Security News > 2020

Online guitar tutoring website TrueFire has apparently suffered a 'Magecart' style data breach incident that may have potentially led to the exposure of its customers' personal information and payment card information. TrueFire is one of the popular guitar tutoring websites with over 1 million users, where wanna-be-guitarists pay online to access a massive library of over 900 courses and 40,000 video lessons.

The bug uses a sneaky trick called HTTP smuggling, which takes advantage of how back-end servers process requests using this protocol. A front-end proxy server might send it to one of several back-end servers, for example.

Rise and fall of a Nigerian cybercriminal called 'Dton,' who made hundreds of thousands of dollars in a 7-year campaign, outlined in new report. Ever wonder who's behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they're enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of thousands of dollars over the course of seven years by targeting people through numerous malicious campaigns.

The Tor browser has fixed a bug that could have allowed JavaScript to execute on websites even when users think they've disabled it for maximum anonymity. The Tor Project revealed the issue in the release notes for version 9.0.6, initially suggesting users manually disable JavaScript for the time being if the issue bothered them.

If WordPress had a list of the most requested features, the ability to automatically update plugins and themes would surely be near the top. Some good news: according to a recent development update, the ability to do this is now being beta-tested in the form of a new plugin for WordPress 5.5, due in August.

The U.S. Senate has voted to extend, rather than tweak, three surveillance powers that federal law enforcement officials use to fight terrorists, passing the bill back to an absent House and throwing the future of the authorities in doubt. The House last week passed a compromise bill negotiated by House Speaker Nancy Pelosi and House Republican leader Kevin McCarthy that would renew the authorities and impose new restrictions.

A recently discovered piece of Android stalkerware can install itself persistently on the system partition and steals the file containing the hash sum for the screen unlock pattern or password to allow its operators to unlock devices. Referred to as MonitorMinor, the stalkerware targets communication applications to intercept victims' conversations, including LINE, Gmail, Zalo, Instagram, Facebook, Kik, Hangouts, Viber, Hike News & Content, Skype, Snapchat, JusTalk, and BOTIM. Given that Android sandboxes applications to prevent direct communications between them - this feature is called DAC, or Discretionary Access Control - MonitorMinor requires root access to bypass the security system and perform nefarious activities.

Cross-border investigations, Europol announced on Friday that it's arrested more than two dozen people suspected of draining bank accounts by hijacking victims' phone numbers via SIM-swap fraud. As we've explained, SIM swaps work because phone numbers are actually tied to the phone's SIM card - in fact, SIM is short for subscriber identity module, a special system-on-a-chip card that securely stores the cryptographic secret that identifies your phone number to the network.

Security, unlike traditional sports, is not a finite game bound by a certain set of rules and a game clock. Given the inability of organizations to deal with the unknowns, security teams need to tilt the game in their favor by joining forces with other organizations in their sector, geography and implementing a strategy of simplifying and expanding intelligence sharing to gain greater visibility into the game before the attacker makes a move.

In many cases, it has been determined that threat actors were inside a healthcare organization's network for months or even years before setting their malicious code loose. They're low on the priority list until someone clicks on a malicious link that the spam filter didn't catch thus unleashing ransomware on the network, after which all hell breaks loose.