Search Results for “Lawrence Abrams”


March 16, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Alphabet Subsidiary Verily’s Coronavirus Test Site Rushed to Launch for Only Two California Counties, Has Already Run Out of Testing Time Slots for Applicants

Donald Trump’s premature and abrupt announcement last week that Google is creating a website for Americans to find out where they could get tested for the novel coronavirus was inaccurate because the effort is far more limited than Trump suggested and is underway at an entirely different company, another Alphabet subsidiary called Verily. The site, called Project Baseline, is only available for residents living in Santa Clara County and San Mateo County with the hopes of eventually expanding to other locations in the future. Despite its current geographic limitations, the site has already run out of testing slots to accommodate all the applicants.

Related: Business Insider, Indian Express, TechCrunch, Techradar, BGR, Project Baseline, Wired, Mercury News, ZDNet Security, Techradar, Vox

Tweets:@NatashaNYT @Wired @daiwaka @chadaaronmarlow

Business Insider: It looks like Google’s sister company Verily rushed out a half-finished coronavirus testing website after Trump botched the announcement
Indian Express : Google’s nationwide coronavirus info site will launch today: Sundar Pichai
TechCrunch: Alphabet’s Verily launches its California COVID-19 test screening site in a limited pilot
Techradar: Free coronavirus testing site launched by Google sister company
BGR: Google says it’s building Trump’s coronavirus website it didn’t know it was building
Project Baseline: California COVID-19 risk screening and testing
Wired: Google Will Make a Coronavirus Site—but Not Like Trump Said
Mercury News: Coronavirus screening website goes live for San Mateo, Santa Clara counties
ZDNet Security: Alphabet website for novel coronavirus screening and testing is now live
Techradar: Free coronavirus testing site launched by Google sister company
Vox: We finally know some details about the Google and Verily coronavirus websites

@NatashaNYT: To use the Google/Verily screening program to see if you're eligible for COVID-19 testing, you have to create a Google account or connect it your existing Google account. This is both a barrier to entry and a major privacy problem
@Wired: Google and its sister company Verily are building #COVID?19 websites, but not with the features Trump keeps promising.
@daiwaka: The Verily/Google screening website is up for two locations in the Bay Area but it’s one question and I’m not sure how much screening it’s doing https://projectbaseline.com/study/covid-19/
@chadaaronmarlow: I applaud companies like @Google that are offering free products to help kids learn remotely during this health crisis. That being said, each should commit to doing ZERO DATA TRACKING w/ those free products. Don't use crisis to covertly gather data for future business. #Privacy


April 22, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
City of Torrance Hit by DoppelPaymer Ransomware According to Malware’s Web Page, Hackers Leak Alleged Files and Claim to Have Encrypted 150 Servers, 500 Workstations

The City of Torrance, California, a suburb of Los Angeles, has allegedly been attacked by the DoppelPaymer Ransomware, having unencrypted data stolen and devices encrypted, according to an updated site created by the ransomware purveyors called Dopple Leaks. That site has created a page titled “City of Torrance, CA,” containing numerous leaked file archives allegedly stolen from the City during the ransomware attack. The attackers are demanding a 100 bitcoin ($689,147) ransom for a decryptor, to take down files that have been publicly leaked, and not to release more stolen files. In an email to Bleeping Computer, the DoppelPaymer operators stated that in an attack on March 1st, they erased the City’s local backups and then encrypted approximately 150 servers and 500 workstations.

May 12, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Database of Private Conversations Among Hackers Who Used Hacker Forum WeLeakData Now Circulating on Dark Web

The database for the defunct hacker forum and data breach marketplace called WeLeakData.com is being sold on the dark web and exposes the private conversations of hackers who used the site, researchers at Cyble say. A dump of WeLeakData.com’s vBulletin forum database from January 9th, 2020, is now being sold on dark web marketplaces. WeLeakData.com mysteriously shut down at the end of April, and rumors began circulating that the operator may have been arrested and that the forum database had been stolen or sold to another member.

