Employers! Gain Access to Thousands of Elite Cybersecurity Professionals Each Month.

Metacurity has launched a jobs destination to offer our thousands of unique visitors each month access to infosec job opportunities. We offer employers cost-effective access to the elite cybersecurity personnel who visit Metacurity.  Post your jobs there now to find the scarce talent you seek.

Sponsor message. Interested in sponsoring Metacurity? Email us at info@metacurity.com and we’ll get back to you right away.


Latest News

15 hours ago
Dan Raywood / Infosecurity Magazine

Sophos Confirms Restructuring in Face of COVID-19 Crisis But Denies Shuttering of Naked Security Blog

Cybersecurity company Sophos has confirmed that it is implementing some internal restructuring but denied that it plans to close its Naked Security blog. Following reports which emerged last night about Sophos’ plans to furlough staff and close the award-winning blog, a spokesperson for Sophos has confirmed plans to restructure in response to market conditions associated with COVID-19. A spokesperson for Sophos said, “We can assure you that Naked Security will continue to be a source of information moving forward.”

16 hours ago
Ryne Hager / Android Police

Dropbox Launches Password Manager Called Dropbox Passwords, Available in Invite-Only Mode Right Now

Dropbox just dropped a new app on the Google Play Store called Dropbox Passwords app. According to its listing, the so-called “early access” app is a password manager available exclusively in an invite-only private beta for some Dropbox customers. Although anyone can seemingly download, users can’t actually log in without being invited, even if they’re a Dropbox Plus customer.

19 hours ago
Alistair Bunkall / Sky News

British Army Launches 13th Signal Regiment, New Military Cyber Unit to Protect Forces

The British Army has created a new military cyber unit to protect forces in the modern era. The 13th Signal Regiment, formally launched on Monday, will be based at Blandford Forum in Dorset but operate where needed around the world.

ANNOUNCING METACURITY’S INFOSEC JOBS DESTINATION

Metacurity is now offering employers a unique way to reach out to thousands of elite infosec job candidates. Visit our infosec jobs destination today and take advantage of early-bird pricing.

(Sponsor message)


19 hours ago
Lawrence Abrams / Bleeping Computer

Maze Ransomware Operators Successfully Attacked Business Giant Conduent, Leak 1GB of Allegedly Stolen Files as Proof

The Maze Ransomware operators are claiming to have successfully attacked business services giant Conduent, where they stole unencrypted files and encrypted devices on their network. They posted a new entry to their data leak site that states that they breached the system for Conduent in May 2020. As ‘proof’ that the threat actors breached Conduent, 1GB worth of files were posted that allegedly was stolen during the ransomware attack. Conduent confirmed that they suffered a ransomware attack on May 29th, 2020, that impacted services for approximately 10 hours.

19 hours ago
Thomas Brewster / Forbes

DDoS Attacks on Anti-Racism Websites Soared by 1,120 Times After Death of George Floyd

After the death of George Floyd and the subsequent protests across the U.S., DDoS attacks on anti-racism and advocacy groups spiked by 1,120 times, according to Cloudflare. It’s unclear who is behind the attacks, but they included attempts to neuter anti-racist organizations’ freedom of speech. Between April 25 and 26 to the weekend of May 30 and 31, advocacy groups went from having almost no attacks at all to attacks peaking at 20 thousand requests per second on a single site.

1 day ago
Zack Whittaker, Frederic Lardinois / TechCrunch

VMWare Is Buying Threat Detection Network Security Firm Lastline and Will Let 50 Lastline Employees Go

Cloud infrastructure and digital workspace infrastructure company VMware is buying threat detection network security firm Lastline and will let go around 40% of Lastline’s employees, about 50 staffers, as part of the acquisition. Terms of the deal were not disclosed. The deal, subject to regulatory approvals, is expected to close by the end of July.

1 day ago
Dan Sabbagh / The Guardian

GCHQ Chief Says That UK Intel Agencies Are Urgently Working to Prevent Hackers From Stealing Coronavirus Secrets From Britain’s Leading Research Institutions

Jeremy Fleming, the head of the UK’s top spy agency GCHQ, said that Britain’s intelligence agencies are working urgently to prevent hackers from hostile states, including China, trying to steal the secrets of a potential coronavirus vaccine from the UK’s leading research institutions. He said the hackers are looking for pretty basic vulnerabilities such as situations with insufficient backup.

