Employers! Gain Access to Thousands of Elite Cybersecurity Professionals Each Month.

Metacurity has launched a jobs destination to offer our thousands of unique visitors each month access to infosec job opportunities. We offer employers cost-effective access to the elite cybersecurity personnel who visit Metacurity.  Post your jobs there now to find the scarce talent you seek.

Sponsor message. Interested in sponsoring Metacurity? Email us at info@metacurity.com and we’ll get back to you right away.

Latest News

6 hours ago
Stephanie Kirchgaessner / The Guardian

Justice Department Accuses China Telecom of Lying About Its Cybersecurity Practices, Says the Company Is a National Security Risk, Asks FCC to Block Its Licenses

In the Trump Administration’s latest bid to push China out of U.S. telecom infrastructure, the Justice Department has recommended to the Federal Communications Commission that it block China Telecom from operating in the U.S. by revoking its licenses and warned that the China-backed company was creating “substantial and unacceptable” national security and law enforcement risks for the U.S. The Justice Department said its recommendations were based on new information about China’s alleged role in “malicious cyber activity” targeting the U.S., and fears that China Telecom was vulnerable to exploitation, influence, and control by the Chinese government. The principal law enforcement agency also said that China Telecom had made inaccurate statements to the U.S. regarding its cybersecurity practices and the “nature” of its U.S. operations, which the department said was giving Chinese state actors opportunities to engage in malicious cyber-activity enabling economic espionage and the “misrouting” of U.S. communications. China Telecom denied the allegations claiming that it has been extremely cooperative and transparent with regulators.

6 hours ago
Catalin Cimpanu / ZDNet

Zoom Issues Fixes to Stop Leaking of Meeting IDs by Removing IDs From Title Bar, Goal Is to Reduce Zoombombing

Following highly publicized incidents in which Zoom users were shown to be leaking their meeting IDs, and even meeting passwords, when sharing screenshots of their meetings on social media, Zoom released an update for its Linux, Mac, and Windows apps that removes the meeting ID from the app’s title bar. The leaks of meeting IDs led to Zoombombing, where trolls search for meeting IDs online and then disturb meetings by playing porn videos, hurling insults, or making disturbing comments. By hiding the meeting IDs, Zoom hopes to curb Zoombombing. Also, Zoom fixed an issue with its meeting waiting rooms that allowed users to spy on meetings even if they weren’t approved to attend them.

21 hours ago
Anna Isaac, Caitlin Ostroff and Bradley Hope / Wall Street Journal

Travelex Paid Ransomware Hackers $2.3 Million in Bitcoin After Its Crippling New Year’s Attack, Source

London-based foreign exchange company Travelex, which was crippled on New Year’s Eve and into the first weeks of 2020 by a ransomware attack, paid the ransomware hackers the equivalent of $2.3 million using 285 bitcoin to make the problem go away and retrieve their encrypted files, according to a person familiar with the transaction. Travelex was hit with ransomware called Sodinokibi, also commonly referred to as REvil or Sodin. The company was forced to take its internal networks and customer-facing systems offline for many weeks after the attack. The incident disrupted cash deliveries from Travelex’s global network of vaults to divisions of major international banks including Barclays and Lloyds Banking Group in the U.K. A group of hackers who claimed responsibility for the Travelex attack said in an online discussion with The Wall Street Journal in January that they had received the bitcoin payment. Most law enforcement agencies, including the U.K.’s National Crime Agency, advise against paying ransomware attackers.


Metacurity is now offering employers a unique way to reach out to thousands of elite infosec job candidates. Visit our infosec jobs destination today and take advantage of early-bird pricing.

(Sponsor message)

21 hours ago
Michael Novinson / CRN

Cloud Security Company Zscaler to Buy Cloud Security Posture Management Company Cloudneeti

San Jose, Calif.-based cloud security company Zscaler has agreed to purchase cloud security posture management startup Cloudneeti. Terms of the deal were not disclosed, but the acquisition is expected to close by the end of the month. Redmond, WA-based Cloudneeti was founded in 2017 and works with managed service providers and risk advisors to deliver cloud security assessments, DevSecOps, and security and compliance assurance in the cloud.

