Security News > 2020

Key Ring, creator of a digital wallet app used by 14 million people across North America, has exposed 44 million IDs, charge cards, loyalty cards, gift cards and membership cards to the open internet, researchers say. The Key Ring app allows users to upload scans and photos of various physical cards into a digital folder on a user's phone.

Have you come up with hardware or software that can help solve a problem that arose from COVID-19 and its worldwide spread? Mozilla is offering up to $50,000 to open source technology projects that are responding to the pandemic in some way. Online "Hackatons" - launched/sponsored by governments and various organizations in Poland, Estonia, China, the UK, Switzerland, India, Malaysia, and so on - are gathering participants from different sectors and with different skills to collaborate and come up with IT-based open source solutions to COVID-19-related medical, social and other problems.

Researchers have observed a new skimmer from the prolific Magecart Group that has been actively harvesting payment-card data from 19 different victim websites, mainly belonging to small- and medium-sized businesses, for several months. "In some cases, we've seen MakeFrame using compromised sites for all three of its functions - hosting the skimming code itself, loading the skimmer on other compromised websites and exfiltrating the stolen data," Herman and Ihm wrote.

For the last two years or so, attackers have been infecting and reinfecting poorly secured MS SQL servers, booting other criminals' malware from them and exploiting their compute power to mine Vollar and Monero cryptocurrency. Microsoft SQL Server is a relational database management system/software that can run on computers running any of the most popular operating systems.

The Justice Department inspector general has found additional failures in the FBI's handling of a secretive surveillance program that came under scrutiny after the Russia investigation, identifying problems with dozens of applications for wiretaps in national security investigations. The new findings are on top of problems identified last year by the watchdog office, which concluded that the FBI had made significant errors and omissions in applications to eavesdrop on former Trump campaign adviser Carter Page during the early months of the Russia investigation.

A newly discovered piece of malware is taking advantage of the current COVID-19 pandemic to render computers unusable by overwriting the MBR. Cybercriminals were quick to exploit the coronavirus crisis for their malicious attacks, including phishing, malware infections, and the likes, and it did not take long for state-sponsored threat actors to join the fray. In addition to banking Trojans targeting enterprise workers and information-stealing malware aimed at multiple industries, which only steal victims' information, miscreants are also disseminating destructive threats, such as the newly observed wiper.

Rather, they enable carriers to authenticate calls, after which consumers will be able to tell if a number is likely to be a robocall. The FCC says STIR/SHAKEN should help to protect consumers against malicious caller ID spoofing, often used in robocall scams to trick us into answering our phones so telemarketers and/or scammers can bleat at us.

For me, being a remote worker is ideal and ensures that I can balance work and home life successfully. We've seen plenty of articles sharing advice on how you can be effective working at home and the like, but what experienced remote workers - and often the authors of these pieces - forget is that this is uncharted territory for most.

Security researchers discovered recently that the Zoom video conferencing app is affected by vulnerabilities that can be exploited to spy on users, escalate privileges on the system, and capture Windows credentials. "At Zoom, ensuring the privacy and security of our users and their data is paramount. We are aware of the UNC issue and are working to address it," a Zoom spokesperson told SecurityWeek via email.

"We're seeing from signals in Microsoft Threat Protection services that the attackers behind the REvil ransomware are actively scanning the internet for vulnerable systems. Attackers have also been observed using the updater features of VPN clients to deploy malware payloads," the company shared. Human-operated ransomware campaigns targeting organizations have became the prevalent type of attack that involves the use of ransomware.