Latest News

11 mins ago
Corbin Davenport / Android Police

Google Partly Backtracks on Planned Chrome Changes That Would Prevent Some Ad Blockers From Working

Google is partly backtracking on planned changes to the current API level for Chrome extensions, called “Manifest V2,” which was introduced in 2012, due to objections made by extension developers that one of the proposed changes could prevent many content blockers from functioning. Google’s plan for “Manifest V3” entail reducing the possible damage that malicious extensions can cause through a new declarativeNetRequest API, designed to replace the webRequest API, which would have negative consequences for ad blockers such as AdBlock and uBlock Origin. Developers of the popular Ghostery extension released a study showing that a Google performance rationale for the change did not have merit and Google made some changes in response to ease the problem.

38 mins ago
Kyle Bradshaw / 9to5Google

Google Is Preparing to Fix a Flaw in Chrome That Allows Developers to Detect Use of Incognito Mode

A series of recent commits to Chromium’s Gerrit source code management reveals that Google is preparing to fix a flaw in Chrome that can be abused by web developers to detect whether users are using Incognito Mode. According to a set of new code changes, Google is finally looking to fix this issue. Often used by major publications with paywalls to detect users who opt for Incognito mode to thwart the paywalls, the flaw allows developers to use the “FileSystem” API  to create permanent files that would stay behind after leaving Incognito, defeating one of the feature’s main purposes.

1 hour ago

Indian Hacking Group ‘Team I Crew’ Reportedly Takes Down 200 Pakistan Army and Foreign Ministry Sites to Protest Terror Attacks

Following terror attacks in Jammu and Kashmir in which 40 Indian Central Reserve Police Force (CRPF) personnel were killed,  more than 200 Pakistani websites, including those of the Pakistan army and foreign ministry, have reportedly been hacked by an Indian hacker group called “Team I Crew” in protest. Messages such as “We will never forget #14/02/2019,” “Dedicated to the martyrs sacrificed their lives in #PulwamaTerrorAttack,” appear on some of the websites along with a condolence note for the families of those killed in the attack.

10 hours ago
Catalin Cimpanu / ZDNet

Hacker ‘Gnosticplayers’ Posts on Dream Market Third Set of Eight Hacked Databases, Data for Nearly 93 Million Users in This Set

A hacker who uses the name “Gnosticplayers” has put up for sale on the dark web a third set of eight hacked databases containing data for 92.76 million users, including a hacked database from GfyCat, the GIF hosting and sharing platform. The hacker is selling each database individually on the dark web-based Dream Market, with all eight worth 2.6249 bitcoin or around $9,400. Gnosticplayers took credit for the previous two large databases found for sale on Dream Market, one that represented 16 databases containing the data of 620 million users and a second set of eight databases containing the data of 127 million users. The hacker says he intends to sell over one billion user records and then disappear with the money. None of the eight companies in the latest batch of databases has publicly reported a data breach.

21 hours ago
Rowena Mason / The Guardian

UK Intelligence Arm Reportedly Says Any Chinese Interference That Stems From Use of Huawei Technology Can Be Managed to Mitigate Risk

The National Cyber Security Centre (NCSC), an arm of the UK’s top intelligence agency GCHQ, will reportedly advise that the security risk of interference by the Chinese government should be manageable if the technology of China’s telecom tech giant Huawei is used in the deployment of 5G networks. Fears have arisen across Western and European governments that Huawei is capable of building surveillance backdoors into its telecom gear on behalf of the Chinese Government. The NCSC only gives technical advice, but the UK government is undertaking a review of the use of Huawei’s gear which should be available in the spring.

22 hours ago
David Wroe and Chris Uhlmann / Sydney Morning Herald

Australia Accuses Foreign Nation-State of Cyberattacks on Political Parties, Parliament Ahead of May Elections

Australian Prime Minister Scott Morrison announced that Australia’s political parties suffered cyber attacks alongside the Parliament House computer network several weeks ago by a “sophisticated state actor,” fueling speculation that China was involved in the attacks just three months before the country’s federal elections in May although Morrison didn’t specify the source of the attacks. The Liberal, Labor, and Nationals were affected by the attacks which are understood to bear the hallmarks of Chinese hacking efforts although it’s possible that other attackers might have sought to emulate China’s techniques. Morrison said he has instructed “the Australian Cyber Security Centre to be ready to provide any political party or electoral body in Australia with immediate support, including making their technical experts available.” There is no evidence that any data had been taken or altered nor is there evidence that Australia’s voting infrastructure was affected.

