The secretary of the Interior issued an order Wednesday grounding all of the Department of the Interior’s non-emergency drones so the agency can assess potential cybersecurity concerns before operating the devices any further.

Security experts at Microsoft have discovered malicious malware hiding in downloadable images of the late Kobe Bryant.

Microsoft Security Intelligence says the software is designed to hijack a computer’s CPU to mine cryptocurrency. The process is known as cryptojacking.

https://mobile.twitter.com/MsftSecIntel/status/1223032390555033600

In summer 2019, hackers broke into over 40 (and possibly more) UN servers in offices in Geneva and Vienna and downloaded “sensitive data that could have far-reaching repercussions for staff, individuals, and organizations communicating with and doing business with the UN,” The New Humanitarian reported on Wednesday.

It was another black mark on the privacy record of the social network, which also reported its quarterly earnings.

Facebook said on Wednesday that it had agreed to pay $550 million to settle a class-action lawsuit over its use of facial recognition technology in Illinois, giving privacy groups a major victory that again raised questions about the social network’s data-mining practices.

The case stemmed from Facebook’s photo-labeling service, Tag Suggestions, which uses face-matching software to suggest the names of people in users’ photos.

Facebook Biometric Privacy Settlement
https://edelson.com/facebook-settlement

One week after the United Nations called for an investigation into the claims that Jeff Bezos’ smartphone was hacked by Saudi Crown Prince Mohammed bin Salman, a claim that I first reported in March 2019, another investigation has revealed that the UN itself has been hacked.

The leak of an internal UN report to investigators at The New Humanitarian shows that core infrastructure servers were compromised during a successful cyberattack last year. The report, dated September 20, 2019, was from the United Nations Office of Information and Technology. Associated Press, which has also seen the report, said that 42 servers in all were compromised and a further 25 categorized as suspicious. According to The New Humanitarian, at least some of the affected systems were at the UN human rights offices and the UN human resources department, at locations in Geneva and Vienna. The confidential report is said to show that “some administrator accounts” were breached, and staff told to change passwords. “The ‘core infrastructure’ affected included systems for user and password management, system controls, and security firewalls,” The New Humanitarian said.

Although not yet attributed, attack fingerprint suggests sophisticated APT actors

–
So sophisticated a caveman could exploit it, APT is such an abused word (when convenient) that it effectively is a near meaningless short code for shit administrators https://www.rapid7.com/db/?q=CVE-2019-0604&type=nexpose

Evil Corp may well be best known to millions of viewers of the Mr. Robot TV drama as the multi-national corporation that Elliot and FSociety hack. However, back in the real world, Evil Corp not only exists but is weaponizing Microsoft Excel to spread a malware payload. Researchers from Microsoft Security Intelligence have this week taken to Twitter to warn users to be alert to the ongoing campaign being run by Evil Corp, also known as TA505. Like most successful cybercriminals, Evil Corp is constantly evolving in terms of techniques and tools. The latest twist in this felonious tale involves Microsoft Excel as a payload delivery vehicle.

Microsoft quickly fixed the vulnerability when Check Point approached them in the fall, and customers who have patched their systems are now safe. The vulnerability is as punchy as it gets, “a perfect 10.0,” Balmas says, referring to the CVE score on Microsoft’s disclosure in October. “It’s huge—I can’t even start to describe how big it is.” The reason for the hyperbole is that Balmas says his team found the first remote code execution (RCE) exploit on a major cloud platform. One user could break the cloud isolation separating themselves and others, intercepting code, manipulating programs. That isolation is the basis of cloud security, enabling the safe sharing of common hardware.

There was no detail when Microsoft patched the flaw, just a short explainer. “An attacker who successfully exploited this vulnerability could allow an unprivileged function run by the user to execute code,” the company said at the time, “thereby escaping the Sandbox.” This week, Microsoft confirmed Check Point’s report, telling me that “we released updates to address these issues in 2019.” The spokesperson added that “customers who have applied the updates are protected,” as covered at CVE-2019-1372 and CVE-2019-1234.

Prosecutors have dropped criminal charges against two security professionals who were arrested and jailed last September for breaking into an Iowa courthouse as part of a contract with Iowa’s judicial arm.

Coalfire CEO Tom McAndrew added, “With positive lessons learned, a new dialogue now begins with a focus on improving best practices and elevating the alignment between security professionals and law enforcement. We’re grateful to the global security community for their support throughout this experience.”