California Unanimously Passes Historic Privacy Bill June 29, 2018 | sento | Leave a comment California lawmakers unanimously passed a new privacy bill on Thursday that would give residents of the state more control over the information businesses collect on them and impose new penalties on businesses that don’t comply. It is the first law of its kind in the United States. The so-called California Consumer Privacy Act of 2018… Read More
Facebook patent would turn your mic on to analyze how you watch ads June 29, 2018 | sento | Leave a comment Further ReadingFacebook’s Cambridge Analytica scandal, explained [Updated]As Facebook tries to get ahead of public pressure about what the service does and doesn’t track about its users, a patent application has emerged which would enable something that the service’s detractors have long theorized and feared: silently triggered microphones that keep tabs on Facebook users. The patent,… Read More
A new data breach may have exposed personal information of almost every American adult June 29, 2018 | sento | Leave a comment A little-known Florida company may have exposed the personal data of nearly every American adult, according to a new report. Wired reported Wednesday that Exactis, a Palm Coast, Fla.-based marketing and data-aggregation company, had exposed a database containing almost 2 terabytes of data, containing nearly 340 million individual records, on a public server. That included… Read More
PROPagate Code Injection Technique Detected in the Wild for the First Time June 29, 2018 | sento | Leave a comment PROPagate is a relatively new code injection technique discovered last November. Back then, a security researcher found that an attacker could abuse the SetWindowSubclass API, a function of the Windows operating system that manages GUIs, to load and execute malicious code inside the processes of legitimate apps. The infosec research community deemed the technique innovative,… Read More
File-Wiping Malware Placed Inside Gentoo Linux Code After GitHub Account Hack June 29, 2018 | sento | Leave a comment An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system’s distributions that would delete user files. Thankfully, the malicious code fails to trigger properly and users’ files remain safe. How the hacker gained access to Gentoo’s GitHub account still remains a… Read More
Adidas Announces Data Breach June 29, 2018 | sento | Leave a comment The company says it became aware of the breach on Tuesday, June 26, when it learned that an unauthorized party was claiming to have acquired the details of Adidas customers. The company said it’s still investigating the breach with law enforcement and security firms. The sportswear company did not include a tally of affected customers,… Read More
DBGer Ransomware Uses EternalBlue and Mimikats to Spread Across Networks June 15, 2018 | sento | Leave a comment The change was not only in name but also in the ransomware’s modus operandi. According to the researcher, whose discovery was later confirmed by an Intezer code similarity analysis, the new (Satan) DBGer ransomware now also incorporates Mimikatz, an open-source password-dumping utility. The purpose of DBGer incorporating Mimikatz is for lateral movement inside compromised networks.… Read More
SEC announces cryptocurrency ether is not a security June 15, 2018 | sento | Leave a comment Are bitcoin and ether securities? Finally, one of the biggest questions and debates in crypto has been answered by the SEC, officially. In an announcement at Yahoo Finance’s All Market Summit: Crypto in San Francisco on Thursday,the U.S. Securities and Exchange Commission Director of Corporate Finance William Hinman said that the commission would not be… Read More
Malicious Docker Containers Earn Cryptomining Criminals $90K June 15, 2018 | sento | Leave a comment Seventeen malicious Docker containers earned cryptomining criminals $90,000 in 30 days in what could be a harbinger of things to come. The figure may seem tame compared to some of the larger paydays that cryptojackers have earned. But, researchers at Kromtech Security Center warn containers are shaping up to be the next ripe target for… Read More
17 Backdoored Docker Images Removed From Docker Hub June 14, 2018 | sento | Leave a comment The Docker team has pulled 17 Docker container images that have been backdoored and used to install reverse shells and cryptocurrency miners on users’ servers for the past year. The malicious Docker container images have been uploaded on Docker Hub, the official repository of ready-made Docker images that sysadmins can pull and use on their… Read More