1 day ago
Zack Whittaker / TechCrunch

Tycoon Ransomware Relies on Java Image to Go Undetected, Deploys Persistent Backdoor to Gain Easy Re-Entry

BlackBerry’s researchers said that a ransomware hacker broke into an unnamed European educational institute using a remote desktop server connected to the internet, and deployed a persistent backdoor in order to gain easy access to the network after they leave.  They said it was the first time they’ve seen a ransomware module, which they dubbed Tycoon, compiled into a Java image file format, or JIMAGE, which are rarely scanned by anti-malware software and mostly go undetected.

1 day ago
Alexander Martin / Sky News

Maze Ransomware Hackers Begin Leaking Documents of Subcontractor Working on Minuteman Nuclear Missile

Hackers have stolen confidential documents from a US military contractor which provides critical support as an engineering subcontractor for Northrup Grumman, which makes the country’s Minuteman III nuclear deterrent. After gaining access to Westech International’s computer network, the Maze ransomware criminals encrypted the company’s machines and began to leak documents online to pressure the company to pay extortion…

1 day ago
Sara Fischer / Axios

Facebook Said It Will Block State-Controlled Media Outlets From Buying Ads Out of an Abundance of Caution

Facebook said Thursday it will begin blocking state-controlled media outlets from buying advertising in the U.S. this summer. It’s also rolling out a new set of labels to provide users with transparency around ads and posts from state-controlled outlets. Outlets that feel wrongly labeled can appeal the process…

1 day ago
Christopher Bing / Reuters

Google Threat Analysis Group Head Says China-backed Hackers Have Targeted Biden Campaign, Iranian Hackers Have Targeted Trump’s Campaign Staff

State-backed hackers from China have targeted staffers working on the U.S. presidential campaign of Democrat Joe Biden, the head of Google’s Threat Analysis Group, Shane Huntley, said in a series of tweets. He also said Iranian hackers had recently targeted email accounts belonging to Donald Trump’s campaign staff. Huntley said there was “no sign of compromise” of either campaign. Google did not offer any details beyond tweets containing the statements sent out by Huntley.

1 day ago
Ax Sharma / Bleeping Computer

Stealthy Tool ‘USBCulprit’ Developed by Chinese APT Group Cycldek Targets Air-Gapped Systems

A custom-designed stealthy tool called ‘USBCulprit,’ which has sophisticated information-leeching capabilities, mainly when used on an air-gapped system was revealed this week by Kaspersky Lab. Developed by a Chinese APT group known as Cycldek, Conimes, or Goblin Panda, the tool is designed for compromising air-gapped devices via USB. USBCulprit enters the system via RTF documents or other unknown means, performs an extensive scanning of the victim’s system, and begins to leech documents, passing them and replicating itself onto removable media. “It is capable of scanning various paths in victim machines, collecting documents with particular extensions, and passing them on to USB drives when they are connected to the system. It can also selectively copy itself to a removable drive in the presence of a particular file, suggesting it can be spread laterally by having designated drives infected and the executable in them opened manually,” Kaspersky says.

1 day ago
Catalin Cimpanu / ZDNet

Massive Campaign Carried Out From 20,000 IP Addresses Targeted WordPress Sites to Extract Database Credentials

A massive campaign against WordPress websites was launched over the past weekend, attacking old vulnerabilities in unpatched plugins to download or export wp-config.php files from unpatched sites, extract database credentials, and then use the usernames and passwords to take over databases, according to researchers at firewall company Wordfence. The campaign accounted for 75% of all attempted exploits of plugin and theme vulnerabilities across the WordPress ecosystem, the researchers say.  The attacks were carried out from a network of 20,000 different IP addresses. Most of these IPs were also previously used in another large-scale campaign that targeted WordPress sites at the start of May.

2 days ago
Liam Tung / ZDNet

Cisco Issues Security Updates That Patch More Than Two Dozen Flaws In Its Industrial Routers, Switches

As part of its semi-annual advisory bundle for IOS XE and IOS networking software, Cisco issued 23 advisories describing 25 vulnerabilities, including four critical security flaws affecting router equipment that uses its IOS XE and IOS software. The most critical flaw, CVE-2020-3227, concerns the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software, which allows a remote attacker without credentials to execute Cisco IOx API commands without proper authorization. All four bugs were found by Cisco’s penetration testing squad, the Cisco Advanced Security Initiatives Group.

