Security News > 2020 > January

A large-scale spam campaign bent on spreading info-stealing malware is applying advanced obfuscation techniques to get around security scanning and maximize infection rates. The effort is linked to another recent spam campaign identified by Cisco Talos, Lastline said.

Cybercrime group Evil Corp is back in action after a short hiatus, with a technique in its arsenal not previously used by the group to distribute malware. Previously, Evil Corp would distribute malware without HTML redirects, merely using malicious attachments or malicious URLs - which are more easily detected by defensive tools - in emails.

Five-year old data from the site's breach is at the center of a new cryptocurrency ransom campaign, and it may be the beginning of a new trend. According to email security vendor Vade, a new wave of emails attempting to extort money from Ashley Madison victims has appeared, and it's something they haven't seen before.

Friedman cultivated "a special relationship" with Crypto AG founder Boris Haglin, which resulted in Crypto AG being just about the only commercial crypto equipment supplier in the world. Crypto AG could supply the fully crypto secure algorithm electromechanics to customers, but leave off some or all of the filtering or reclocking circuits that stopped "Side channel" based key leakage to the telegraph lines and other still classified tecniques not to disimilar to the "Infinity device".

On Sept. 11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on $100,000 bail. Gary DeMercurio, 43 of Seattle, and Justin Wynn, 29 of Naples, Fla., are both professional penetration testers employed by Coalfire Labs, a security firm based in Westminster, Colo. Iowa's State Court Administration had hired the company to test the security of its judicial buildings.

Researchers at Intezer uncovered the campaign after detecting a malicious file in January, purporting to be an employee satisfaction survey for Westat employees and customers. "The technical analysis of the new malware variants reveals this Iranian government-backed group has invested substantial efforts into upgrading its toolset in an attempt to evade future detection."

Criminal charges have been dropped against two infosec professionals who were arrested during a sanctioned physical penetration test gone wrong. On Thursday, the Des Moines Register - no relation - reported that a judge in Dallas County, Iowa, formally dismissed the third-degree burglary and possession of burglary tools allegations against Coalfire employees Gary DeMercurio and Justin Wynn.

As health data privacy concerns heat up to a boiling point on multiple fronts, it's more essential than ever that patients get a clear opportunity to make a choice about whether their data is shared, says privacy advocate Twila Brase, who heads the Citizens' Council for Health Freedom. Federal regulators - to carry out a 21st Century Cures Act goal to drive medical innovation and improve patient care - are proposing standards that promote the use of application programming interfaces and consumer health apps to give patients access to their own health data from electronic health records.

From a FOIA request, over a hundred old NSA security awareness posters. Back in 1993, during the first Crypto Wars, I and a handful of other academic cryptographers visited the NSA for some meeting or another.

Well, if you do use OpenSMTPD, you need to make sure you're not vulnerable to a recently-disclosed bug that could let a crook take over your server simply by sending an email containing evil commands. OpenSMTPD allows you to specify a command that it will use to handle the mail that it receives, whether that's email coming in from outside or messages that you're queuing up for delivering to other servers.