Latest News

1 week ago
Jay Peters / The Verge

Flaw in Encrypted Emails Sent From Apple Mail Allows Some Emails to Be Read in Plaintext, Apple Plans Fix in Future Update

Apple has known for months about a vulnerability in encrypted emails sent from Apple Mail that allows some small portion of those emails to be read in plaintext format, according to Apple IT specialist Bob Gendler. The flaw affects only those using macOS, Apple Mail who are also sending encrypted emails from Apple Mail. Gendler found that a file, snippets.db, in macOS database files that store information from Mail and other apps, which are then used by Siri to better suggest information to users. The snippets.db file stores the unencrypted text of emails. Gendler tested four most recent macOS releases, Catalina, Mojave, High Sierra, and Sierra, and could read encrypted email text from snippets.db on all of them. Apple says it plans a fix for the problem in a future software update.

1 week ago
Stephanie Findlay, Edward White, Song Jung-a / Financial Times

India’s Doomed Moon Mission Was Hit by a Cyberattack Expert Says, India’s Space Research Agency Denies It, Says Core Systems Are ‘100% Isolated’ From Internet

India’s space research agency was warned of a cyber attack in the middle of a landmark moon mission as part of a broader assault by suspected North Korean hackers, Yash Kadakia, founder of Security Brigade, a Mumbai-based cybersecurity company, says. The attack on the Indian Space Research Organisation (ISRO) was disclosed during its much-hyped Chandrayaan-2 moon mission in September that failed. ISRO confirmed that it was warned of a cyber attack but said it had found nothing suspicious after an investigation. However, the Nuclear Power Corporation of India recently initially issued a similar denial following reports of a hack on its Kudankulam plant before clarifying that malware had entered one of its networks. The ISRO official said its core systems are 100% isolated from the Internet. Kadakia said officials at ISRO were sent a phishing email and clicked on the links, spreading malware in the organization.

1 week ago
Catalin Cimpanu / ZDNet

Microsoft Issues Warning to Patch for BlueKeep Flaw Because Next Exploit Could Deliver Payloads More Damaging Than Coin Miners

Microsoft’s security team believes that more destructive BlueKeep attacks are on the horizon and urges users and companies that haven’t done so yet to implement patches for the flaw that enables the attacks. Microsoft issued the warning after security researchers detected the first-ever malware campaign that weaponized the BlueKeep vulnerability. Those attacks, which were detected last weekend, used BlueKeep to break into unpatched Windows systems and install a cryptocurrency miner, a relatively mild outcome given the fears surrounding BlueKeep.  However, those attacks might be the beginning. Microsoft said, “the BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners.”

1 week ago
Sankalp Phartiyal / Reuters

Nineteen Indian WhatsApp Users Infected by NSO Group’s Pegasus Spyware Demand Government Explain Whether It Mounted Surveillance on Them

A group of nineteen Indian WhatsApp users whose phones were hacked by NSO Group spyware, including journalists and lawyers, demanded in an open letter that Prime Minister Narendra Modi’s government must explain whether it had mounted the surveillance on them. Facebook’s WhatsApp last week sued Israel’s NSO Group, accusing it of helping clients break into the phones of roughly 1,400 users. Of those allegedly affected by NSO’s Pegasus spyware, 121 are in India. The Indian government has neither confirmed nor denied it purchased Pegasus software to spy on its citizens. In the open letter, the group said “We seek an answer from the Government of India about whether it was aware of any contract between any of its various ministries, departments, agencies, or any State Government, and the NSO Group or any of its contractors to deploy Pegasus or related malware for any operations within India.”

1 week ago
Brian Krebs / Krebs on Security

Hospitals Hit With Data Breach or Ransomware Can Expect to See Jump in Fatal Heart Attacks, Researchers

Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, according to a study conducted by researchers at Vanderbilt University‘s Owen Graduate School of Management. The researchers used a Department of Health and Human Services (HHS) list of healthcare data breaches to drill down on data about patient mortality rates at more than 3,000 Medicare-certified hospitals, about 10 percent of which had experienced a data breach. After the data breaches or attacks, as many as 36 additional deaths per 10,000 heart attacks occurred annually at the hundreds of hospitals examined.