23 hours ago
David Pegg / Guardian

UK Parliament Committee Report Accuses Facebook, Company Executives of Being ‘Digital Gangsters’ for Obstructing Justice and Failing to Quell Manipulative Disinformation Efforts

The final report of the UK parliament’s Digital, Culture, Media and Sport select committee on its 18-month investigation into Facebook’s dissemination of disinformation branded the company and its executives as “digital gangsters,” accusing Facebook of purposefully obstructing its inquiry and failing to tackle attempts by Russia to manipulate elections. The report accuses Facebook CEO Mark Zuckerberg of contempt for Parliament for his three-time refusal to testify before the body, warns that British law is unfit to deal with interference by foreign adversaries seeking to discredit democracy, and calls for the British government to establish an independent investigation into “foreign influence, disinformation, funding, voter manipulation and the sharing of data” regarding a series of electoral initiatives.

2 days ago
Seth Borenstein / Associated Press

Census Bureau Data From 2010 Can Expose Some Basic Personal Information From 138 Million Americans

Basic personal information collected from 138 million Americans during the 2010 census, including age, gender, location, race, and ethnicity, could be reconstructed from encrypted data, but with lots of mistakes, Census Bureau chief scientist John Abowd told a scientific conference. So far, only internal hacking teams have discovered the possible data exposure. To release statistics in a way that the data could not personally identify individuals, the Bureau swapped similar household information from one city to another. But internal tests allowed officials to match 45% of the people who answered the 2010 census with information from public and commercial data sets such as Facebook. The Bureau is planning to use stronger encryption methods for the 2020 census to eliminate this kind of privacy flaw.

3 days ago
Jeff Stone / Cyberscoop

Eight Monero Mining Apps Were Available on the Microsoft App Store For Months in 2018

Eight Monero mining applications distributed by the developers DigiDream, 1clean and Findoo slipped past Microsoft’s screening mechanisms to land in the Microsoft App store between April and December 2018, researchers at Symantec discovered. The apps were posing as Windows 10 tools to help users optimize their batteries, aid their internet searches and help stream or download video. The apps went by the names Fast-search Lite, Battery Optimizer (Tutorials), VPN Browser+, Downloader for YouTube Videos, Clean Master + (Tutorials), FastTube, Findoo Browser 2019 and Findoo Mobile and Desktop Search. Microsoft has removed the apps.

3 days ago
Joseph Marks / Washington Post

DHS’ Krebs Says Contrary to Reports, DISA Will Actually Surge, Not Reduce, Election-Protecting Efforts Over the Next Two Years

Pushing back against a Daily Beast report that indicated the Department of Homeland Security (DHS) was reducing two election-related task forces, Chris Krebs, who leads DHS’s Cybersecurity and Infrastructure Security Agency, says his agency is actually surging efforts to protect elections against foreign hackers in the two years leading up to the 2020 elections. Krebs told reporters that DHS will be devoting more money to election security during 2019 than it did last year and there will be more CISA employees protecting election systems in 2020 than there were during the midterms.  The compromise budget bill passed by Congress on Thursday, which provides $33 million for election security, is up from $26 million for election security in 2018, allowing CISA to give more support to state election officials and to expand the agency’s work on behalf of election officials at the local and county level, Krebs said.

4 days ago
Dan Goodin / Ars Technica

WannaCry Hero Marcus Hutchins Loses Bid to Suppress Self-Incriminating Statements Following His Arrest

British security researcher Marcus Hutchins, also known as Malwaretech, who stopped the destructive WannaCry ransomware worm from spreading in 2017 but was subsequently arrested for his alleged role in helping to create the Kronos banking malware lost his bid to suppress self-incriminating statements made after his arrest. Hutchins was arrested in August 2017 while waiting to board a flight at McCarran International Airport in Las Vegas after attending hacking conference DEFCON. Hutchins said he was confused during the interrogation by federal agents in an airport interview room shortly after he was arrested. Hutchins also allegedly made incriminating statements during phone calls in jail after his arrest. US District Judge J.P. Stadtmueller of the Eastern District of Wisconsin denied Hutchins’ motion to dismiss the incriminating statements, despite his attorneys’ arguments that Hutchins was intoxicated and hungover from partying at DEFCON, his failure to waive his Miranda rights and his limited understanding of the U.S. judicial system.

4 days ago
Catalin Cimpanu / ZDNet

Facial Recognition Database Used to Track Uyghur Muslims in China Left Exposed on Open Internet

A facial recognition database that the Chinese government is using to track the Uyghur Muslim population in the Xinjiang region has been left open on the Internet for months, according to security researcher Victor Gevers. The database belongs to a Chinese company named SenseNets and contains information on 2,565,724 users, along with a stream of GPS coordinates that come in at a rapid pace. The user data contains highly detailed and highly sensitive information that someone would usually find on an ID card, along with a list of GPS coordinates, locations where that user had been seen. The database further included “trackers” and associated GPS coordinates that appear to be the locations of public cameras from where video had been captured and was being analyzed. The database appears to be an active one, with ongoing streams of GPS data being fed into it.

