Security News

A week after the US Cybersecurity and Infrastructure Security Agency and FBI released a recovery script to help victims of the widespread ESXiArgs ransomware attacks recover infected systems, an updated variant of the malware aimed at vulnerable VMware ESXi virtual machines can't be remediated with the government agencies' code, according to Malwarebytes. "This makes recovery next to impossible," Arntz wrote in a post this week, noting reports from victims of recent ESXiArgs attacks about the ransomware's new encryptor.

Bank of America has started to restore missing Zelle transactions that suddenly disappeared from customers' bank accounts this morning, causing some to dip into negative balances. This led to reports on DownDetector, Reddit, and Twitter from hundreds of customers missing their Zelle transactions.

Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. In the notification sample, Nissan claims it received notice of a data breach from one of its software development vendors on June 21, 2022.

The US government's crackdown on TikTok continues, with the latest salvo being a bipartisan bill that would outright ban the popular social media app from doing business in the country. Several US states have already banned the app on government-owned devices, while Indiana has sued TikTok for inflicting harm on residents.

America's Transport Security Administration, better known as the TSA, has been testing facial recognition software to automatically screen passengers flying across the country in 16 airports. The equipment will snap a live photo of their face and check whether it matches with the one captured on their ID. The pilot program, testing the Credential Authentication Technology 2 system, aims to reduce security screening wait times by automating the process so TSA agents do not need to manually check IDs.

Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey and the U.S. "Dtrack allows criminals to upload, download, start or delete files on the victim host," Kaspersky researchers Konstantin Zykov and Jornt van der Wiel said in a report. Discovered in September 2019, the malware has been previously deployed in a cyber attack aimed at a nuclear power plant in India, with more recent intrusions using Dtrack as part of Maui ransomware attacks.

Over the years, there has been a long-standing narrative that foreign state-sponsored threat actors present the most significant cyber threat to the election process. The threat actors also targeted devices belonging to the state boards of elections, state secretaries of state, and organizations that supported election infrastructure to steal voter data.

The White House also pointed to IoT warning labels as a solution - and reminded us all about the importance of cybersecurity education. The White House initiative correctly states, in multiple instances, that international partners and organizations like NATO will play a decisive role in the cybersecurity space.

The Data Access Agreement, by which the US and UK have agreed how one country can respond to lawful data demands from police and investigators in the other, took effect on Monday. The DAA spells out US and UK obligations under the Clarifying Lawful Overseas Use of Data Act, which the US Congress approved in 2018.

Tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages. "After the reversal of Roe v. Wade and with more rights cutbacks on the way, tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages."