Security News > 2020 > September

OneSpan announced the appointment of Ajay Keni as its Chief Technology Officer to further transform the global financial services market with OneSpan's Trusted Identity platform and solutions. Keni brings more than 20 years of experience leading technology and product teams and will guide the development and delivery of OneSpan's future product innovations.

Two years later, Schiff says that breakdown is still emblematic of the disjointed effort among government agencies, Congress and private companies as they try to identify and address foreign election interference. With President Donald Trump adamant that Russia is not interfering and his administration often trying to block what Congress learns about election threats, it's those private companies that often are being called upon to fill the breach.

Attacked by ransomware? Five steps to recoveryWhile there is a lot of discussion about preventing ransomware from affecting your business, the best practices for recovering from an attack are a little harder to pin down. Justifying your 2021 cybersecurity budgetSitting in the midst of an unstable economy, a continued public health emergency, and facing an uptick in successful cyber attacks, CISOs find themselves needing to enhance their cybersecurity posture while remaining within increasingly scrutinized budgets.

Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. Discovered originally by Australian security researcher Chris Moberly, the vulnerability resides in the SSDP engine of the browser that can be exploited by an attacker to target Android smartphones connected to the same Wi-Fi network as the attacker, with Firefox app installed.

Showing code overlaps with Mirai and its variants and reusing Gafgyt code, Mozi has been highly active over the past year, and it accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, although it did not attempt to remove competitors from compromised systems, IBM researchers say. The large increase in IoT attacks might also be the result of a higher number of IoT devices being available worldwide, thus expanding the attack surface.

Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two different moving parts - one for Windows and the other for Android - using a wide arsenal of intrusion tools in the form of info stealers and backdoors designed to steal personal documents, passwords, Telegram messages, and two-factor authentication codes from SMS messages.

Only once one goes within and begs God to help you perfect your moral being does the physical transformational part begin. As to preachiness, I am not myself yet perfected, but I ask, "Was Boltzman being preachy when he tried to explain statistical mechanics to Lord Kelvin, or was he merely describing new details about a greater understanding of our physical reality that those of his time mostly rejected?".

E-commerce sites using the WordPress plugin Discount Rules for WooCommerce are being urged to patch two high-severity cross-site scripting flaws that could allow an attacker to hijack a targeted site. According to Flycart Technologies, Discount Rules for WooCommerce enables the 3.3 million active WooCommerce merchants to use the add-on to streamline customer discounts and manage dynamic pricing.

These targets, together with WHOIS records suggesting that associated malicious websites had been registered by Iranian individuals, and the discovery of one registrant's email address linked to Iranian hacking forums, is enough for the Check Point researchers to conclude that Rampant Kitten is an Iranian group, which itself implies a link to the Iranian government. The attack vectors used in the campaign, which has largely remained under the radar for six years, include four variants of Windows infostealers; an Android backdoor used to steal 2FA codes from SMS messages and take voice recordings; and Telegram phishing pages distributed using fake Telegram service accounts.

Posted three years ago, but definitely appropriate for the times.