thing in telecommunications was 4G mobile networks, which promised massive data transfers and cheap voice calls."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
More than 2 million cyber incidents in 2018 created $45 billion in losses
"The financial impact of ransomware rose by 60%, losses from business email compromise (BEC) doubled, and cryptojacking incidents more than tripled, all despite the fact that overall breaches and exposed records were down in 2018, according to Internet Society’s Online Trust Alliance (OTA)."
TLP1 : Green
-
Cyber Security is One of the Most Important Strategic Discussions for Indian Banking Industry
"The present dispensation’s concentration on cyber security is helpful. Companies in India are grappling because of the developing number of untoward cyber attacks and their consequences. It is just when the companies, private or public, secure themselves that the nation will probably safeguard itself from this new type of warfare."
TLP1 : Green
-
Silent Mac update nukes dangerous webserver installed by Zoom
"Apple said it has pushed a silent macOS update that removes the undocumented webserver that was installed by the Zoom conferencing app for Mac"
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Big Banks Vulnerable to Web, Mobile Attacks
"Nearly all of the largest 100 banks are vulnerable to web and mobile attacks, which give hackers access to sensitive data, according to ImmuniWeb."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
CVE-2019-13489
"Trape through 2019-05-08 has SQL injection via the data[2] variable in core/db.py, as demonstrated by the /bs t parameter."
TLP1 : Green
-
CVE-2019-13488
"A cross-site scripting (XSS) vulnerability in static/js/trape.js in Trape through 2019-05-08 allows remote attackers to inject arbitrary web script or HTML via the country, query, or refer parameter to the /register URI, because the jQuery prepend() method is used."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Inside the NIST team working to make cybersecurity more user-friendly
"Cybersecurity is usually not a user’s primary duty, yet they suffer an increasing burden to respond to security warnings, maintain many complex passwords, and make security decisions for which they are not equipped."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Parents’ Guide for Safe YouTube and Internet Streaming for Kids
"You work hard to keep your kids safe from so many different dangers, but every day they are exposed to countless threats online."
TLP1 : Green
-
New FinFisher spyware used to spy on iOS and Android users in 20 countries
"Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices."
TLP1 : Green
-
New eCh0raix Ransomware Attacking Linux File Storage Servers
"A new ransomware strain dubbed eCh0raix targeting Linux based QNAP Network Attached Storage (NAS) devices. The ransomware intended to infect and encrypt the files using AES encryption."
TLP1 : Green
-
Agent Smith Android Malware Downloaded 25m+ Times
"Researchers are warning of a new Android malware campaign that has already compromised a staggering 25 million devices via a popular third-party app store."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.