Security News

A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. On Tuesday, March 30th, vehicle emissions testing platform Applus Technologies suffered a "Malware" attack that caused them to disconnect their IT systems.

A bipartisan group of US senators on Friday sent letters to major digital ad exchanges, including Google and Twitter, asking whether user data was sold to foreign entities who could use it for blackmail or other malicious ends. In the real-time bidding process to decide which personalized ads a user sees when a web page loads, hundreds of businesses receive a user's personal information, including search history, IP address, age and gender.

A top Biden administration official says the government is undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks. The public-private partnership reflects the administration's concerns about the vulnerability of vital systems, including the electric grid and water treatment plants, to hacks that could cause catastrophic consequences to American life.

The US Department of Justice warns of phishing attacks using fake post-vaccine surveys to steal money from people or tricking them into handing over their personal information. "Consumers receive the surveys via email and text message and are told that, as a gift for filling out the survey, they can choose from various free prizes, such as an iPad Pro," the DOJ said.

Microsoft won a nearly $22 billion contract to supply U.S. Army combat troops with its augmented reality headsets. Microsoft and the Army separately announced the deal Wednesday.

Deviating from their typical activity, an Iranian threat actor known as TA453 has mounted a phishing campaign targeting senior medical professionals in the United States and Israel, cybersecurity firm Proofpoint reports. Also referred to as Charming Kitten, Phosphorus, APT35, Ajax Security Team, ITG18, NewsBeef, and Newscaster, the group has been active since at least 2011, mainly targeting activists, journalists, and other entities in the Middle East, the U.K., and the U.S. The new campaign, which Proofpoint named BadBlood due to its focus on medical personnel, targeted individuals specialized in genetic, neurology, and oncology research, in line with a broader trend in which threat actors are targeting medical research.

Security expert says because we can't inspect the inner workings of the software we buy, we're at the mercy of software companies' security practices. TechRepublic's Karen Roby spoke with Manish Gupta, founder and CEO of ShiftLeft, a code analysis software company, about the SolarWinds attack and its effect on cybersecurity.

US federal agencies have warned today against making or selling fake COVID-19 vaccination record cards as this is breaking the law. Using fake vaccination record cards could also put others at risk, increasing the chance of contracting COVID-19 or infecting others.

Some jokingly said the cryptic tweet, ";l;;gmlxzssaw," was a US nuclear launch code. Now the US Strategic Command, which runs the country's powerful nuclear weapons force, says the enigmatic posting on its Twitter account in fact came from the hands of a precocious kid.

A proposed executive order would set new rules on the disclosure of data breaches that also affect United States government agencies, according to a Reuters news report. The report said the executive order, which could be released as soon as the next week, would require software vendors to notify U.S. government customers of cyber-security breaches that also affect them.