21 hours ago
Zack Whittaker / TechCrunch

Bugcrowd Raises $30 Million in Series D Round of Venture Funding

Crowdsourced bug bounty and vulnerability disclosure platform Bugcrowd has raised $30 million in its Series D funding round led by Rally Ventures and including unnamed new and existing investors. Bugcrowd CEO Ashish Gupta said the $30 million would help the company ramp up the expansion of its platform, particularly in Europe and Asia.

1 day ago
Ingrid Lunden / TechCrunch

Investcorp Technology Partners Buys Antivirus and Identity Management Company Avira as Part of Broader Security Consoliation

Investcorp Technology Partners, the PE division of Investcorp Bank, has purchased Avira, a cybersecurity company based out of Germany that provides antivirus, identity management, and other tools both to consumers and as a white-label offering from several big tech brands. The deal is part of a broader security consolidation acquisition play by Investcorp. Although terms of the agreement were not revealed, Travis Witteveen, and ITP’s MD, Gilbert Kamieniecky, both said it gives Avira a total valuation of $180 million.

1 day ago
Dan Goodin / Ars Technica

Newly Discovered IoT Botnet dark_nexus Is Purportedly One of the Most Advanced Ever Seen, Developed by Well-Known Botnet Author

A newly discovered IoT botnet dubbed dark_nexus that preys on home routers, video recorders, and other network-connected devices is one of the most advanced Internet-of-things platforms ever seen, researchers at Bitdefender report. Bitdefender says the botnet uses the name dark_nexus in one of its earliest versions, using the name in its user agent string when carrying out exploits over HTTP: dark_NeXus_Qbot/4.0, citing Qbot as its influence. Although dark_nexus uses some Qbot and Mirai code, its core modules are mostly original. The IoT botnet seems to have been developed by a known botnet author, @greek.helios, who has been selling DDoS services and botnet code for years, Bitdefender says.

1 day ago
Kiran Stacey, Hannah Murphy / Financial Times

U.S. Senate, Google Become Latest Groups to Ban Use of Zoom Due to Data Security Concerns, Pentagon Says Military Personnel Can Continue to Use the Popular Video Service

The U.S. Senate and Silicon Valley giant Google have become the latest organizations to tell their members and employees not to use Zoom because of concerns about data security on the video conferencing platform that has boomed in popularity during the coronavirus crisis. The Senate sergeant at arms has warned all senators against using the service, according to three people briefed on the advice. The Senate’s position runs slightly counter to the Department of Homeland Security’s praise for the company’s efforts to improve its security during a short time of massive and unexpected growth. Also, the Pentagon told the Financial Times it would allow military personnel to continue using the popular video service. Google last week decided that the Zoom Desktop Client will no longer run on corporate computers because it does not meet the security standards for apps used by its employees.

1 day ago
Andy Greenberg / Wired

Three Academic Teams Are Racing to Develop COVID-19 Contact Tracing Apps That Flatten the Curve on Government Snooping and Virus Infections At the Same Time

Teams of researchers are racing to develop COVID-19 contact tracing apps that notify potentially exposed users without handing over location data to the government, even going so far to focus on developing systems that keep infected users’ identity private while still notifying those who have come in contact with those users. The groups that are attempting to “flatten the curve” on authoritarianism, as well as the number of infections, include COVID Watch, led by Stanford computer scientist Cristina White, an MIT project called Private Kit: Safe Paths, and a project proposed to the Canadian government by a group of computer scientists from the University of Pennsylvania, the University of Toronto, and McGill University. The three teams are all collaborating with each other to some degree.

1 day ago
Paul Sawers / Venture Beat

Cloud Giant Box Adds Advanced Security Solutions in Box Shield As Working From Home, COVID-19 Scams Put Pressure on Cloud-Based Security

With COVID-19 creating a fertile landscape to exploit workers at home who rely on cloud-based solutions, cloud giant Box announced it is adding automated malware detection and controls in Box Shield, the company’s advanced security solution for protecting content in the cloud. The new capabilities expand Box protection in three ways: enabling safe preview and online editing of files in Box while displaying the security risk to end-users, automatically restricting downloading and sharing of malicious files to prevent the spread to more users and devices and generating alerts to notify security teams when a file uploaded to Box contains malware.

