Cyber security news June 2020

This posting is here to collect cyber security news in June 2020.

I post links to security vulnerability news with short descriptions to comments section of this article.

If you are interested in cyber security trends, read my Cyber security trends 2020 posting.

You are also free to post related links to comments.



  1. Tomi Engdahl says:

    new users after 18 months, as part of a broader expansion of its privacy options — A compromise between privacy and ad-targeting data — On Wednesday, Google announced broad changes in its default data practices for new users …

    Google will now auto-delete location and search history by default for new users

    A compromise between privacy and ad-targeting data

  2. Tomi Engdahl says:

    United States wants HTTPS for all government sites, all the time

    The US government just announced its plans for HTTPS on all dot-gov sites.

    HTTPS, of course, is short for for “secure HTTP”, and it’s the system that puts the padlock in your browser’s address bar.

    Actually, the government is going one step further than that.

    As well as saying all dot-gov sites should be available over HTTPS, the government wants to get to the point that all of its web servers are publicly committed to use HTTPS by default.

    That paves the way to retiring HTTP altogether and preventing web users from making unencrypted connection to government sites at all.

  3. Tomi Engdahl says:

    Russell Brandom / The Verge:
    Google says it will auto-delete location and search data by default for new users after 18 months, as part of a broader expansion of its privacy options

    Google will now auto-delete location and search history by default for new users

    A compromise between privacy and ad-targeting data

  4. Tomi Engdahl says:

    As organizations get back to business, cyber criminals look for new
    angles to exploit
    Criminals are using COVID-19 training for employees as phishing bait.
    Non coronavirus-related headline news (including Black Lives Matter)
    being used in phishing scams. Weekly cyber-attacks increase 18%
    compared to May average. However, Covid-19 related cyber-attacks down
    24% compared to May.

  5. Tomi Engdahl says:

    Patch time! NVIDIA fixes kernel driver holes on Windows and Linux
    The latest security patches from NVIDIA, the maker of high-end
    graphics cards, are out. Both Windows and Linux are affected. NVIDIA
    hasnt yet given out any real details about the bugs, but 12 different
    CVE-tagged flaws have been fixed, numbered sequentially from
    CVE-2020-5962 to CVE-2020-5973.. Also:

  6. Tomi Engdahl says:

    Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and
    Critical Vulnerabilities to Infect Windows Devices
    On May 29, 2020, Unit 42 researchers discovered a new variant of a
    hybrid cryptojacking malware from numerous incidents of CVE-2019-9081
    exploitation in the wild. A closer look revealed the malware, which
    weve dubbed Lucifer, is capable of conducting DDoS attacks and
    well-equipped with all kinds of exploits against vulnerable Windows

  7. Tomi Engdahl says:

    Chinese bank forced western companies to install malware-laced tax
    A Chinese bank has forced at least two western companies to install
    malware-laced tax software on their systems, cyber-security firm
    Trustwave said in a report published today. The two companies are a
    UK-based technology/software vendor and a major financial institution,
    both of which had recently opened offices in China. “Discussions with
    our client revealed that [the malware] was part of their bank’s
    required tax software,” Trustwave said today.. Also:

  8. Tomi Engdahl says:

    Web skimmer hides within EXIF metadata, exfiltrates credit cards via
    image files
    They say a picture is worth a thousand words. Threat actors must have
    remembered that as they devised yet another way to hide their credit
    card skimmer in order to evade detection. When we first investigated
    this campaign, we thought it may be another one of those favicon
    tricks, which we had described in a previous blog. However, it turned
    out to be different and even more devious. We found skimming code
    hidden within the metadata of an image file (a form of steganography)
    and surreptitiously loaded by compromised online stores.

  9. Tomi Engdahl says:

    Vulnerable Powerline Extenders Underline Lax IoT Security
    Multiple vulnerabilities have been found in Tenda PA6 Wi-Fi Powerline
    extender, version This device is part of Tendas PH5
    Powerline Extender Kit and extends the wireless network through homes
    existing electrical circuitry.

  10. Tomi Engdahl says:

    Ransomware crims to sell off ‘scandalous’ files swiped from Mariah
    Carey, Nicki Minaj, Puff Daddy’s legal eagles
    $600k starting bid, say public extortionists, or $42m to keep schtum.
    Ransomware criminals claiming to have siphoned confidential docs on
    Nicki Minaj, Mariah Carey, and Lebron James from an American law firm
    are threatening to auction off the info.

  11. Tomi Engdahl says:

    LG Electronics allegedly hit by Maze ransomware attack
    Maze ransomware operators have claimed on their website that they
    breached and locked the network of the South Korean multinational LG
    Electronics. The details of the attack have not been released but the
    hackers stated that they have stolen from the company proprietary
    information for projects that involve big U.S. Companies.

