All in Cybersecurity News
Malware: A malicious app that supposedly tracks Coronavirus victims, is actually demanding ransom payment from Android users. via @gcluley
Cyberattack: Cyberattack Hits U.S. Health Agency Amid COVID-19 Outbreak
More Patches: Adobe Releases Critical Patches for Acrobat Reader, Photoshop, Bridge, ColdFusion -
Botnet: Zxyel Flaw Powers New Mirai IoT Botnet Strain -
Credit Card Skimming: NutriBullet and others caught in online credit card skimming attack!
Data [Re]Breach
Tech companies Helping businesses and schools stay connected in response to Coronavirus
FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts
Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed…Then patched
Comcast Publishes info about customers who pay to have their info private
An employee of Shark Tank star Barbara Corcoran thought it was a routine wire transfer. The email request did not look unusual, and the amount of the transfer did not raise suspicion. But it was a clever scam, and nearly $400,000 was deposited into the bank account of a phishing scammer. Corcoran, who is well known as one of the “sharks” on ABC’s TV show, Shark Tank, shared details of a cybersecurity breach at her company with ABC News.
"This morning I wired $388,000 into a false bank account…
LastPass has released its third annual Global Password Security Report where they analyzed over 47,000 businesses to share interesting and helpful insights into employee password behavior at businesses around the world. The report is free but you will have to give up some contact information to download it.
The key takeaways are:
Businesses still have a lot of work to do in the area of password and authentication security.
Businesses are increasing their use of multi-factor authentication (MFA) but employees still have poor password hygiene.
As I am sure you have heard, the FBI is recommending that anyone with a home router or small office router, reboot them. If you are not familiar with this FBI recommendation, then there are a few links at the end, to get you up to speed.
The reason for the FBI's reboot recommendation is that a piece of malware, named VPNFilter, has infected hundreds of thousands of routers all across the Internet. Rebooting an infected router forces the malware to reload which will initiate an attempted connection to malware command and control (C&C) servers. The FBI has already taken control over some, if not all of the C&C servers so the reloading of the malware will do two things.
In April 2014, a critical flaw in OpenSSL. CVE-2014-0160. Exposed passwords, session tokens, and even private encryption keys from vulnerable servers worldwide. Here’s what Heartbleed is, how it works, and what you should do right now.