Infosecurity News
VTech to Pay $650K to Settle Kids’ Privacy Case
Digital toymaker was also accused by FTC of failing to properly secure children’s data
WPA3 Set to Secure Public Wi-Fi Networks in 2018
New protocol will land later this year
Hard-Coded Backdoor in My Cloud Devices Offers Attackers Access to Personal Photos, Videos
Threat actors could gain control over the device, exfiltrate information and spread malware.
Google Drive Exploited to Download Malware Directly from URL
Proofpoint uncovered the vulnerability and created a proof of concept exploit for the issue, which exists in the Google Apps Script.
Monero Crypto-Mining Invades BlackBerry Mobile Site
Coinhive weighed in on the Reddit thread saying that the site appears to have been surreptitiously infected.
UK Companies Set to Splurge on Cyber-Risk Mitigation
ICSA report claims cyber remains top risk for boardrooms in 2018
Attackers Target Winter Olympics with Weaponized Word Doc
New steganography tool used to obfuscate attack
UK Firms Deluged with Cyber-Attacks in 2017
ISP spots 633 daily attempts per business to breach the corporate firewall
Apple Confirms Devices Affected by Meltdown, Spectre
As vendors rush patches out, Shadow Brokers claims it has an exploit for sale.
Nuisance Adware Torments Android Users
Victims are forced to press on ads to answer or end calls, make a Wi-Fi connection, charge the phone or unlock the screen.
Private Eyes, Fire and Fines: ICO Hands Down Record Damages
A firm of loss adjusters has been fined £50K for using rogue private investigators to collect information illegally in insurance claim.
White House Bans Personal Phones in West Wing
Trump administration cites security concerns, but CISO role remains unfilled
Microsoft Issues Warning for Meltdown Fix
Out-of-band update could cause BSOD for some
Fake Google Play Security Apps Harvest User Info
Google takes down 36 malware-laden apps
Android Trojan Targets 200+ Global Financial Apps
Banker A2f8a is designed for stealing login credentials, hijacking SMS messages and more.
Stealthy Crypto-Miners Are Slipping Into Web Ads
The trojanized ads attempt to con site visitors into clicking on a pop-up that would initiate a secret mining process.
Targeted Attacks on Industrial Sector Growing Rapidly
About 28% of the 962 industrial companies surveyed have faced targeted attacks in the last 12 months.
VMware Issues Critical VDP Update
Virtualization giant fixes three vulnerabilities
Major Chip Flaws Confirmed as “Meltdown” and “Spectre”
Impact of discoveries could be felt for years, claim researchers
DHS Admits Major Leak Affecting 247,000 Employees
Unauthorized data exfiltration may have hit many more