May 8, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Hacker Claims to Have Stolen Over 500GB From Microsoft’s Private GitHub Repositories and Has Leaked Some Files Online

A hacker going by the name Shiny Hunters claims to have stolen over 500GB of data from Microsoft’s private GitHub repositories. The hacker said he planned on selling the stolen data but instead decided to release it for free offering as a teaser 1GB of files on a hacker forum for registered members to use site ‘credits’ to gain access to the leaked data. Based on the date stamps in the leaked files, the breach may have occurred on March 28th, 2020. The stolen data appears to be mostly code samples, test projects, an eBook, and other generic items. Some debate exists over whether these supposedly taken files are real.

Related: TechNadu, HackRead, Sec.Today, OnMSFT.com, Slashdot, SecurityWeek, Reddit – cybersecurity, ZDNet Security, MSPoweruser, WinBuzzer, Techradar

Tweets:@underthebreach


May 7, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Hacker Is Selling Account Information For 22 Million Users of India’s Largest Online Learning Platform Unacademy Following Breach

India’s largest online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users, researchers at Cyble discovered. The database includes usernames, SHA-256 hashed passwords, date joined, last login date, email addresses, first and last names, and whether the account is active, a staff member, or a superuser. The hacker most likely hacked Unacademy’s systems around January 26th, 2020. Numerous accounts using corporate emails exist in the database as well, including accounts from Wipro, Infosys, Cognizant, Google, and Facebook. In a conversation seen by BleepingComputer, the hackers state that they have stolen much more than just the user database. Unacademy users are strongly advised to change their passwords.

May 1, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Hackers Allegedly Affiliated With the Maze Ransomware Gang Broke Into the Network of Costa Rica’s Banco BCR Twice, Claim to Have Stolen 11 Million Credit Card Credentials and Other Data

A hacking attack allegedly conducted by the operators of the Maze ransomware allowed to attackers to gain access to the network of Banco BCR, the state-owned Bank of Costa Rica, and steal 11 million credit card credentials along with other data. On their data leak site, the hackers claim to have gained access to Banco BCR’s network in August 2019, but did not proceed with encrypting the devices as “the possible damage was too high.” They said the bank never secured their networks, allowing them to hack in again in February 2020. Of the eleven million, four million are said to be unique ,and 140,000 allegedly belong to people from the USA. The hackers told Bleeping Computer that they have tried to contact the bank multiple times with a ransom demand and may sell the data on the dark web.

April 29, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Adobe Releases Security Updates for Illustrator, Bridge, Magento Which Fix Dozens of Vulnerabilities, Many Critical

Adobe has released security updates for Adobe Illustrator, Bridge, and Magento that fix numerous vulnerabilities, including ones that could allow remote code execution. One of the updates fixes seventeen vulnerabilities, three considered critical, in Adobe Bridge that allow information disclosure and arbitrary code execution. Another update fixes five vulnerabilities in Adobe Illustrator that allow information disclosure and arbitrary code execution, all of which are considered critical. Finally, one of the updates fixes thirteen vulnerabilities in Magento that could lead code execution, information disclosure, signature verification bypass, and unauthorized access to the admin panel, six of which are considered critical.

April 28, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Shade Ransomware Operators Shut Down Operations, Apologize for Their Actions and Instruct Victims on How to Recover Files

The operators behind the Shade Ransomware (Troldesh), who have been active since 2014,  have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims. Unlike other ransomware families that avoid targeting Russian victims, the Shade targets people in Russia and Ukraine predominantly. Michael Gillespie, the creator of the ransomware identification site ID Ransomware, said Shade began to dwindle in 2019 and stopped distributing its ransomware around then. In a statement, the ransomware operators apologized for their actions and provided instructions on how to recover files using the released keys.

Related: ZDNet, DataBreaches.net, Security Affairs, IT Pro, Malwarebytes Unpacked, CISO MAG, IReddit – cybersecurity, The State of Security


April 19, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Major IT Company Cognizant Has Been Hit by Maze Ransomware

Multibillion-dollar IT services company Cognizant said its computer systems had been disrupted by Maze ransomware and that the company is taking active steps to contain the incident. Cognizant has clients in the oil and gas industries as well as major pharmaceutical firms and restaurant chains. The company said it notified clients of the incident and shared  “indicators of compromise” so that they could defend against the malicious activity. Maze operators always steal unencrypted files before encrypting them, the release of which are used to threaten victims into paying the ransom.