4 days ago
Ellen Nakashima / Washington Post

U.S. Cyber Command Credited With Protecting 2018 Midterm Elections From Russian Interference

During a hearing of the Senate Armed Services Committee, a bi-partisan group of Senators praised U.S. Cyber Command (CyberCom) for protecting election infrastructure during the 2018 midterm elections against intrusions by Russian aggressors. General Paul Nakasone, the command’s leader, stopped short of saying it was CyberCom that made the difference, telling Senator Mike Rounds (R-SD) that safeguarding the election was Cybercom’s’ “number-one priority.”  CyberCom’s operation reportedly involved a form of electronic signaling to Russian hackers and “trolls” who conduct disinformation campaigns on social media, signaling to the Russians that the U.S. knew where their command-and-control operations were and that those operations could be interrupted at any time.

4 days ago
Catalin Cimpanu / ZDNet

Hackers Are Using Two-Year-Old Vulnerability in Kaseya Plugin for ConnectWise to Deploy GandCrab Ransomware to Unpatched Systems

Hackers have used a two-year-old vulnerability in the Kaseya plugin for the ConnectWise Manage software, a professional services automation (PSA) product used by IT support firms, to gain access to vulnerable networks and deploy the GandCrab ransomware on those companies’ customer workstations, according to researchers at Huntress Labs. The vulnerability is a SQL injection vulnerability (CVE-2017-18362) in the plugin that could allow attackers to create new administrator accounts. Kaseya released patches at the time of the flaw’s discovery but many companies failed to install them. Attackers exploiting the vulnerability started to do so at the end of January and at least one managed service provider has been infected deploying the ransomware to at least 80 workstations.

4 days ago
Zack Whittaker / TechCrunch

Hacker Who Stole 620 Million User Records From 16 Websites Has Stolen Another 127 Million Records From Eight More Websites

The hacker who stole 620 million user records from 16 websites has stolen another 127 million records from eight more websites and is selling them on the dark web for about $14,500 in bitcoin. The hacker’s latest haul included 18 million records from travel booking site Ixigo, 40 million records from live-video streaming website YouNow, four million records from gaming site Roll20 and more. Two of the sites listed on the dark web marketplaces where the stolen data is peddled, Ixigo and PetFlow, used the old and outdated MD5 hashing algorithm to scramble passwords, which is easy to decrypt. The hacker may have used the same security flaw back-end PostgreSQL database software security flaw to steal the data because six of the 16 sites were running that software.

4 days ago
Tony Romm / Washington Post

Facebook Could Face a Multibillion-Dollar FTC Fine for Privacy Lapses Under Its 2011 Consent Decree, Sources

The Federal Trade Commission and Facebook are negotiating over a multibillion-dollar fine the trade watchdog would pay over violations of a privacy decree the social media giant signed with the FTC in 2011, according to two people familiar with the situation. The possibly record-breaking fine stems from Facebook’s involvement with political consultancy Cambridge Analytica, which improperly access data on 87 million Facebook users. Under agency rules, the FTC could levy such a large fine for the decree violations because of the number of times the decree was violated.

5 days ago
Makena Kelly / The Verge

Dating App Coffee Meets Bagel Reports Data Breach, Users on the App Before May 2018 Affected

Dating app Coffee Meets Bagel sent its users an email saying that their personal data may have possibly been stolen in a data breach. Users who were on the app before May 2018 may have had their names and addresses leaked in the breach, but no passwords or credit card information was affected. User accounts from Coffee Meets Bagel were part of the 617 million user account details that were discovered for sale on the dark web.

5 days ago
Shoshanna Solomon / Times of Israel

Spyware Company NSO Group Along with Private Equity Firm Buy out Francisco Partner’s Ownership Stake in a Deal That Values the Company at $1 Billion

The management team and founders of controversial Israeli spy company NSO Group said they have purchased along with European private equity firm Novalpina Capital, global private equity firm Francisco Partners’s stake in the company in a deal that gives NSO Group an estimated $1 billion valuation. Francisco partners bought a 70% stake in the company in 2014 for a reported  $110 million to $130 million. Novalpina and the management team each now own 50% of the company. NSO Group supplies phone tracking software to governments around the globe, including some repressive regimes such as Saudi Arabia, Mexico, and Qatar. Its software was reportedly used to target Saudi Arabian journalist Jamal Khashoggi in the months leading up to his murder.

