Security News


Zoom has been forced to agree to a range of security improvements in a settlement with America's consumer watchdog, the Federal Trade Commission, as a result of earlier wrongly claiming it offered true 256-bit end-to-end encryption. The pact [PDF], announced Monday, obliges the video-conferencing giant to carry out an annual security assessment of its software and have its internal security program assessed by a third-party every two years.

The Bitcoin wallet had links to hacker groups and had seen its balance drop from almost $1 billion in cryptocurrency to nothing overnight. Bitcoin address linked to Silk Road. The funds in Bitcoin wallet 1HQ3Go3ggs8pFnXuHVHRytPCq5fGG8Hbhx have been found to be associated with Silk Road. Silk Road is remembered as one of the most notorious darknet marketplaces that had been shut down in October 2013.

The Qbot botnet is now spewing U.S. election-themed phishing emails used to infect victims with malicious payloads designed to harvest user data and emails for use in future campaigns. "In addition to stealing and exfiltrating data from its victims, QBot will also start grabbing emails that will later be used as part of the next malspam campaigns," Malwarebytes' Jérôme Segura and Hossein Jazi explain.

Brovko was tasked with sifting through the logs of these botnets for internet banking credentials vacuumed by the malware, which were subsequently used by fellow conspirators to steal millions of dollars from Americans' accounts in fraudulent transfers. "Where his computer code could not effectively parse the data, Brovko supplemented his computer-automated efforts with manual searches of the data," his indictment [PDF] noted.

A US federal judge on Friday issued an injunction temporarily blocking an executive order by President Donald Trump aimed at banning TikTok, throwing up a legal roadblock ahead of a November 12 deadline. TikTok influencers suing the president over the ban convinced US District Court Wendy Beetlestone to issue the injunction against it.

Britain's data privacy watchdog on Friday said it has fined US hotels group Marriott over a data breach affecting millions of customers worldwide. The UK Information Commissioner's Office said in a statement it fined Marriott £18.4 million for breaches of data that included personal information such as passport numbers since March 2018.

Starting on Friday, US high school students can register to participate in CyberStart America, an online puzzle-solving game designed to identify cybersecurity talent and qualify participants for an opportunity to compete in the National Cyber Scholarship Competition next year. The CyberStart America program, sponsored by the National Cyber Scholarship Foundation, aims to find students with an affinity for security-oriented challenges in the hope of steering them toward careers defending US organizations.

As America counts down to the November 3 elections, things are tense for political campaigns. The Republican Party of Wisconsin, a key battleground state which President Trump won in 2016 by less than 1 per cent, has admitted that it lost $2.3m earlier this month to business email deception - where phishing emails harvest credentials and use these to submit fake or altered invoices for services rendered.

Ryuk ransomware is being aggressively deployed to target US healthcare institutions, government cyber organisations in the US have warned. The caution comes as US hospitals faced an unusually high level of malware and ransomware attacks in spite of promises from criminals earlier this year that they would avoid targeting medical institutions.