Security News > 2020 > August

New Zealand's spy agency has been brought in to help fight back against cyberattacks that crippled the country's stock exchange for a fourth straight day on Friday. Finance Minister Grant Robertson said the Government Communications Security Bureau intelligence agency had joined efforts to contain the threat, which market operator NZX claimed was foreign-sourced but provided no further details.

Researchers at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, have analyzed the traffic statistics of several popular cybercrime forums and they have shared some interesting observations. After seeing Altenen's post, researchers at Digital Shadows decided to look at the traffic statistics of several popular cybercriminal forums, and compared the findings to their own perception of these websites.

Most of our suffering is the result of our selfish, amoral treatment of our fellow human beings or our ignorance of how we should live, e.g. don't fertilize your crops with poop, don't drink contaminated water, etc. We have a feeling, emotional being that can be used to move us to help others - that emotional being's happiness or unhappiness being the result of our Karmic inertia.

Tesla co-founder and CEO Elon Musk has confirmed reports that the Tesla Gigafactory Nevada was a target of a cyberattack earlier in August, which was subsequently thwarted by the Federal Bureau of Investigation. Tesla Gigafactory Nevada is a lithium-ion battery and electric vehicle factory near Reno, Nevada.

Researchers with ETH Zurich have identified vulnerabilities in the implementation of the payment card EMV standard that allow for the mounting of attacks targeting both the cardholder and the merchant. In a newly published paper, David Basin, Ralf Sasse, and Jorge Toro-Pozo from the department of computer science at ETH Zurich, explain that vulnerabilities identified in the standard EMV implementation could be exploited to render the PIN verification useless on Visa contactless transactions.

A former Cisco employee has pleaded guilty to hacking charges related to him accessing the networking giant's systems and causing damage. A few months after he resigned from the company, he gained unauthorized access to Cisco's AWS cloud infrastructure and deployed code that caused over 450 virtual machines associated with the Cisco Webex Teams application to be deleted.

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Dealing with compromised customer accounts is a constant challenge for any organization doing business online today, and certainly Sendgrid is not the only email marketing platform dealing with this problem.

If you're a Google Android user, you may have been pestered over the past week by popup notifications that you didn't expect and certainly didn't want. Abss noticed that many mainstream Android apps use a notification interface provided by Google known as FCM, short for Firebase Cloud Messaging, formerly Google Cloud Messaging, formerly Android Cloud to Device Messaging.

The U.S. government aims to seize control of 280 illegal cryptocurrency accounts it claims were used by North Korean state-sponsored attackers in their efforts to hack cryptocurrency exchanges and funnel hundreds of millions in stolen funds through a Chinese money-laundering network. The U.S. Department of Justice filed a civil forfeiture complaint against North Korea Thursday as part of a broader effort to shut down that it said were state-sponsored cyberattacks on currency exchanges by hackers.

North Korean hackers stole millions of dollars from virtual currency accounts and then laundered the stolen funds in hopes of making the crime untraceable, according to a Justice Department civil forfeiture complaint filed Thursday. It comes months after Justice Department officials accused hackers from North Korea of stealing nearly $250 million worth of virtual currency and charged two Chinese hackers with laundering more than $100 million from the hack.