Security News > 2020 > November

Chinese telecoms group Huawei has appealed Sweden's decision to ban it from the country's 5G network for security reasons, a legal filing obtained by AFP on Friday showed. The ban, announced by the Swedish Post and Telecom Authority on October 20, "Lacks legal basis, violates fundamental human rights, violates fundamental EU legal principles ... and is incorrect in substance," Huawei wrote in its appeal to PTS and the Stockholm administrative court.

Bug bounty hunters hacked a NETGEAR router and a Western Digital network-attached storage device on the first day of the Zero Day Initiative's Pwn2Own Tokyo 2020 hacking competition. On the first day of the event, the NETGEAR Nighthawk R7800 router was targeted by Team Black Coffee, Team Flashback, and teams from cybersecurity firms Starlabs and Trapa Security.

There are two easy ways to view your SSH public key in Linux. The above command will print out your SSH key on your Linux machine, without prompting you for your key authentication password.

The United States this week announced that it seized $1 billion worth of Bitcoin stolen by an individual from the Silk Road marketplace over half a decade ago. Earlier this year, agents of the IRS CI were able to identify 54 previously undetected Bitcoin transactions associated with Silk Road, representing Bitcoin that was allegedly stolen from Silk Road in or about 2012 and 2013.

A new ransomware called Pay2Key has been targeting organizations from Israel and Brazil, encrypting their networks within an hour in targeted attacks still under investigation. In a new report by Check Point, researchers say that the threat actors behind Pay2Key ransomware are likely using publicly exposed Remote Desktop Protocol to gain access to victims' networks and deploy the initial malicious payloads.

Apple has patched three previously identified zero-day vulnerabilities in its iPhone, iPod and iPad devices potentially related to a spate of related flaws recently discovered by the Google Project Zero team that also affect Google Chrome and Windows. Apple have fixed three issues reported by Project Zero that were being actively exploited in the wild.

A group of cybercriminals that breached the systems of Japanese video game giant Capcom is demanding $11 million after deploying ransomware and stealing vast amounts of data. Capcom said it was forced to halt some operations and that the incident impacted its email and file servers, among other systems.

With companies commonly using a mixed environment of Windows and Linux servers, ransomware operations have increasingly started to create Linux versions of their malware to ensure they encrypt all critical data. A new report today by Kaspersky takes a look at the Linux version of the RansomExx ransomware, also known as Defray777.

Abstract: Phishing scam emails are emails that pretend to be something they are not in order to get the recipient of the email to undertake some action they normally would not. While technical protections against phishing reduce the number of phishing emails received, they are not perfect and phishing remains one of the largest sources of security risk in technology and communication systems.

Apple on Thursday released patches for tens of vulnerabilities across its products, including three flaws that are actively exploited in attacks. The three vulnerabilities were discovered by Google Project Zero researchers and could lead to remote code execution, leak of kernel memory, and escalation of privilege to kernel level, respectively, Project Zero technical lead Ben Hawkes says.