1 day ago
Dustin Volz / Wall Street Journal

U.S. and British Cybersecurity Authorities Warn of Increasing Scams and Phishing Threats by APT Actors, Cybercriminals Exploiting COVID-19 Fears

U.S. and British cybersecurity authorities warned in a special alert that cybercriminals are increasingly exploiting fears surrounding COVID-19 to target individuals and businesses with scams and phishing threats. The joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) advises that growing use of COVID-19-related themes by malicious cyber actors combined with the mass advent of teleworking amplifies the threat to individuals and organizations. These efforts include actions by both nation-state advanced persistent threat groups as well as common cybercriminals.

1 day ago
Dan Goodin / Ars Technica

Fingerprint Molds Were Able to Bypass Authentication Locks of Apple, Microsoft, Samsung, Huawei Around 80% of the Time

Over a test period that lasted several months, fake fingerprints were able to bypass sensors at least once roughly 80 percent of the time for fingerprint authentication offered by Apple, Microsoft, Samsung, Huawei, and three lock makers, researchers at Cisco Talos report. The researchers used more than 50 fingerprint molds, attempting 20 times for each model using the best fingerprint models of the lot, so this kind of fingerprint cloning would be challenging to replicate in the real world.  The AICase padlock and Huawei’s Honor 7x and Samsung’s Note 9 Android phones were the easiest to fool and were bypassed 100 percent of the time. Fingerprint authentication in the iPhone 8, MacBook Pro 2018, and the Samsung S10 came next, where the success rate was more than 90 percent. Five laptop models running Windows 10 and two USB drives—the Verbatim Fingerprint Secure and the Lexar Jumpdrive F35—performed the best, with researchers achieving a 0-percent success rate.

2 days ago
Catalin Cimpanu / ZDNet

Former Facebook CSO and Head of Stanford Cyber Policy Center Alex Stamos to Guide Zoom on Security Policy as Outside Consultant, Zoom Forms CISO Council Composed of Infosec Leaders

Former Facebook and Yahoo Chief Security Officer Alex Stamos, who currently leads the Stanford Internet Observatory Cyber Policy Center, is joining Zoom as an outside security consultant, Stamos announced in a Medium post. Stamos said that Zoom CEO Eric Yuan approached him for the move after the former Facebook CSO defended Zoom when the company was getting buried under an avalanche of bad press. Stamos is joining Zoom as an advisor and not as an employee or CSO. Also, Zoom announced the creation of a CISO Council and Advisory Board, which will include cybersecurity leaders from other companies, including VMware, Netflix, Uber, Electronic Arts, and others.

2 days ago
Ryan Browne / CNBC

Zoom Hit With Class-Action Lawsuit by Shareholder Who Claims Company Failed to Disclose Security Problems, Despite News of the Suit Zoom’s Stock Rises More Than 4%

Zoom has been hit with a class-action lawsuit by one of its shareholders, Michael Drieu, in the U.S. District Court for the Northern District of California. Drieu alleges the company failed to disclose issues with its video conferencing platform’s privacy and security, a failure that has caused the company’s stock price to tumble.  Despite news of the lawsuit, Zoom stock was up more than 4% on Wednesday morning.

2 days ago
Michael Novinson / CRN

Accenture Acquires Operational Technology Startup Revolutionary Security to Help Critical Infrastructure Companies Mitigate Risk

Irish CRN solution provider Accenture has purchased operational technology security startup Revolutionary Security to help organizations with critical infrastructure prioritize actions that mitigate cyber risks within their enterprise. The Blue Bell, PA-based Revolutionary Security offers assessment and testing services, the ability to design and build security programs and functions, as well as security operations across clients’ IT and OT systems. The deal, for which financial terms were not disclosed, is aimed to help Accenture’s push to triple the size of its critical infrastructure and OT security business over three years.

