Security News > 2022 > August

The U.S. Federal Trade Commission announced today that it filed a lawsuit against Idaho-based data broker Kochava for selling sensitive and precise geolocation data collected from hundreds of millions of mobile devices. The company provides access to consumers' location data through a data feed its clients can access via online data marketplaces after paying for a $25,000 subscription.

Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign that resulted in 9,931 accounts at over 130 organizations being compromised. Roberto Martinez, senior threat intelligence analyst at Group-IB, said the scope of the attacks is still an unknown.

Members of the government in Montenegro are stating that the country is being hit with sophisticated and persistent cyberattacks that threaten the country's essential infrastructure. Targets include electricity and water supply systems, transportation services, online portals that citizens use to access various state services, and more.

The NSA has has published criteria for evaluating levels of assurance required for DoD microelectronics. The introductory report in a DoD microelectronics series outlines the process for determining levels of hardware assurance for systems and custom microelectronic components, which include application-specific integrated circuits, field programmable gate arrays and other devices containing reprogrammable digital logic.

A critical vulnerability in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances. Bitbucket Server and Data Center are used by software developers around the world for source code revision control, management and hosting.

The campaign entails serving malware through free software hosted on popular sites such as Softpedia and Uptodown. In an interesting tactic, the malware puts off its execution for weeks and separates its malicious activity from the downloaded fake software to avoid detection.

Whether you're on the way out of - or back to - the office, our Security Validation Checklist can help make sure your security posture is in good shape. Check for any new security vulnerabilities that were identified on your vacation.

Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen from Thailand's Department of Medical Sciences containing information about citizens with COVID-19 symptoms. The incident was uncovered and shared with Thai CERT. The data was put for sale on several Dark Web marketplaces and was available for further purchase via a Telegram channel created by the bad actors.

NetworkManager attempts to keep an active network connection available at all times. NetworkManager supports most network security methods and protocols, WPA/WPA2/WPA3, wired 802.1x, MACsec and VPNs. It stores network secrets using secure storage, either in the user's keyring or protected by normal system administrator permissions for system-wide connections.

Twilio, which earlier this month became a sophisticated phishing attack, disclosed last week that the threat actors also managed to gain access to the accounts of 93 individual users of its Authy two-factor authentication service. The communication tools company said the unauthorized access made it possible for the adversary to register additional devices to those accounts.