Get Your List of Top Infosec Journalists and Sources Today!

Become a Patron of Metacurity today and gain access to our exclusive quarterly lists ot top infosec journalists and resources.

Sponsor message. Interested in sponsoring Metacurity? Email us at info@metacurity.com and we’ll get back to you right away.


Latest News

2 years ago
Charlie Osborne / ZDNet

Yale University Discloses Decade-Old Data Breach Affecting 119,000 Individuals

Yale University has revealed a data breach that occurred between 2008 and 2009 which affected 119,000 individuals. An attacker gained access to a database managed by Yale and exfiltrate names, Social Security numbers, and in most cases, dates of birth, as well as some email and physical addresses. The Ivy League institution did not discover the breach until June 16 after a routine check of servers and systems uncovered evidence of the breach. The same database was accessed again by an unknown hacker between March 2016 and June 2018, with the hacker stealing the names and Social Security numbers of 33 individuals.

2 years ago
Zaz Hollander / Anchorage Daily News

Alaska Town Resorted to Typewriters After Multi-Faceted, Stealth BitPaymer Ransomware Struck, Nearby Town Hit by Same Malware

A destructive ransomware attack in Matanuska-Susitna, a south-central borough of Alaska, forced borough officials and staff to use typewriters for a week. The borough first disconnected servers from one another on July 24.  According to a memo from the borough’s IT director Eric Wyatt, the sophisticated “multi-pronged, multi-vectored attack” came from a Trojan horse, a Cryptolocker component, a time bomb, and a dead man’s switch and at least one external hacker who logged into the borough’s network. Wyatt identified the malware as BitPaymer ransomware, which first made headlines last year when it hit a number of Scottish hospitals. The malware resided dormant for four to six weeks in the Borough’s systems. Another nearby town, the city of Valdez, was also hit by ransomware shortly after the Matanuska-Susitna attack, with city computers and servers still shut down due to the same malware that recently struck the Mat-Su Borough.

2 years ago
Catalin Cimpanu / Bleeping Computer

Microsoft Launches Pilot Program, AccountGuard, to Provide Campaigns and Election Authorities with Cybersecurity Protection

Microsoft has launched a pilot program, named AccountGuard, aimed at providing cybersecurity protection for political campaigns and election authorities. The program was launched at the end of July and is designed to assist the 2018 midterm campaigns. According to the pilot program’s site, AccountGuard “provides additional security and threat monitoring for Microsoft accounts belonging to participating US campaigns, political committees, campaign tech vendors, and their staff, who are likely to be at a higher risk in the lead up to elections.” The service is part of Microsoft’s “Election Defense Technologies” and is offered on a non-partisan basis by invitation only. Program enrollees will receive notification when Microsoft detects a cyber incident targeting their accounts.

ANNOUNCING METACURITY’S INFOSEC JOBS DESTINATION

Metacurity is now offering employers a unique way to reach out to thousands of elite infosec job candidates. Visit our infosec jobs destination today and take advantage of early-bird pricing.

(Sponsor message)


2 years ago
Lily Hay Newman / Wired

Reddit Hacked Via SMS Two-Factor Authentication Intercept, User Emails, Source Code and Internal Files Accessed

Reddit’s chief technology officer Christopher Slowe announced in a post that a hacker broke into the company’s systems in June and gained access to a variety of data, including user emails, source code and internal files, and “all Reddit data from 2007 and before,” a situation that could have been avoided if some Reddit employees were using two-factor authentication apps or physical keys instead of their phone numbers. Some of the Reddit employees were using two-factor authentication set up with SMS, known to be insecure due to SIM card swapping. The main attack, according to Slowe, was due to intercepting SMS two-factor authentication. Among the compromised information was a 2007 Reddit database backup which was protected by cryptographic salting and hashing defenses that may no longer be optimal to protect the data. Logs from June 3 to June 17, elated to the platform’s “email digests” were also exposed in the breach, giving hackers access to usernames connected to email addresses. The hackers further accessed Reddit source code, internal logs, configuration files and other employee workspace files.

2 years ago
Eric Geller / Politico

Three Ukrainian Members of Fin7 Cybercrime Ring Arrested for Stealing More Than 15 Million Credit Card Records

At the request of U.S. Justice Department officials, authorities in Poland, Germany, and Spain arrested three top members of a notorious Eastern European cybercrime ring called Fin7, which has hacked a wide range of companies over the past several years, including Saks Fifth Avenue, Omni Hotels & Resorts, Whole Foods and Chipotle. The three Ukrainian nationals, Dmytro Fedorov, Fedir Hladyr and Andrii Kopakov, face 25 felony charges including wire fraud, computer hacking and aggravated identity theft for stealing more than 15 million credit card records in the U.S. as well as in the United Kingdom, Australia, and France.  Hladyr, who was arrested in Germany, is currently in Seattle pending trial, while Federov and Kopakov are in Poland and Spain, respectively, awaiting extradition to the U.S.