2 days ago
Brian Krebs / Krebs on Security

Microsoft Buys Domain Corp.Com to Protect Countless Windows Computers from Criminals, Owner Had Been Asking $1.7 Million for It

Microsoft has agreed to buy the domain Corp.com in a bid to keep it out of the hands of those who might abuse its power. The domain can give the owner access to a constant stream of passwords, email, and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe. Mike O’Connor, who bought corp.com 26 years ago, was asking for $1.7 million for the prized domain, which decades ago was used as an internal Microsoft company domain as part of Microsoft’s innovation called Active Directory. Many companies adopted the Microsoft setting that used corp.com without modifying it to use a domain they controlled. Hundreds of millions of laptops probably still attempt to access that internal domain, leaving them ripe for abuse by whichever entity owns it. So Microsoft bought it, although terms of the deal were not disclosed.

2 days ago
Tara Seals / Threatpost

Android xHelper Malware Uses Russian Nesting Doll-Type Architecture to Make Itself ‘Undeletable’ on Devices

The “undeletable” Android xHelper malware, which ultimately leads to the installation of the Triada trojan, uses a Russian nesting doll-type architecture to worm its way into the heart of Android devices, according to researchers at Kaspersky Lab. The infection chain starts by convincing a victim to download a rogue trojanized app such as a popular cleaner or speed-up utility, which then decrypts a payload in the background, kicking off a series of events that delivers data to a remote server that starts unpacking a dropper-within-a-dropper-within-a-dropper. The final downloader installs the Triada trojan, which in turn installs more malicious programs. Infected users can use recovery mode to try to extract the libc.so file from the original firmware and replace the infected one with it, although Kaspersky Lab researchers say it’s simpler and more reliable to reflash the phone completely.

3 days ago
Zack Whittaker / TechCrunch

Healthcare Security Startup CyberMDX Raises $20 Million in New Round of Venture Funding

U.S.-Israel healthcare security startup CyberMDX has raised $20 million in a growth round of venture financing led by Europe’s largest insurance and risk management provider Sham, a division of Relyens Group, with participation from existing investors Pitango Venture Capital and Qure Ventures. One of the more mature cybersecurity startups in the medical space, CyberMDX works primarily to secure medical devices and improve hospital network security through its cyber intelligence platform, which manages a hospital’s network-connected assets and devices, and monitors threats in real-time. CyberMDX last raised $10 million in a Series A round in July 2018, bringing its total funding to date to $30 million.

3 days ago
David Pierce / Protocol

AI-Based Email Startup Has Developed New, Privacy-Focused Email Service OnMail Slated for Launch This Summer

AI-based email startup Edison has developed a new email service called OnMail that the company believes respects users’ privacy and attention, gives them control over their inbox, and doesn’t require countless hours of maintenance. OnMail has constructed its email service anew developing a system that allows users to accept or reject senders more efficiently or using AI algorithms will enable the email inbox to aggregate emails by themes or topics. Edison also doesn’t allow marketers inside the mailbox and turns off tracking by default. Edison is slowly building a beta group of users in anticipation of a launch this summer.

3 days ago
Shaun Nichols / The Register

Chinese State Hacking Crews That Target Mostly Linux Servers Stayed Undetected for More Than a Decade

A collection of five small crews of hackers thought to be state-sponsored operating as an offshoot of China’s Winnti group managed to stay undetected for more than a decade by going open source, according to a report by Blackberry Cylance. The group assembled in the wake of Winnti and exploited Linux servers, plus the occasional Windows Server box and mobile device, for years. The researchers believe the hackers use three different backdoors, two rootkits, and two other build tools that can be used to construct additional rootkits on a per-target basis for open-source servers.


5 hours ago
Smashing Security

173: 5G fiascos, Zoom gloom, and butt biometrics

Graham Cluley and Carole Theriault, joined this week by technology broadcaster David McClelland and featuring an interview with LastPass’s Barry McMahon, talk about the stinky backside of surveillance, gas about the latest video-conferencing threats, and jump into the murky world of 5G conspiracy theories.

