Security News > 2020 > June

On June 16, authorities in Michigan arrested 29-year-old Justin Sean Johnson in connection with a 43-count indictment on charges of conspiracy, wire fraud and aggravated identity theft. The stolen data also included federal form W-2 data that contained income tax and withholding information, records that prosecutors say Johnson sold on dark web marketplaces to identity thieves engaged in tax refund fraud and other financial crimes.

Google removed 106 Chrome browser extensions Thursday from its Chrome Web Store in response to a report that they were being used to siphon sensitive user data. The attackers used the Google Chrome browser extensions to not only steal data, but also to create persistent footholds on corporate networks.

Facebook on Thursday said it has started to report its privacy practices to a newly formed, independent Privacy Committee. As part of this, an independent, third-party assessor will also review Facebook's privacy practices and report on them to the Privacy Committee and the FTC, both quarterly and annually.

The Maze ransomware gang has screwed up by targeting a New York design and construction firm instead of the Canadian Standards Association it was intending to hit. Just like that, the New Yorkers got caught in the ransomware crossfire when the Maze gang began hunting for their next target.

"There is a lack of options for small and mid-size enterprises in need of higher limits for cyber insurance. When cyber coverage is delivered as an endorsement to broader policies, limits are too often too low to cover actual cyber incidents. Policyholders might also under evaluate expenses involved in the response and recovery post-breach. There is a need for greater education, insights and need for standalone products." One of the biggest problems in correctly aligning insurance cost with insurance coverage is the very nature of cyber insurance.

Technology services giant Cognizant has informed clients that the Maze ransomware attack it suffered in April 2020 resulted in personally identifiable and financial information being stolen. On April 20, the company discovered that cybercriminals had breached its network and that the Maze ransomware was used to encrypt data on internal systems.

A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts. A study of banking apps for iOS and Android has led researchers to conclude that "None of the tested mobile banking applications has an acceptable level of security."

Even Apple itself came to the anti-virus party back in 2009 when it introduced a rudimentary malware blocking tool called XProtect right into into OS X. Whether you called it malware or not, there have long been "Software actors" out there ready to go after Mac users in the same way that they've been going after Windows users for years. SophosLabs has just published a fascinating new report about an adware threat known as Bundlore that has Mac users very clearly in its sights.

In a blog post published Thursday, Check Point described the method in which attackers exploited one of Oxford University's mail servers to send the initial email, abused an Adobe Campaign redirection tool, and then used a Samsung domain to take users to a Microsoft Office 365-themed phishing website. Most of the emails observed came from multiple addresses that belonged to legitimate subdomains from different departments at the University of Oxford.

A new version of the IcedID banking trojan has debuted that notably embraces steganography - the practice of hiding code within images - in order to stealthily infect victims. "Previous versions of IcedID injected into svchost.exe and downloaded encrypted modules and config as.DAT files," according to a Thursday posting.