Security News > 2022 > June

These single-use tokens, also referred to as Push notifications or Authy tokens, are more secure than passwords and they help keep track of individual users that are authenticating on Authy servers. This guide explains how the Authy Backup feature works, and how to enable or disable backups.

The U.S. Department of Justice has announced the disruption of the Russian RSocks malware botnet used to hijack millions of computers, Android smartphones, and IoT devices worldwide for use as proxy servers. A botnet is a swarm of devices that threat actors can remotely control to perform various behavior, including DDoS attacks, crypto mining, and deploying additional malware.

The Dark Web is a small portion of the Internet, but it concentrates many cybercriminals and threat actors who generally exchange ideas, thoughts, tips, tricks and experience through hidden forums. Many of these cybercriminals also sell various goods and services; Privacy Affairs has published a new report about the average prices of those services in 2022.

Researchers have identified a small yet potent China-linked APT that has flown under the radar for nearly a decade running campaigns against government, education and telecommunication organizations in Southeast Asia and Australia. Researchers from SentinelLabs said the APT, which they dubbed Aoqin Dragon, has been operating since at least 2013.

The UK government has published its plans for reforming local data protection law which includes removing the requirement for consent for all website cookies - akin to the situation in much of the US. Also notable is the removal of the requirement for a Data Protection Impact Assessment, as well as a new political direction over the Information Commissioner's Office. UK rules on website and app cookie consent are set to change if these proposals move forward.

If your organization gets hit by a ransomware gang that has also managed to steal company data before hitting the "Encrypt" button, which types of data are more likely to end up being disclosed as you debate internally on whether you should pay the ransomware gang off? The most commonly leaked data is financial, followed by customer/patient data.

We've always known that phones-and the people carrying them-can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent that. Computer scientists at the University of California San Diego proved in a study published May 24 that minute imperfections in phones caused during manufacturing create a unique Bluetooth beacon, one that establishes a digital signature or fingerprint distinct from any other device.

Network-attached storage vendor QNAP once again warned customers on Friday to secure their devices against a new campaign of attacks pushing DeadBolt ransomware. "QNAP recently detected a new DeadBolt ransomware campaign. According to victim reports so far, the campaign appears to target QNAP NAS devices running QTS 4.x," QNAP said today.

Microsoft is investigating a newly acknowledged issue causing connectivity issues when using Wi-Fi hotspots after deploying Windows updates released during the June 2022 Patch Tuesday. According to a new entry on the Windows release health dashboard, Windows devices where one of the June updates has been installed might be unable to use the Wi-Fi hotspot feature.

Today's tale, told by a reader Regomized as "Mark" takes us back some 15 years when he was handling the IT needs for a doctor's office. Readers can probably guess what came next, but Mark was oblivious.