News – July 2020


  • European court strikes down EU-US Privacy Shield user data exchange agreement as invalid

    July 16, 2020

    A crucial mechanism for transferring EU citizen data between the United States and Europe has been ruled as invalid in what could be a major blow to thousands of companies. Known as the EU-US Data Privacy Shield, the pact was designed for the exchange of data across country borders with high and legally-enforced data protection standards, ...

  • Caught in the Crossfire: Defending Devices From Battling Botnets

    July 15, 2020

    Strength in numbers is the main principle behind botnets, networks of devices that have been infected and turned into bots to be used in performing attacks and other malicious activities. With the dawn of the internet of things (IoT), botnet developers have found a new domain to conquer, but there they must compete with one ...

  • The Tetrade: Brazilian banking malware goes global

    July 14, 2020

    Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the world’s busiest and most creative perpetrators of cybercrime. Like their counterparts’ in China and Russia, their cyberattacks have a strong local flavor, and for a long time, they limited their attacks ...

  • Second Catalan politician says phone was targeted by spyware

    July 14, 2020

    A second prominent member of Catalan’s pro-independence movement has revealed he was warned that his mobile phone was targeted using spyware. The development is likely to bolster calls for an investigation into the possible use of hacking technology by Spanish authorities. Ernest Maragall, an MP in the regional parliament and a former member of the European parliament ...

  • RECON bug lets hackers create admin accounts on SAP servers

    July 14, 2020

    Business giant SAP released a patch today for a major vulnerability that impacts the vast majority of its customers. The bug, codenamed RECON, exposes companies to easy hacks, according to cloud security firm Onapsis, who discovered the vulnerability earlier this year, in May, and reported it to SAP to have it patched. Onapsis says RECON allows malicious ...

  • Huawei 5G ban: UK networks must strip out equipment by 2027

    July 14, 2020

    UK mobile networks have been told they cannot buy any more 5G equipment from Huawei after the end of this year, and that they must remove the Chinese networking company’s technology from their 5G networks by the end of 2027. Culture secretary Oliver Dowden said: “Following US sanctions against Huawei and updated technical advice from our ...

  • Critical DNS Bug Opens Windows Servers to Infrastructure Hijacking

    July 14, 2020

    A critical Microsoft Windows Server bug opens company networks to hackers, allowing them to potentially seize control of IT infrastructures. Microsoft issued a patch for the bug on Tuesday as part of its July Patch Tuesday roundup. It turns out that the bug is 17 years old. Impacted are Windows Server versions from 2003-2019. The bug, ...

  • Infrastructure as Code: Security Risks and How to Avoid Them

    July 14, 2020

    The ever-increasing demands on IT infrastructures and the rise of continuous integration and continuous deployment (CI/CD) pipelines have pushed the need for consistent and scalable automation. This is where infrastructure as code (IaC) comes into play. IaC is the provisioning, configuring, and management of infrastructure through formatted, machine-readable files. Instead of manually setting up on-premises and cloud ...

  • Hacker breaches security firm in act of revenge

    July 13, 2020

    A hacker claims to have breached the backend servers belonging to a US cyber-security firm and stolen information from the company’s “data leak detection” service. The hacker says the stolen data includes more than 8,200 databases containing the information of billions of users that leaked from other companies during past security breaches. The databases have been collected inside DataViper, a ...

  • UK cyber security agency creates tool to test what would happen if you were hit by cyber attack while working from home

    July 13, 2020

    The UK’s official cyber security agency have created a tool to practise being cyber attacked. It has been launched as people continue to work from home in an attempt to stop the spread of coronavirus, often doing so over personal internet connections and computers. The tool allows people to test their defences by roleplaying the experience of ...

  • Israel court rejects calls to revoke NSO Group’s spy software export licence

    July 13, 2020

    A court in Tel Aviv has rejected a ruling to order Israel to revoke the export license of the NSO Group, the country’s largest surveillance company, whose software has reportedly been used by governments to spy on dissidents and human rights activists. Judge Rachel Lavi Barkai ruled that Amnesty International and 30 human rights activists, who ...

  • Cyber experts urge Australia to develop local capability to defend against hackers

    July 12, 2020

    Cyber experts have urged the federal government to become less reliant on overseas businesses, technologies and expertise for its defences against hackers as it puts the finishing touches on the nation’s new cyber security strategy. Foreign providers are responsible for most of the cyber security products and services in Australia, with no local companies among the ...

  • Zoom Zero-Day Allows RCE, Patch on the Way

    July 10, 2020

    A newly discovered bug in the Zoom Client for Windows could allow remote code-execution, according to researchers at 0patch, which disclosed the existence of the flaw on Thursday after pioneering a proof-of-concept exploit for it. The issue was confirmed for Threatpost by a Zoom spokesperson. The 0patch team said that the vulnerability is present in any ...

  • Microsoft Warns on OAuth Attacks Against Cloud App Users

    July 9, 2020

    Against the backdrop of widespread remote working and the increased use of collaboration apps, attackers are ramping up application-based attacks that exploit OAuth 2.0, Microsoft is warning. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services without entering a password — using signed-in status on another, ...

  • Evilnum hackers use the same malware supplier as FIN6, Cobalt

    July 9, 2020

    Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters to big fintech threat actors. The group has been active since at least 2018 and focuses on companies from the financial technology sector that offer trading and investment platforms. Its targets are ...

  • Conti ransomware uses 32 simultaneous CPU threads for blazing-fast encryption

    July 9, 2020

    A lesser-known ransomware strain known as Conti is using up to 32 simultaneous CPU threads to encrypt files on infected computers for blazing-fast encryption speeds, security researchers from Carbon Black said in a report on Wednesday. Conti is just the latest in a long string of ransomware strains that have been spotted this year. Just like ...

  • More pre-installed malware has been found in budget US smartphones

    July 9, 2020

    Pre-installed malware has been discovered on another budget handset connected to Assurance Wireless by Virgin Mobile. Back in January, cybersecurity researchers from Malwarebytes discovered unremovable malware bundled with the Android operating systems on the Unimax (UMX) U686CL, a low-end handset sold by Assurance Wireless as part of the Lifeline Assistance program, a 1985 US initiative which subsidizes telephone services for ...

  • Security funding soars despite Covid-19 slump, but problems lie ahead

    July 8, 2020

    The overall cyber security funding ecosystem in the UK is healthier than ever despite Covid-19, but the figures mask stark and concerning disparities in where the money is going Almost £500m has been invested in British cyber security startups in 2020 in spite of the economic slump caused by the Covid-19 coronavirus pandemic, with the investment well on track ...

  • New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173

    July 8, 2020

    Researchers at Trend Micro discovered a new Mirai variant (detected as  IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 routers which we have not observed exploited by past Mirai variants. This discovery is a new addition to the Mirai variants that appeared in the past few months, that include SORA, UNSTABLE, and Mukashi. The case, ...

  • 15 Billion Credentials Currently Up for Grabs on Hacker Forums

    July 8, 2020

    Fifteen billion usernames and passwords for a range of internet services are currently for sale on underground forums – shedding light on the sheer scope of compromised credentials that are fueling account takeovers on the internet. A report released Wednesday — “From Exposure to Takeover” by the Digital Shadows Photon Research Team — found that 100,000 separate data ...