Security News

The protocols are CS2 Network P2P, used by more than 50 million devices worldwide, and Shenzhen Yunni iLnkP2P, used by more than 3.6 million. "As of August 2020, over 3.7 million vulnerable devices have been found on the internet," reads the site, which lists affected devices and advice on what to do if you have any at-risk gear.

The British offices of Barclays Bank are under investigation over allegations that managers spied upon their own staff as part of a workplace productivity improvement drive. Back in February, the bank trialled tracking software to detail the amount of time employees spent at their desk, as revealed by City AM. Last week an employee received a "Work yoga" assessment on their daily performance informing them they had spent "Not enough time in the Zone yesterday," the City paper reports.

Vulnerabilities were found in a Qualcomm Snapdragon chip that could let attackers obtain photos, videos, call recordings, and other data on Android phones, says Check Point Research. A new report by cyber threat intelligence provider Check Point Research explains how vulnerabilities found in a chip in many Android phones could allow hackers to spy on users.

Britain on Wednesday named its former ambassador to Turkey as the new director of the MI6 Secret Intelligence Service. Richard Moore succeeds Alex Younger, who was a career intelligence officer and became Britain's top spy in 2014.

The law will require the New York City plod to provide the city government with annual reports on its use of surveillance equipment such as face scanning, Stinger cellphone trackers, and eavesdropping gear. To be precise, the bill defines surveillance tech as "Equipment, software, or systems capable of, or used or designed for, collecting, retaining, processing, or sharing audio, video, location, thermal, biometric, or similar information, that is operated by or at the direction of the department," but not any internal communications gear nor cameras intended to keep city buildings from being vandalized.

Following weeks of heated protests in American cities - and criticism of law enforcement's use of force, surveillance, and drone aircraft in the skies above - the US government has belatedly asked the public what it thinks. The US Department of Homeland Security wants your comments on the use of drones by police and other first responders by July 9.

"The dated nature of this binary coupled with the extensible nature of the malware code suggests that the FlowCloud code base has been under development for numerous years," the analysts wrote, adding that "Development of this malware around legitimate QQ files and the identification of malware samples uploaded to VirusTotal from Japan in December 2018 and earlier this year from Taiwan indicate that the malware may have been active for some time in Asia prior to its appearance targeting the U.S. utilities sector." Several campaigns delivering the LookBack malware were aimed at U.S. utilities over last summer and the fall as well, and, based on shared attachment macros, identical malware installation techniques and overlapping delivery infrastructure, Proofpoint believes the LookBack and FlowCloud malware can be attributed to a single threat actor, TA410.

The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan to attack governmental targets. According to ESET researchers, ComRAT is one of Turla's oldest weapons, released in 2007 - but the firm found that Turla used an updated version in attacks against at least three targets earlier this year: Two Ministries of Foreign Affairs and a national parliament.

A fresh malware trojan has emerged, built from the same code base as the stealthy COMPFun remote access trojan. The malware is using spoofed visa applications to hit diplomatic targets in Europe and may be the work of the Turla APT. According to researchers at Kaspersky, the fake visa application harbors code that acts as a first-stage dropper.

According to Google's Threat Analysis Group, more than a dozen nation-state-backed APTs are using the COVID-19 pandemic as a cover for their various cyberespionage and malware activities. The email had an embedded tracking link, which Mandiant researchers said contained the victim's email address and a code to report back to the actors if the email was opened.