1 week ago
Lorenzo Franceschi-Bicchierai and Joseph Cox / Motherboard

Alphabet’s Independent Cybersecurity Startup Chronicle is Dead and Now Folded Back Into Google, CEO, CSO Have Left the Company

Chronicle, the independent startup that Google’s parent company Alphabet started in 2018, which was supposed to revolutionize cybersecurity, has been folded back into Google, within its Cloud department. Chronicle’s CEO and chief security officer have already left, and the chief technology officer is leaving later this month, and other employees are looking to go too. Chronicle was founded with the idea of leveraging machine learning and Alphabet’s near-endless well of security telemetry data about known malware and internet infrastructure. The goal was to use these resources to help security teams at companies detect intrusions that could threaten a company’s network.

1 week ago
AnnaMaria Andriotis / Wall Street Journal

Capital One CISO Will Leave the Company in Wake of Massive Data Breach

Following the financial institution’s massive data breach revealed in July, Capital One’s Chief Information Security Officer (CISO), Michael Johnson, will be moved out of his role and become an adviser. The bank will begin an external search for a replacement. Mike Eason, the chief information officer of Capital One’s commercial bank, was named interim CISO. The breach, which exposed the data of 106 million customers and cardholder applicants, was not discovered until an outside hacker tipped off the company 127 days after it occurred.

Podcasts

1 week ago
Cyber Speaks Live

Vets in Cybersecurity with Ryen Macababad of Microsoft

Sgt. Ryen Macababad from Microsoft discusses veteran transition to civilian life and the crisis facing our nation with veteran suicide rates.

1 week ago
Malicious Life Episode 60

B-Side: Lodrian Cherne On Stalkerware

In this out-of-band episode, we’re bringing you the full interview with Lodrina Cherne, a Digital Forensics Expert. Nate Nelson, our senior producer, spoke with Lodrina on Spyware : what is it, how it works, who sells it, and how you can avoid it yourself.

1 week ago
CYBER / Motherboard

How Google Torpedoed A Cybersecurity Rising Star

Originally a spawn of the Alphabet company—Google’s parent umbrella—Chronicle was a cybersecurity startup considered by many to be a game-changer. Lorenzo Francheschi-Bichierrai joins the show to tell us about the internal struggles of Chronicle.

1 week ago
ISC StormCast

Adobe Mobile SDK; QNAP Advice; Double ZIP Files; Ring Video Doorbell

Johannes Ullrich talks about Adobe Mobile SDK Update Fixes TLS Defaults. QNAP Updates QSnatch Advisory, Double Loaded ZIP Files Delivery Malware, Ring Video Doorbell Leaks Wifi Password.

1 week ago
Security Ledger

Episode 166: But Why, AI? ZestAI’s Quest to make Artificial Intelligence Explainable

Jay Budzik, the Chief Technology Officer at ZestAI, talks about that company’s push to make artificial intelligence decisions explainable and how his company’s technology is helping to root out synthetic identity fraud.

1 week ago
Recode Pivot

Twitter and the Saudis, Facebook’s ‘Switcharoo’, and the 2020 digital ads race

Kara Swisher and Scott Galloway talk about former Twitter employees who were spying on user data for Saudi Arabia. They also talk about a big leak of internal Facebook emails that further shows Facebook’s conniving use of data.

Cybersecurity Events

Nov. 4-9SANS Paris November 2019ParisFrance
Nov. 7-9POC2019SeoulKorea
Nov. 9BSides CharlestonCharleston, SCUSA
Nov. 11-16SANS London November 2019LondonUK
Nov. 15-17SecureWV 2019 Hack3rCon XCharleston, WVUSA
Nov. 16-28SANS Gulf Region 2019DubaiUAE
Nov. 17-20FS-ISAC Fall SummitWashington, DCUSA
Nov. 18SANS AustinAustin, TXUSA
Nov. 18Securing Mobility SummitLos Angeles, CAUSA
Nov. 18-25Pen Test HackFest Summit & TrainingBethesda, MDUSA
Nov. 18-20NICE ConferencePhoenix, AZUSA
Nov. 18-23SANS Munich November 2019MunichGermany
Nov. 20-21Infosecurity North America and ISACANew York, NYUSA
Nov. 20-21ISC EastNew York, NYUSA
Nov. 21CyberwarconArlington, VAUSA


Listen to Metacurity on Alexa

Metacurity now has over 500 monthly listeners, and thousands of plays for our ongoing summaries on Amazon Alexa.

Sign up on Alexa today and just ask “Alexa, what’s the latest in cybersecurity news!


Support Us!

If you enjoy Metacurity, let us know by becoming a patron. For less than the price of a cup of coffee per day, you can ensure that we continue to deliver you the best of information security news from across the web. We need help in support our growing hosting charges and have great plans for delivering even more dynamic and useful information.Become a Patron!