2 days ago
Lawrence Abrams / Bleeping Computer

San Francisco Retirement System Said Personal Information for Around 74,000 Members Were Exposed in Data Breach

In a notification filed with the state of California, the San Francisco Employees’ Retirement System (SFERS) said it suffered a data breach after an unauthorized person gained access to a database hosted in a test environment. SFERS stated that one of their vendors had set up a test environment that included a database containing the information for approximately 74,000 SFERS members. On March 21, 2020, the vendor learned that the server had been accessed by an unauthorized third-party on February 24, 2020, and then notified SFERS of the breach on March 26.  SFERS said that no Social Security Numbers or bank account information were contained in the breach. However, there was enough personal information exposed that could be used by threat actors in attacks.

2 days ago
Mohit Kumar / The Hacker News

Zoom Patched Two Critical Vulnerabilities That Could Have Allowed Attackers to Execute Malicious Code

Two critical vulnerabilities in the Zoom software could have allowed attackers to hack into the systems of group chat participants or an individual recipient remotely, researchers at Cisco Talos discovered. Both flaws are path traversal vulnerabilities that could be exploited to write or plant arbitrary files on the systems running vulnerable versions of the video conferencing software to execute malicious code. The researchers say exploitation of both flaws requires little to no interaction from targeted chat participants and can be executed just by sending specially crafted messages through the chat feature to an individual or a group. One flaw (CVE-2020-6109) resided in the way Zoom leverages GIPHY service to let its users search and exchange animated GIFs while chatting. The second flaw, a remote code execution vulnerability (CVE-2020-6110), resided in the way vulnerable versions of the Zoom application process code snippets shared through the chat. Zoom patched both critical vulnerabilities last month with the release of version 4.6.12 of its video conferencing software for Windows, macOS, or Linux computers.

2 days ago
James Vincent / The Verge

Amid Protests Against Racism and Police Violence, Signal Announces New Face-Blurring Tool to Protect Identities

Encrypted messaging app Signal has announced a new face-blurring tool to help protect the identities and privacy of people in photos that will be incorporated into the latest Android and iOS versions of the software. Users sharing pictures through the app will be able to quickly blur faces. Signal co-founder Moxie Marlinspike linked the update to the worldwide protests against racism and police violence sparked by the killing of George Floyd by law enforcement.

2 days ago
Catalin Cimpanu / ZDNet

Google Rolls Out iOS App Updates That Support WebAuthn-Capable Security Keys

Google started rolling out an update to its iOS apps and online services that adds support for WebAuthn-capable security keys. The update allows iOS device owners to use security keys via W3C WebAuthn, today’s most advanced standard for passwordless authentication. Once the devices are configured, users will be able to verify their identity and log into Google’s iOS apps and Google-owned websites via the Safari browser using modern security keys. These keys include a USB-A and Bluetooth Titan Security Key, YubiKey 5Ci, or any USB security key, USB-C security keys if an iOS device has a USB-C port and the iPhone itself.

2 days ago
Martin Brinkmann / gHacks

Mozilla Releases Firefox 77.0.1 One Day After Release of Firefox 77.0 to Fix Bug in Automatic Selection of DNS over HTTPS

Mozilla released Firefox 77.0.1 to the Stable channel one day after the release of Firefox 77.0 Stable. The release note lists a single bug, 1642723. It says the update disables automatic selection of DNS over HTTPS providers during a test to enable wider deployment in a more controlled way. The bug is related to Firefox’s rollout of DNS over HTTPS that caused network strain on the network of the provider NextDNS, one of the providers that Mozilla selected for inclusion as a default HTTPS over DNS providers in the Firefox web browser.

