Security News > 2020 > June

Dropbox has unveiled a range of new features aimed at making the storage site more of a one-stop shop for subscribers. On the security front, Dropbox is adding its own password manager.

BlackBerry has added a new feature to its endpoint detection and response platform Optics: An Intel-powered cryptojacking malware detection system. BlackBerry claims its cryptojacking EDR has "Virtually no processor impact" on Windows 10 systems that Optics runs on, allowing "Organizations [to] detect and mitigate cryptojacking with greater precision and consistent results across all types of workloads."

Threat intel researchers have uncovered a phishing and malware campaign that targeted "a large European aerospace company" and which was run by the same North Koreans behind the hack of Sony Pictures. While there are quite a few European aerospace firms, Slovakian infosec biz ESET was more concerned with the phishing 'n' malware campaign it detected on behalf of its unnamed client.

Senator Ron Wyden has raised concerns about the ability of U.S. intelligence agencies to protect what he describes as "Some of the nation's most sensitive secrets," and he has sent a letter to the director of national intelligence asking for information on plans to improve cybersecurity. Sen. Wyden sent the letter to Director of National Intelligence John Ratcliffe after obtaining an unclassified version of a 2017 report that analyzed the cybersecurity measures implemented by the CIA. The report was written after WikiLeaks started publishing information on many of the hacking tools created and used by the intelligence agency.

A week after the June 2020 Patch Tuesday, Adobe has plugged more critical security holes in some of its well known graphic design and video and audio editing software. The company has also announced that it will be adding the Protected Mode feature to the Windows version of Adobe Acrobat DC. The security updates.

The first week of June 2020 arrived with a massive 1.44 TBPS distributed denial of service attack, Akamai reveals. While typical DDoS attacks show geographically concentrated traffic, this assault was different, with the traffic being globally distributed.

The bank's master PIN key was stolen, forcing it to cancel and replace 12 million bank cards. The breach resulted from the printing of the bank's encrypted master key in plain, unencrypted digital language at the Postbank's old data centre in the Pretoria city centre.

Organizations in the aerospace and military sectors were compromised in a highly targeted cyber-espionage campaign that shows a possible link to North Korean hackers, ESET reveals. The threat actor behind these attacks remains unknown, but ESET believes it could be linked to the infamous North Korean state-sponsored group Lazarus, based on targeting, the use of fake LinkedIn accounts, development tools, and anti-analysis methods.

The apps were among a small haul of 38 beauty-themed apps the company detected from the same developer which were reported to Google for bombarding users with unwanted ads. As well as serving out of context ads at every opportunity, the apps also sent users to websites and made it difficult to de-install the apps using techniques such as hiding icons from the home screen and apps folder.

You can't say the same for the other packages sent in a cyberstalking campaign allegedly orchestrated by eBay management and targeted at a Natick, Massachusetts couple who run an online e-commerce newsletter that's sometimes critical of eBay. On Monday, the office of Massachusetts US Attorney Andrew Lelling announced that six former eBay employees have been charged with "Aggressive" cyberstalking of the couple, including some of them coming up with an excuse to fly in to Boston in order to rent a van and drive out to Natick to conduct covert surveillance.