Security News

ESXiArgs ransomware fights off Team America's data recovery script
2023-02-16 01:30

A week after the US Cybersecurity and Infrastructure Security Agency and FBI released a recovery script to help victims of the widespread ESXiArgs ransomware attacks recover infected systems, an updated variant of the malware aimed at vulnerable VMware ESXi virtual machines can't be remediated with the government agencies' code, according to Malwarebytes. "This makes recovery next to impossible," Arntz wrote in a post this week, noting reports from victims of recent ESXiArgs attacks about the ransomware's new encryptor.

Bank of America starts restoring missing Zelle transactions
2023-01-18 20:06

Bank of America has started to restore missing Zelle transactions that suddenly disappeared from customers' bank accounts this morning, causing some to dip into negative balances. This led to reports on DownDetector, Reddit, and Twitter from hundreds of customers missing their Zelle transactions.

Nissan North America data breach caused by vendor-exposed database
2023-01-17 14:50

Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. In the notification sample, Nissan claims it received notice of a data breach from one of its software development vendors on June 21, 2022.

TikTok could be banned from America, thanks to proposed bipartisan bill
2022-12-14 19:30

The US government's crackdown on TikTok continues, with the latest salvo being a bipartisan bill that would outright ban the popular social media app from doing business in the country. Several US states have already banned the app on government-owned devices, while Indiana has sued TikTok for inflicting harm on residents.

TSA to expand facial recognition across America
2022-12-06 02:30

America's Transport Security Administration, better known as the TSA, has been testing facial recognition software to automatically screen passengers flying across the country in 16 airports. The equipment will snap a live photo of their face and check whether it matches with the one captured on their ID. The pilot program, testing the Credential Authentication Technology 2 system, aims to reduce security screening wait times by automating the process so TSA agents do not need to manually check IDs.

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor
2022-11-17 05:56

Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey and the U.S. "Dtrack allows criminals to upload, download, start or delete files on the victim host," Kaspersky researchers Konstantin Zykov and Jornt van der Wiel said in a report. Discovered in September 2019, the malware has been previously deployed in a cyber attack aimed at a nuclear power plant in India, with more recent intrusions using Dtrack as part of Maui ransomware attacks.

The biggest threat to America’s election system? Ourselves
2022-11-04 04:00

Over the years, there has been a long-standing narrative that foreign state-sponsored threat actors present the most significant cyber threat to the election process. The threat actors also targeted devices belonging to the state boards of elections, state secretaries of state, and organizations that supported election infrastructure to steal voter data.

A Quick Look at the "Strengthening America's Cybersecurity" Initiative
2022-10-21 10:48

The White House also pointed to IoT warning labels as a solution - and reminded us all about the importance of cybersecurity education. The White House initiative correctly states, in multiple instances, that international partners and organizations like NATO will play a decisive role in the cybersecurity space.

From today, America and UK follow new rules on how they can demand your data from each other
2022-10-03 19:11

The Data Access Agreement, by which the US and UK have agreed how one country can respond to lawful data demands from police and investigators in the other, took effect on Monday. The DAA spells out US and UK obligations under the Clarifying Lawful Overseas Use of Data Act, which the US Congress approved in 2018.

Meta, Twitter, Apple, Google urged to up encryption game in post-Roe America
2022-09-20 19:19

Tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages. "After the reversal of Roe v. Wade and with more rights cutbacks on the way, tech companies are throwing their users to the wolves by allowing company employees, cops, and other third parties to access unprotected messages."