  12. Tomi Engdahl says:

    DHS has sent hundreds of vulnerability notifications to medical sector during coronavirus pandemic

    A government cybersecurity expert said the government has a secret list of research institutions to give prioritized protections.

  13. Tomi Engdahl says:

    Guy Who Reverse-Engineered TikTok Reveals The Scary Things He Learned, Advises People To Stay Away From It

    Facebook got itself into a sensitive data scandal when it did shady business with Cambridge Analytica, Instagram confirmed a security issue exposing user accounts and phone numbers, but these apps are basically online security havens compared to TikTok, according to one senior software engineer with about 15 years of professional experience.

    Bangorlol thinks that we as a society have normalized giving away our personal information and have no expectations of privacy and security anymore, so giving TikTok our data together with our money is nothing surprising. “The general consensus among most ‘normal’ people is that they can’t/won’t be targeted, so it’s fine. Or that they have nothing to hide, so ‘why should I even care?’ I think the apathy is sourced from people just not understanding the security implications (at all levels) of handing over our data to a foreign government that doesn’t discriminate against who they target, and also doesn’t really have the best track record when it comes to human rights,” he said.

  14. Tomi Engdahl says:

    US Cybercom Virtual War Game Girds Against Increased Threats

    Foreign hackers are taking advantage of the coronavirus pandemic to undermine institutions and threaten critical infrastructure, a top U.S. military cyber official said Thursday.

    The comments from Coast Guard Rear Adm. John Mauger of U.S. Cyber Command came a day after Defense Department officials briefed reporters on virtual war games that digital combatants from U.S. and allied militaries have been holding to sharpen their abilities to counter online threats with real-world impact.

    “We’ve seen increased adversary activity” since the pandemic began, Mauger said on a conference call, declining to discuss the threat in more specific detail. “We’re one part of the whole of government effort to defend our democracy in this complex cyber environment.”

  15. Tomi Engdahl says:

    LG Electronics Victim of Maze Ransomware Attack, Source Code Stolen: Report

    LG Electronics’ Python code seems to have been stolen and the hackers claim a total of 40GB of data has been stolen.

  16. Tomi Engdahl says:

    Spies Can Listen to Your Conversations by Watching a Light Bulb in the Room

  17. Tomi Engdahl says:

    FBI Expands Ability to Collect Cellphone Location Data, Monitor Social Media, Recent Contracts Show

    The federal law enforcement agency’s records show a growing focus on harnessing the latest private sector tools for mass surveillance, including recent contracts with companies that monitor social media posts and collect cellphone location data.

  18. Tomi Engdahl says:

    Warning—Apple Suddenly Catches TikTok Secretly Spying On Millions Of iPhone Users

  19. Tomi Engdahl says:

    Credit card skimmers are now being buried in image file metadata on e-commerce websites

    Magecart attackers are suspected of using an interesting technique to steal your financial data.

  20. Tomi Engdahl says:

    Chinese bank requires foreign firm to install app with covert backdoor
    A multinational tech company gets schooled in the risks of doing
    business in China.

  21. Tomi Engdahl says:

    Nvidia squashes display driver code execution, information leak bugs
    The vulnerabilities impact both Windows and Linux machines.

  22. Tomi Engdahl says:

    Almost 300 Windows 10 executables vulnerable to DLL hijacking
    A simple VBScript may be enough to allow users to gain administrative
    privileges and bypass UAC entirely on Windows 10. The vulnerability
    referred to here is relative path DLL hijacking, which is when an
    attacker can cause a legitimate Windows executable to load an
    arbitrary DLL of the attacker’s choice, most likely with malicious

  23. Tomi Engdahl says:

    Adobe, Mastercard, Visa warn online store owners of Magento 1.x EOL
    Almost 110, 000 online stores are still running the
    soon-to-be-outdated Magento 1.x CMS. Mastercard said that 77% of the
    companies investigated in these incidents were not in compliance with
    PCI DSS requirement 6, the rule that requires store owners to run
    up-to-date systems.

  24. Tomi Engdahl says:

    Journalist’s phone hacked by new invisible’ technique: All he had to
    do was visit one website. Any website
    The white iPhone with chipped paint that Moroccan journalist Omar Radi
    used to stay in contact with his sources also allowed his government
    to spy on him.

  25. Tomi Engdahl says:

    Microsoft quietly created a Windows 10 File Recovery tool, how to use
    Microsoft has created a Windows 10 File Recovery Tool that recovers
    deleted files and forgot to tell anyone.

  26. Tomi Engdahl says:

    A Popular Study Tool Accidentally Exposed Millions Of Student Records
    An improperly-secured online database has left the private information
    of more than a million students exposed. Researchers at vpnMentor say
    the data belonged to OneClass, a tool that lets students share class
    notes and study guides.

  27. Tomi Engdahl says:

    Chinese malware used in attacks against Australian orgs
    The Australian government released an advisory late last week about
    increased cyber activity from a state actor against networks belonging
    to its agencies and companies in the country.