2 days ago
Ingrid Lunden / TechCrunch

Israeli Cybersecurity Investment Foundry Team8 Has Launched a Venture Capital Arm, Three Investments Already Made With a Fourth on the Way

Israeli cybersecurity investment foundry Team8, which is backed by Intel, Microsoft, Walmart, and Cisco and charged with spinning out cybersecurity start-ups, announced that it is launching a venture capital arm called Team8 Capital. The new venture arm is focused on investing in Seed, A, and B rounds for a variety of cybersecurity, as well as AI, data science, and enterprise startups. Team8 Capital is launching with at least $104 million and has already made three investments out of the fund, with a fourth on the way.

Podcasts

14 hours ago
Human Factor Security

Episode 139: The Lockdown Diaries – Paul O’Sullivan

Paul O’Sullivan from NSG talks about managing a team remotely and trying to reduce the stress of staff and customers alike. He also discusses virtual events, tailoring communications to the audience and the times we live in, and ponders on the difference between serving people in the crisis and cashing in on events.

17 hours ago
Dale Peterson

ICS Security – Month In Review – May

Dale Peterson and Patrick Miller of Archer International talk about the month in review in ICS security.

17 hours ago
Cyber Security Today

Friday June 5, 2020 – Don’t fall for this VPN scam, huge attacks on WordPress sites and lessons from a data breach

A VPN update scam, huge attacks on WordPress sites, and lessons from a San Francisco data breach involving test data.

2 days ago
Smashing Security

181: Anti-cybercrime ads, tricky tracing, and a 5G Bioshield

Graham Cluley and Carole Theriault joined this week by Mark Stockley talk about: Police are hoping to stop kids becoming cybercriminals by bombarding them with Google Ads, phishers rub their hands in glee at the NHS track and trace service, and just how does a nano-layer of quantum holographic catalyzer technology make a USB stick cost hundreds of pounds?

2 days ago
Cracking Cyber Security

“The community needs to recognise and understand crime”

Mick Jenkins, CISO of Brunel University, talks about Advanced Persistent Threat actors, espionage and the targeting of Intellectual Property.

2 days ago
Internet of Things Podcast

Episode 271: Surveillance scares and a nutrition label for IoT security

What’s happening in the U.S. with protests, police brutality, and the role connected tech can play in smart cities, including the role image recognition can and does play and Lorrie Cranor, director of the CyLab Security and Privacy Institute at Carnegie Mellon University, talks about the newly created nutrition-style label researchers created for IoT devices.

Spotlight











Cybersecurity Events

June 1-4POSTPONED - Gartner Security & Risk Management SummitNational Harbor, MDUSA
June 2-4POSTPONED - National Cyber SummitHuntsville, ALUSA
June 4-13Pen Test HackFest & Cyber Ranges Summit & TrainingVirtualVirtual
June 6POSTPONED BSides San AntonioVirtualVirtual
July 7-12CANCELED SteelconBirminghamUK
June 11-12POSTPONED - Area 41ZurichSwitzerland
June 12-14CircleCityConVirtualVirtual
June 13DisinfosecVirtualVirtual
June 20-21POSTPONED Blue Team ConChicago, ILUSA
July 25-Aug. 2HOPE: Hackers on Planet EarthVirtualVirtual
Aug. 4-5CANCELED BSides Las VegasLas Vegas, NVUSA
Aug. 1-6Virtual Black Hat USAVirtualVirtual
Aug. 6-9 DefconVirtualVirtual
Sept. 22-25WWHF DEADWOOD 2020Deadwood, SDUSA
Oct. 24-25GrrrconGrand Rapids, MIUSA


Listen to Metacurity on Alexa

Metacurity now has over 500 monthly listeners, and thousands of plays for our ongoing summaries on Amazon Alexa.

Sign up on Alexa today and just ask “Alexa, what’s the latest in cybersecurity news!”


Please Support Us!

We need the help and support of our individual readers as we develop new forms of corporate support, including sponsorships and an information security job hub. Please support Metacurity’s  by one of the two following methods. If you have any questions at all, please don’t hesitate to contact us at info@metacurity.com

Patreon

We’ve launched a Patreon campaign to help you support the Metacurity community. Check it out and earn lots of goodwill from your infosec peers and even get a great Metacurity sticker, among other patron rewards!

One-Time or Recurring Payments

If you like to support our effort to truly become the end of cybersecurity information overload, chip in and for less than a proverbial cup of coffee you will be doing your part to help Metacurity survive. Please select one of the options below to ensure that Metacurity sticks around as an important information security resource.