Security News > 2021 > November
Researchers analyzed the security of four popular smartwatches for children and found pre-installed downloaders, weak passwords, and unencrypted data transmissions. The analysis demonstrates that most of these devices arbitrarily collect and periodically transmit sensitive data to remote servers without the user knowing about it.
Quantinuum is not counting qubits in the race to error-corrected quantum computing. Uttley said Quantinuum rejects the conventional quantum wisdom that these new machines will need millions of qubits to be useful to businesses today.
The Flubot banking trojan is blanketing Finland, spreading via Android phones that are sending millions of malicious text messages. On Friday, the National Cyber Security Centre at the Finnish Transport and Communications Agency posted a "Severe" alert about the malware blizzard, which it said was spreading via dozens of message variants that are sneezing out Flubot like mad. Once installed, Flubot sets about gaining permissions, stealing banking information and credentials, lifting passwords stored on the device and squirreling away various pieces of personal information.
Consumer electronics giant Panasonic's data breach raises questions, researchers say - given that more than two weeks after the incident was discovered, it's unclear if customers' personal information has been impacted. On Friday, Panasonic confirmed that its "Network was illegally accessed by a third party on November 11, 2021," and that "Some data on a file server had been accessed during the intrusion."
A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. The botnet, dubbed EwDoor by researchers at Qihoo 360's Network Security Research Lab, targets AT&T customers using EdgeMarc Enterprise Session Border Controller edge devices.
Now you can learn everything you need to become a master ethical hacker without having to take time away from your current job. If you would like to make 2022 the year you switch to an exciting new career in the lucrative tech industry, you really can't beat The All-In-One 2022 Super-Sized Ethical Hacking Bundle, since use coupon code CMSAVE70 during this Cyber Week sale to get it for just $12.90.
Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. The Android banking trojans delivered onto compromised devices attempt to steal users' credentials when they log in to an online banking or cryptocurrency apps.
Tricking users into visiting a malicious webpage could allow malicious people to compromise 150 models of HP multi-function printers, according to F-Secure researchers. The Finland-headquartered infosec firm said it had found "Exploitable" flaws in the HP printers that allowed attackers to "Seize control of vulnerable devices, steal information, and further infiltrate networks in pursuit of other objectives such as stealing or changing other data" - and, inevitably, "Spreading ransomware."
Video footage has emerged of a British F-35B fighter jet falling off the front of aircraft carrier HMS Queen Elizabeth after a botched takeoff. The leaked clip, seemingly from a CCTV camera on the carrier's bridge, shows the Lockheed Martin-made stealth aircraft slowly trundling down the deck before tipping over the ski-jump ramp on her bows.
The insurer's "Cyber War and Cyber Operation Exclusion Clauses", published late last week, include an alarming line suggesting policies should not cover "Retaliatory cyber operations between any specified states" or cyber attacks that have "a major detrimental impact on the functioning of a state." Although the wordings in the four clauses are published as a suggestion for insurers in Lloyd's-underwritten policies and are not concrete rules, they provide a useful indicator for the direction of travel in the slow-moving cyber insurance world.