5 days ago
Erin Banco, Betsy Woodruff / Daily Beast

DHS Election Security Task Forces Dramatically Reduced in Terms of Personnel, Cybersecurity Agency Says That’s Temporary

Two task forces assembled to fight foreign election interference that are part of the Department of Homeland Security’s  (DHS) Cyber Security and Infrastructure Agency (CISA) have been dramatically reduced in terms of personnel, according to three current and former DHS officials. The task forces, one focused on securing election infrastructure and the other focused on foreign influence and disinformation campaigns, were staffed by temporarily assigned employees, according to DHS, but will be reinstitutionalized with new employees that DHS is hiring into permanent election security positions. During testimony before the House Homeland Security Committee, CISA Director Christopher Krebs told lawmakers that election security remains a high priority for the agency and “the threat to our democratic institutions remains and we must continue to press for increased security.”

5 days ago
Stephen Nellis and Paresh Dave / Reuters

Software Pirates Are Using Hijacked Apple Developer Certificates to Distribute Modified Versions of Popular Apps

Software pirates such as TutuApp, Panda Helper, AppValley and TweakBox have hijacked enterprise developer certificates designed by Apple to distribute hacked versions of Spotify, Angry Birds, Pokemon Go, Minecraft and other popular apps on iPhones. The certificate program was introduced by Apple to let corporations distribute business apps to their employees without going through Apple’s tightly controlled App Store. The illicit software distributors have been using the certificates to enable them to stream music without ads and to circumvent fees and rules in games, depriving app developers and Apple of revenue. Apple has no way of tracking the real-time distribution of the certificates. After Reuters first contacted Apple about this situation, some of the pirates were banned from the system but were back within days using different certificates. Apple said it will start using two-factor authentication for developer accounts by the end of the month, which could help reduce the use of developer certificate abuse.


1 hour ago
Darknet Diaries

Ep 32: The Carder

A carding kingpin was tracked by the Secret Service. How did he steal the cards? Where was he stealing them from? How much was he making doing this? And where did he go wrong? Find out all this and more as we listen to how the Secret Service investigated the case.

1 day ago
ISC StormCast

Snap Patches; Properties in Office Docs, Bro-Sysmon, Cryptojacking

Johannes Ullrich talks about Snap Patches Available, Finding Property Values in Office Documents, Bro-Sysmon, Cryptojacking Apps in Microsoft App Store.

1 day ago
Brakeing Down Security

CSRF, XSS, infosec hypocrites, and the endless cycle

In this week’s podcast, what #CSRF is, why some folks have a hard time understanding it, Google trying to get rid of xss in Chrome, Amanda Berlin explains issues with setting up Google Cloud Compute and more.

1 day ago
Open Source Security Podcast

Episode 134 – What’s up with the container runc security flaw?

Josh Bressers and Kurt Seifried talk about the new runc container security flaw. How does the flaw work, what can you do about it, what should you do about it, and what the future of container security may look like.

2 days ago

Marcus Carey’s ‘Tribe of Hackers’

Following a recap of the week’s news, Threatcare CEO Marcus Carey talks about a new book he co-authored, “Tribe of Hackers.” and his various inspirations for the book, which ranges from hacker Ron Gula to rapper Jadakiss.

2 days ago

Turn off the Internet, The Containers are Leaking, and Why are my genitals in the Enquirer

Geoff Walton, Rob Simon, Alex Hamerstone, David Boyd and Jessica Ryan talk about Russia disconnecting from the Internet, Doomsday Docker security hole discovered and how Bezos’ pics might have been exposed.


Cybersecurity Events

Feb. 2-9SANS Security East 2019New Orleans, LAUSA
Feb. 7-8MANUSECMunichGermany
Feb. 9BSides SeattleSeattle, WAUSA
Feb. 12-13TEISS 2019LondonUK
Feb. 13HackconOsloNorway
Feb. 11-16SANS AnaheimAnaheim, CAUSA
Feb. 15-16OffensiveConBerlinGermany
Feb. 16-17BSides MelbourneMelbourneAustralia
Feb. 25-Mar. 3Open-Source Intelligence SummitAlexandrai, VAUSA
Mar. 1-2NullconGoaIndia
Mar. 4-8RSA ConferenceSan Francisco, CAUSA
Mar. 10BSides San Jose 2018San JoseCosta Rica
Mar. 13-14Tactical EdgeBogotaColombia
Mar. 18-22TROOPERS19HeidelbergGermany
Mar. 19NFEA - Cyber Security 2019OsloNorway

Support Us!

Subscribe to Our Newsletter

Subscribe to our newsletter and get our daily and highly enjoyable summary of cybersecurity developments you must know if you want to stay ahead.

We don't spam and we value your privacy. We don't sell or share our subscriber lists ever. For more information, please read our privacy policy at Metacurity's Privacy Policy page.