Security News > 2020 > April

Why cell phones can hold the key to tracking future cases of COVID-19 with artificial intelligence.

To amp up the threat, attackers are now doubling their extortion tactics by also threatening to release the sensitive information publicly unless the victims pay up. A report published Thursday by Check Point Research illustrates how these ransomware attacks work.

Zoom announced on Wednesday that it has teamed up with Katie Moussouris' company, Luta Security, to revamp its bug bounty program. Zoom announced on April 1 that it would be making significant changes to its bug bounty program, after experts raised concerns about Zoom security and researchers reported finding potentially serious vulnerabilities in the video conferencing service.

A massive television ad fraud campaign that abuses the programmatic advertising ecosystem for connected TV has successfully impersonated more than 2 million people in over 30 countries so far during its run, defrauding more than 300 different brands out of their ad dollars. The recently uncovered CTV operation - named ICEBUCKET by the researchers at White Ops that discovered it - was bent on tricking advertisers into thinking there were real people watching TV on the other side of the screen, when in reality, they were bots pretending to be real people watching TV. In other words, the sellers of the ad inventory were bot-herders; and, they received money in exchange for running the ads - but the ads didn't actually reach any human eyeballs.

Flaws target Zoom clients for the Windows and the MacOS operating system, according to a published report by Vice Motherboard. The Windows code could be a significant threat to Zoom users, according to experts quoted by Motherboard.

We discuss the biggest cybersecurity news stories of the week. New podcast episode out now!

The Pentagon's latest bug bounty challenge, Hack the Air Force 4.0, has resulted in the discovery of over 400 vulnerabilities and rewards totaling more than $290,000. As part of the fourth Hack the Air Force program, which ran between October 23 and November 20, 2019, participants were invited to find vulnerabilities in a pool of cloud servers and systems called the Air Force Virtual Data Center.

Syrian-linked hackers recently switched to COVID-19-themed lures as part of a long-running surveillance campaign, Lookout security researchers reveal. Supposedly active since January 2018, the campaign targets Arabic-speaking users with tens of Android applications, none of which is available in the official Google Play Store.

The Terbium team reckons that these guides, which help newbie crooks through the process of things like setting up bank fronts, crafting phishing emails and stealing money out of victim accounts, make up just under half of all data transactions on the store. "What they have in common is detailed information on how to export an organization's current policies," Terbium Labs said of the guides.

Swiss-based global shipping giant Mediterranean Shipping Company has confirmed that a recent outage was caused by a malware attack that affected its headquarters in Geneva. MSC informed customers on April 10 that its website, msc.com, and its myMSC customer and vendor portal had become unavailable due to a network outage at one of the company's data centers.