  28. Tomi Engdahl says:

    Apple declined to implement 16 Web APIs in Safari due to privacy
    Apple said these 16 new Web APIs add new user fingerprinting
    opportunities for online advertisers.

  29. Tomi Engdahl says:

    Far-right thugs exploit Black Lives Matter movement, warns UK anti-extremism chief

    Home Office commissioner Sara Khan reveals surge in online hate material since death of George Floyd

  30. Tomi Engdahl says:

    Ransomware is now your biggest online security nightmare. And it’s
    about to get worse
    Criminals understand our weaknesses and how to exploit them. That
    means ransomware isn’t going away.

  31. Tomi Engdahl says:

    Ransomware: Attacks that start with phishing emails are suddenly back
    in fashion again
    Email was once the mainmethod for delivering ransomware. Now familiar
    and new forms of ransomware are using it again. Ransomware attacks via
    email are on the rise again, with several new and familiar forms of
    ransomware recently being distributed with the aid of malicious
    payloads in phishing messages.

  32. Tomi Engdahl says:

    Beware “secure DNS” scam targeting website owners and bloggers
    If you run a website or a blog, you probably use a cloud provider or a
    dedicated hosting company to manage your server and deliver the
    content to your readers, viewers and listeners.

  33. Tomi Engdahl says:

    Palo Alto Networks patches critical vulnerability in firewall OS
    Palo Alto Networks disclosed a critical vulnerability found in the
    operating system (PAN-OS) of all its next-generation firewalls that
    could allow unauthenticated network-based attackers to bypass
    authentication. Only affects devices where SAML authentication is

  34. Tomi Engdahl says:

    Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores
    Adobe and payment-card companies are making last-minute pleas for
    e-commerce sites to update to Magento 2, to avoid Magecart attacks and

  35. Tomi Engdahl says:

    Apple strong-arms entire CA industry into one-year certificate
    Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates
    to 398 days, against the wishes of Certificate Authorities.

  36. Tomi Engdahl says:

    Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game

    Poorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too

    ESET telemetry confirms this trend in an uptick in the number of unique clients who reported brute-force attack attempts blocked via ESET’s network attack detection technology.

    Before the lockdown, most employees worked from the office and used infrastructure monitored and controlled by their IT department. But the coronavirus pandemic has brought a major shift to the status quo. Today, a huge proportion of “office” work occurs via home devices with workers accessing sensitive company systems through Windows’ Remote Desktop Protocol (RDP) – a proprietary solution created by Microsoft to allow connecting to the corporate network from remote computers.

    Despite the increasing importance of RDP (as well as other remote access services), organizations often neglect its settings and protection. Employees use easy-to-guess passwords and with no additional layers of authentication or protection, there is little that can stop cybercriminals from compromising an organization’s systems.

  37. Tomi Engdahl says:

    Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities.

    Apple strong-arms entire CA industry into one-year certificate lifespans

    Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities.

  38. Tomi Engdahl says:

    COVID-19 Breach Bubble’ Waiting to Pop?
    The COVID-19 pandemic has made it harder for banks to trace the source
    of payment card data stolen from smaller, hacked online merchants. On
    the plus side, months of quarantine have massively decreased demand
    for account information that thieves buy and use to create physical
    counterfeit credit cards. But fraud experts say recent developments
    suggest both trends are about to change and likely for the worse.

  39. Tomi Engdahl says:

    Stinker, emailer, trawler, spy: How an engineer stole top US chip
    designs, smuggled them to China to set up a rival fab
    Chinese chap swiped communications blueprints from
    what-is-now-Broadcom on behalf of Beijing. An engineer-turned-spy
    stole confidential blueprints of American wireless electronics on
    behalf of the Chinese government to run a rival factory churning out
    the components in the Middle Kingdom.

  40. Tomi Engdahl says:

    DDoS and dingoes: Australia to bolster cyber-defences with 500 hackers
    amid China spat
    Australia will hire 500 hackers as part of a AU$1.35bn (£754m, $925m)
    boost to protect the nation’s networks from a wave of cyber attacks.

  41. Tomi Engdahl says:

    Google removes 25 Android apps caught stealing Facebook credentials
    The malicious apps were downloaded more than 2.34 million times.

    According to a report from French cyber-security firm Evina shared with ZDNet today, the apps posed as step counters, image editors, video editors, wallpaper apps, flashlight applications, file managers, and mobile games.

    The apps offered a legitimate functionality, but they also contained malicious code.

  42. Tomi Engdahl says:

    Apple: We’re defending your privacy by nixing 16 browser APIs. Rivals:
    You mean defending your bottom line
    iGiant accused of holding back web progress to protect its 30% app cut


Leave a Comment

Your email address will not be published. Required fields are marked *