5 hours ago
Cracking Cyber Security

How should leadership respond during the COVID-19 crisis?

Steve Durbin, Managing Director of the Information Security Forum (ISF), offers advice on how leadership should engage with shareholders, customers and their employees, as well as why he thinks there’s no better time than the present to reassess how we operate – both as businesses and as individuals.

5 hours ago
ISC StormCast

OS Spoofing; Dell iDRAC Patch; VISA ends Magento 1 support; TURN Vulnerability

Johannes Ullrich talks about Spoofing OS Fingerprints, Dell iDRAC Patch, VISA Ends Magento 1 Support, Slack WebRTC TURN Compromise, COVID 19 Domain Classifier.

5 hours ago

SMBs’ Top Ten CyberSecurity Misconceptions | Overview | With Jamie Hine and Ryan Disraeli

Jamie Hine from the FTC and Ryan Disraeli, representing a once-small, now medium-sized business talk about the overall need for SMBs to be cyber aware, discuss the value of recognizing these common misconceptions, and review the plan we have moving forward as we cover each of them in this multi-episode series.

1 day ago
CYBER / Motherboard

The Cyber Mercenaries Who Can’t Stay Out Of Bad News

NSO Group, the infamous Israeli spyware company with links to intelligence agencies, developed software tracking coronavirus-infected citizens. But, as our Motherboard reporter Lorenzo Franceschi Bicchierai tells us, that’s likely just a way for it to expand its questionable business.

1 day ago
Malicious Life

The Huawei Ban, Part 1

Over the past 20 years, western governments have accused Huawei of everything from IP theft to financial fraud to cyber spying. Often, these claims are made either with no evidence, or only circumstantial evidence. Is Huawei really a national security threat, or are they a political scapegoat?


Anna Isaac, Caitlin Ostroff and Bradley Hope / Wall Street Journal

Travelex Paid Ransomware Hackers $2.3 Million in Bitcoin After Its Crippling New Year’s Attack, Source




21 hours ago


Cybersecurity Events

Apr. 6-9POSTPONED - SAS 20BarcelonaSpain
Apr. 15-20POSTPONED - Defcon ChinaBeijingChina
Apr. 19VIRTUAL - IsolationConVirtualVirtual
Apr. 21-23VIRTUAL - EducauseVirtualVirtual
May 1VIRTUAL - Security BSidesVirtualVirtual
May 2AirGap2020VirtualVirtual
May 1-3CANCELLED CackalackyCon2Chapel Hill, NCUSA
May 4-7VIRTUAL - THINK 2020VirtualVirtual
May 8-9RESCHEDULED BSides Kansas CityKansas City, MOUSA
May 8-9RESCHEDULED ThotconChicago, ILUSA
May 11-12RESCHEDULED 2020 USENIX Conference on Privacy Engineering Practice and Respect (PEPR '20)Santa Clara, CAUSA
May 18-20VIRTUAL - The IEEE Symposium on Security and PrivacyVirtualVirtual
June 1-4POSTPONED - Gartner Security & Risk Management SummitNational Harbor, MDUSA
June 2-4National Cyber SummitHuntsville, ALUSA
June 6BSides San AntonioSan Antonio, TXUSA

Listen to Metacurity on Alexa

Metacurity now has over 500 monthly listeners, and thousands of plays for our ongoing summaries on Amazon Alexa.

Sign up on Alexa today and just ask “Alexa, what’s the latest in cybersecurity news!”

Please Support Us!

We need the help and support of our individual readers as we develop new forms of corporate support, including sponsorships and an information security job hub. Please support Metacurity’s  by one of the two following methods. If you have any questions at all, please don’t hesitate to contact us at info@metacurity.com


We’ve launched a Patreon campaign to help you support the Metacurity community. Check it out and earn lots of goodwill from your infosec peers and even get a great Metacurity sticker, among other patron rewards!

One-Time or Recurring Payments

If you like to support our effort to truly become the end of cybersecurity information overload, chip in and for less than a proverbial cup of coffee you will be doing your part to help Metacurity survive. Please select one of the options below to ensure that Metacurity sticks around as an important information security resource.