Related: The Economic Times, Reuters, GBHackers On Security, Cybersecurity Insiders, Security Affairs, Reddit – cybersecurity, Bloomberg Technology, CRN, Cyberscoop, The Financial Express, NewsBytes App, iTnews – Security, Business Standard, TWCN Tech News, Techworm, Dark Reading: Threat Intelligence, Naked Security, TechTarget, HOTforSecurity, Slashdot, Dark Reading: Threat Intelligence, SC Magazine, Threatpost, TechTarget

Tweets:@VK_Intel

The Economic Times: Cognizant hit by ‘Maze’ ransomware attack
Reuters: Cognizant hit by ‘Maze’ ransomware attack
GBHackers On Security: IT Services Giant Cognizant Hit by Maze Ransomware Cyber Attack
Cybersecurity Insiders: Maze Ransomware attack on Cognizant
Security Affairs: Are Maze operators behind the attack on the IT services giant Cognizant?
Reddit – cybersecurity: Major Technology Service provider (Cognizant) with 300,000 employees hacked
Bloomberg Technology: IT Services Giant Cognizant Attacked by ‘Maze’ Ransomware – Bloomberg
CRN: Cognizant And Its Customers Hit By Maze Ransomware
Cyberscoop: IT services firm Cognizant hit with Maze ransomware
The Financial Express: Cognizant hit by ‘Maze’ ransomware attack
NewsBytes App: #WeeklyRecap: OnePlus 8, iPhone SE launched, Cognizant hacked, and more
iTnews – Security: Cognizant hit by ‘Maze’ ransomware attack
Business Standard: Cognizant hit by ‘Maze’ ransomware attack amid coronavirus crisis
TWCN Tech News: IT services giant Cognizant suffers Maze ransomware attack
Techworm : IT Services Giant Cognizant hit by ‘Maze’ ransomware, Clients Face Disruptions
Dark Reading: Threat Intelligence: IT Services Firm Cognizant Hit with Maze Ransomware
Naked Security: Maze ransomware hits US giant Cognizant
TechTarget: Cognizant discloses Maze ransomware attack
HOTforSecurity: IT services giant Cognizant hit by Maze ransomware attack
Slashdot: Cognizant Confirms Maze Ransomware Attack, Says Customers Face Disruption
Dark Reading: Threat Intelligence: IT Services Firm Cognizant Hit with Maze Ransomware
SC Magazine: Maze ransomware attack catches IT services firm Cognizant unawares
Threatpost: Maze Ransomware Attack Hits Cognizant
CRN: Cognizant Breach: 10 Things To Know About Maze Ransomware Attacks
ARN: Cognizant weathers service disruptions after ‘Maze’ ransomware attack
Graham Cluley: IT services giant Cognizant hit by Maze ransomware attack
Threatpost: Maze Ransomware Attack Hits Cognizant
TechTarget: IT services company Cognizant warns customers after ‘Maze’ ransomwa…

@VK_Intel: High alert related to the yet another ransomware attack perpetrated by the Maze group possibly affecting @Cognizant . Reviewing & mitigating against the usual Maze TTPs (including RDP + remote services as an attack vector) is advisable. ?Pushed #YARA?? https://github.com/k-vitali/Malware-Misc-RE/blob/master/2020-04-18-maze-ransomware-unpacked-payload.vk.yar


May 21, 2020
Lawrence Abrams / Bleeping Computer

Lawrence Abrams / Bleeping Computer  
Adobe Releases Four Out-of-Band Security Updates Including One for RCE Vulnerability in Adobe Character Animator

Adobe released four out-of-band security updates, including one for Adobe Character Animator that fixes a critical remote code execution vulnerability. Mat Powell of Trend Micro Zero Day Initiative discovered all of the vulnerabilities, which were not found in the wild. The other patches addressed flaws in Adobe Premiere Pro, Adobe Audition, and Adobe Premiere Rush.