Comments on: Cyber security news August 2020 https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/ All about electronics and circuit design Wed, 22 Apr 2026 08:40:06 +0000 hourly 1 http://wordpress.org/?v=3.9.14 By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1690412 Mon, 07 Sep 2020 04:40:25 +0000 https://www.epanorama.net/blog/?p=186654#comment-1690412 A hacking course on PornHub, strange!
https://www.facebook.com/groups/2600net/permalink/2823820341174406/

They started moving over there when YouTube incorrectly started banning videos

Oh yeah that guy. https://www.reddit.com/r/IAmA/comments/azwb59/im_ryan_creamer_i_make_wholesome_sfw_videos_on/

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689879 Tue, 01 Sep 2020 15:32:01 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689879 Apple has some of the strictest rules to prevent malicious software from landing in its app store, even if on occasion a bad app slips through the net. https://tcrn.ch/2YSRHLQ

Apple mistakenly approved a widely used malware to run on Macs
https://techcrunch.com/2020/08/31/apple-notarized-mac-malware/?tpcc=ECFB2020

Apple has some of the strictest rules to prevent malicious software from landing in its app store, even if on occasion a bad app slips through the net. But last year Apple took its toughest approach yet by requiring developers to submit their apps for security checks in order to run on millions of Macs unhindered.

The process, which Apple calls “notarization,” scans an app for security issues and malicious content. If approved, the Mac’s in-built security screening software, Gatekeeper, allows the app to run.

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689815 Tue, 01 Sep 2020 08:18:40 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689815 Lily Hay Newman / Wired:
Researcher finds a macOS adware campaign using malware notarized by Apple; after being notified, Apple shut it down, but then another notarized variant emerged — The ubiquitous Shlayer adware has picked up a new trick, slipping past Cupertino’s “notarization” defenses for the first time.

Apple Accidentally Approved Malware to Run on MacOS
The ubiquitous Shlayer adware has picked up a new trick, slipping past Cupertino’s “notarization” defenses for the first time.

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689800 Tue, 01 Sep 2020 05:22:23 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689800 Breaking: a new Firebase FCM exploit seems to have hit #MSTeams. The vulnerability was first reported on CyberNews via Abss, affecting possibly billions of users of popular apps like Hangouts, YouTube, and more.

Exposed FCM keys leaves billions of users open to mass spam and phishing notifications
https://cybernews.com/security/exposed-google-keys-leaves-billions-of-users-open-to-mass-spam-and-phishing-notifications/?utm_source=facebook&utm_medium=traffic_rm&utm_campaign=news&utm_content=exposed_google_keys

New vulnerabilities involving Google’s Firebase Cloud Messaging (FCM) service could have allowed fraudsters to send mass spam and phishing push notifications to billions of Android users. The exploit involves Firebase, a Google platform that allows app developers to build their apps, and leverages its Firebase Cloud Messaging Service. This was discovered by Abhishek Dharani, a Bangalore-based security researcher better known as “Abss.”

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689756 Mon, 31 Aug 2020 16:21:04 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689756 Elon Musk Says Failed Russian Ransomware Attack on Tesla Was ‘Serious’
https://www.newsweek.com/elon-musk-russian-ransomware-attack-tesla-1528524

Kriuchkov allegedly offered to pay the unnamed Russian-speaking employee—who worked at the Tesla “Gigafactory” in Reno, Nevada—$1 million to install the malware. The employee instead notified Tesla, which contacted the FBI. Agents then ran a sting operation using the employee to catch Kriuchkov, who was arrested Tuesday.

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689725 Mon, 31 Aug 2020 06:58:06 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689725 https://www.securityweek.com/new-attacks-allow-bypassing-emv-card-pin-verification

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689724 Mon, 31 Aug 2020 06:57:43 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689724 https://www.securityweek.com/researchers-analyze-traffic-statistics-popular-cybercrime-forums

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689722 Mon, 31 Aug 2020 06:55:15 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689722 Ex-employee hacked Cisco’s AWS Infrastructure; erased virtual machines
https://www.hackread.com/ex-employee-hacked-cisco-cloud-erased-virtual-machines/
A former Cisco employee, Sudhish Kasaba Ramesh has pleaded guilty for
damaging and exploiting the company’s internal networks. His reckless
action resulted in obliterating more than 16, 000 Webex Teams
application. In order to ensue remedial measures, Cisco had to spend a
whopping $1.4 million and refund $1 million to the affected customers.

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689721 Mon, 31 Aug 2020 06:54:43 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689721 Major internet outage: Dozens of websites and apps are down
https://edition.cnn.com/2020/08/30/tech/internet-outage-cloudflare/index.html
Cloudflare, an internet service that is supposed to keep websites up
and running, was down itself Sunday, taking dozens of websites and
online services along with it. Hulu, the PlayStation Network, Xbox
Live, Feedly, Discord, and dozens of other services reported
connectivity problems Sunday morning. Cloudflare said the problem was
with a third-party “transit provider, ” and its service was becoming
increasingly stable over the course of the day. CenturyLink, formerly
known as Level 3, confirmed there was an IP outage impacting Content
Delivery Networks (CDN), and that all services had been restored as of
11:12 am ET. also: https://isc.sans.edu/forums/diary/

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2020/08/01/cyber-security-news-august-2020/comment-page-5/#comment-1689720 Mon, 31 Aug 2020 06:54:12 +0000 https://www.epanorama.net/blog/?p=186654#comment-1689720 New Zealand bourse resumes trade after cyber attacks, government
activates security systems
https://www.reuters.com/article/uk-nzx-cyber/new-zealand-bourse-resumes-trade-after-cyber-attacks-government-activates-security-systems-idUSKBN25O03Q
New Zealand’s stock exchange resumed trading on Friday, after facing
disruptions for four consecutive days in the wake of cyber attacks
this week, while the government said national security systems had
been activated to support the bourse. Finance Minister Grant Robertson
said the Government Communications Security Bureau and the national
agency fighting cyber crime had been called in to help the bourse. “I
can’t go into much more in terms of specific details other than to say
that we as a government are treating this very seriously, ” Robertson
said in a media briefing in Wellington.There is no clarity on who was
behind these two “offshore” attacks, but the failure to stop them has
raised questions about New Zealand’s security systems, experts said.

]]>