Security News > 2020 > October

Cybercriminals are tapping into Amazon's annual discount shopping campaign for subscribers, Prime Day, with researchers warning of a recent spike in phishing and malicious websites that are fraudulently using the Amazon brand. There has been a spike in the number of new monthly phishing and fraudulent sites created using the Amazon brand since August, the most significant since the COVID-19 pandemic forced people indoors in March, according to a Thursday report from Bolster Research.

A previously unknown threat group whose members speak Russian has been launching attacks against Russian industrial organizations in a highly targeted espionage campaign, Kaspersky reported on Thursday. Denis Legezo, senior security researcher with Kaspersky's Global Research and Analysis Team, told SecurityWeek that the hackers have only been seen targeting the IT networks of industrial entities and there is no indication that they have also targeted industrial control systems.

Google this week revealed that it's working on redesigning the security alerts for Google accounts and that it will make them available directly in the applications users are logged into. The company has already built numerous protections into Google accounts and other Google products, with Safe Browsing delivering protection for over 4 billion devices, Gmail blocking in excess of 100 million daily phishing attempts, and Google Play Protect scanning more than 100 billion apps per day.

Adobe is suffering a 'major' outage that prevents users from logging in to Creative Cloud or accessing their subscribed applications or stored data. Since approximately 9:30 a.m EST, Adobe Creative Cloud users have reported difficulty logging into the service or accessing saved images and data.

NATO needs a new strategic concept adjusted to the global rise of new technologies, terrorism and China to replace a plan developed a decade ago, the head of the alliance said on Wednesday. Stoltenberg urged the Western defensive alliance of 30 states to "Develop common principles and standards for new technologies" to meet security challenges related to "Disruptive technologies" using big data and cyber telecommunications.

Apple's T2 security chip is insecure and cannot be fixed, a group of security researchers report. Over the past three years, a handful of hackers have delved into the inner workings of the custom silicon, fitted inside recent Macs, and found that they can use an exploit developed for iPhone jailbreaking, checkm8, in conjunction with a memory controller vulnerability known as blackbird, to compromise the T2 on macOS computers.

Microsoft has released a new Windows 10 update that forcibly enables the Battery Health Manager UEFI option in HP business laptops to prevent battery swelling. HP Battery Health Manager is a BIOS battery management feature in specific HP business laptops that modifies how a battery is charged to increase its longevity.

Microsoft has released a new Windows 10 update that forcibly enables the Battery Health Manager UEFI option in HP business laptops to prevent battery swelling. HP Battery Health Manager is a BIOS battery management feature in specific HP business laptops that modifies how a battery is charged to increase its longevity.

That's according to researchers from Kaspersky, who noted that the group uses a variety of techniques to evade detection, including using public cloud services for command-and-control communications, and hiding its main malicious espionage module using steganography. Spy attacks on industrial holdings are far more unusual than campaigns against diplomats and other nation-state targets, according to the firm.

In the case of RainbowMix, the apps pretend to be from popular apps and social media platforms like YouTube and Chrome. White Ops saw this many daily ad impressions consistently, from the RainbowMix app collective.