Security News > 2020 > June

Hacking groups are continuing to leverage misconfigured AWS S3 data storage buckets to insert malicious code into websites in an attempt to swipe credit card information and carry out malvertising campaigns. These virtual credit card skimmers, also known as formjacking attacks, are typically JavaScript code that Magecart operators stealthily insert into a compromised website, often on payment pages, designed to capture customers' card details in real-time and transmit it to a remote attacker-controlled server.

Spirent Communications announced its extensive work with Rakuten Mobile in support of the operator's current LTE services, planned 5G Non-Standalone and Standalone rollout in Japan for its world-first fully virtualized cloud native mobile network. Rakuten Mobile required groundbreaking testing capabilities to assure the performance of new services and selected Spirent Landslide for core network testing.

Datalytyx announced an expanded partnership with Snowflake, the Cloud Data Platform, that enables the next generation Datalytyx DataOps for Snowflake platform to be deployed for a 2 week trial on Snowflake. Datalytyx have deployed their DataOps for Snowflake platform to help BOC manage their cylinder stock and logistics data, for all types of gases, to increase production efficiency and provide best-in-class customer service.

Reltio announced the appointment of Matt Gallatin as Chief Financial Officer. Gallatin brings nearly three decades of experience in financial management for technology companies, including Drawbridge, OneLogin and Yahoo!, to Reltio's executive team.

SignalWire, a Sand Hill Road venture backed cloud communications provider, announced that it has appointed Aseem Asthana as the company's new Vice President of Product Management. Asthana brings over 15 years of experience developing rapid growth product strategies for companies like Symantec and Barracuda Networks.

The social distancing measures brought about by the COVID-19 pandemic will weaken election security in the US, according to a non-profit's security check. "Many government personnel must work and access election infrastructure remotely now; so too must vendor personnel," the Brennan report says.

Singapore's announcement that it is developing a wearable for contact tracing has caused citizens to voice concern for the technology's impact on their data privacy, with more than 35,000 signing a petition against the devices. Previously, Singapore had created a contact tracing app, TraceTogether, which uses Bluetooth mobile phones' functions to detect other phones nearby and track the spread of the virus.

A newly disclosed UPnP vulnerability that affects billions of devices can be exploited for various types of malicious activities, including distributed denial-of-service attacks and data exfiltration. Designed to facilitate the automatic discovery and interaction with devices on a network, the UPnP protocol is meant for use within trusted local area networks, as it lacks any form of authentication or verification.

While the agency experienced 1,468 incidents, its budget was decreased last year, according to a report by Atlas VPN. There were 1,468 cyber incidents at NASA in 2019-an increase of a staggering 366%, according to data extracted and analyzed by Atlas VPN, which released the findings in a new report. Cyber incidents at NASA can affect national security, intellectual property, and individuals whose data could be lost due to data breaches.

The sample we looked at claims to be a decryptor for the DJVU ransomware, which gets its name from the. Exe file is unreconstructed ransomware: it goes through your files looking for matches against a long list of file extensions to encrypt, and scrambles them with a randomly-chosen encryption key.