2 years ago
Ryan Gallagher / The Intercept

Google Plans to Launch Censored Version of Its Search Engine in China, Human Rights, Democracy, Religion to Be Blacklisted

Google has a secret project code-named Dragonfly to launch a censored version of its search engine in China that will blacklist websites and search terms about human rights, democracy, religion, and peaceful protest, according to internal documents and people familiar with the plans. Google began work on Dragonfly last spring and accelerated the effort after December following a meeting between Google’s CEO Sundar Pichai and a top Chinese government official. Google engineers are working on creating a custom Android app, different versions of which have been named “Maotai” and “Longfei” to demonstrate the censored search engine to Chinese officials. According to internal documents, Google’s Chinese search app will automatically identify and filter websites blocked by China’s Great Firewall and will blacklist “sensitive” inquiries. Google plans to launch its censored app via a “joint venture” with an unnamed partner company.

2 years ago
Raphael Satter / Associated Press

Amnesty International Employee Was Targeted With Software Traced Back to Israeli Surveillance Firm NSO Group

An Amnesty International employee has been targeted with Israeli-made surveillance software traced back to a network of sites tied to the controversial Israeli surveillance company NSO Group, according to the human rights group, a finding corroborated by Citizen Lab at the University of Toronto’s Munk School of Global Affairs. One of the NSO-related sites included a campaign to compromise proponents of a soda tax in Mexico and another site was linked to an effort to hack into the phone of an Arab dissident that prompted an update to Apple’s operating system. Citizen Lab said it has discovered around 175 targets of NSO spyware worldwide, including 150 people in Panama identified as part of a massive domestic espionage scandal swirling around the country’s former president.

2 years ago
Alfred Ng / CNET

Pence Blames Russians, Obama for Election Cyber Aggression, Promises to Work to Protect Election Infrastructure

Mike Pence blames previous administrations for letting the “American people down when it came to cyber defense” saying that the current Administration “inherited a cyber mess,” despite the relative absence of action taken by the Administration to shore up the nation’s cyber defenses. Speaking at Homeland Security’s National Cybersecurity Summit, Pence did admit that the Russian government engaged in cyber aggression against the United States during the 2016 presidential election, a rare admission for the current U.S. administration, but criticized the Obama Administration for choosing “silence and paralysis over strength and action.” Pence also vowed to protect U.S. election security on a day when Facebook released new material to indicate that continued disinformation campaigns were being carried out on its platform to target the 2018 midterm elections. Pence said the administration would “work tirelessly to prevent foreign nations and malign actors from hacking into our election infrastructure and changing votes or election outcomes.”

Podcasts

2 years ago
SECURITY NOW 674

ATTACKING BLUETOOTH PAIRING

Jason Howell and Steve Gibson recap the week’s news including another new Spectre processor speculation attack, the new “Death Botnet”, the security of the US DoD websites, Google Chrome news and the recently discovered flaw in the Bluetooth protocol which has device manufacturers and OS makers scrambling.

2 years ago
ISC StormCast

Powershell Inside Certificates; TEMPEST is Back; Big Star Labs Spyware

Johannes Ullrich talks about Powershell Inside Certificates, TEMPEST is Back, Big Star Labs Spyware.

2 years ago
BBC World Service

Most Login Attempts are Criminal

Shuman Ghosemajumder, CTO at Shape Security, discusses his company’s research showing that 90% of retail attempts are hackers and not genuine customers.

2 years ago
Threatpost

Why Bitcoin Miners Target Critical Infrastructure Networks

Ronen Rabinovich from Cyberbit discusses bitcoin mining on operational technology and critical infrastructure networks and why the massive amount of computing power and lack of security and monitoring tools make operational technology environments enticing for cyber attackers looking to harness computing power.

Cybersecurity Events

June 25Breaking Security AwarenessVirtualVirtual
June 29Middle East CISO ForumVirtualVirtual
June 30FutureConVirtualVirtual
July 1SANS Firehose TrainingVirtualVirtual
July 8ICS LockdownVirtualVirtual
July 11BSides San AntonioVirtualVirtual
July 20-24DFRWSVirtualVirtual
July 25-Aug. 2HOPE: Hackers on Planet EarthVirtualVirtual
Aug. 4-5CANCELED BSides Las VegasLas Vegas, NVUSA
Aug. 1-6Virtual Black Hat USAVirtualVirtual
Aug. 6-9 DefconVirtualVirtual
Sept. 22-25WWHF DEADWOOD 2020Deadwood, SDUSA
Oct. 24-25GrrrconGrand Rapids, MIUSA


Listen to Metacurity on Alexa

Metacurity now has over 500 monthly listeners, and thousands of plays for our ongoing summaries on Amazon Alexa.

Sign up on Alexa today and just ask “Alexa, what’s the latest in cybersecurity news!”


Please Support Us!

We need the help and support of our individual readers as we develop new forms of corporate support, including sponsorships and an information security job hub. Please support Metacurity’s  by one of the two following methods. If you have any questions at all, please don’t hesitate to contact us at info@metacurity.com

Patreon

We’ve launched a Patreon campaign to help you support the Metacurity community. Check it out and earn lots of goodwill from your infosec peers and even get a great Metacurity sticker, among other patron rewards!

One-Time or Recurring Payments

If you like to support our effort to truly become the end of cybersecurity information overload, chip in and for less than a proverbial cup of coffee you will be doing your part to help Metacurity survive. Please select one of the options below to ensure that Metacurity sticks around as an important information security resource.