Digital fraudsters are stealing Microsoft Office 365 administrator credentials as part of a broader phishing campaign targeting organizations. The campaign began with a phishing email that leveraged Microsoft and its Office 365 brand to lull recipients into a false sense of security. This attack email was unique, however, in that it originated from validated domains that don’t belong to Microsoft. Digital fraudsters are stealing Microsoft Office 365 administrator credentials as part of a broader phishing campaign targeting organizations.
In these times of political strife, it’s nice that despite our differences we can still band together as a nation in the face of a catastrophe that affects us all equally. I speak, of course, of robocalls, and it seems that the House and Senate have put their differences aside for the present in order to collaborate on a law combating this scourge. Despite a great deal of FCC bluster, a few high-profile fines and some talk from telecoms about their plans to implement new anti-robocall standards, half the country’s phones are still blowing up regularly with recordings and scammers on the other side.
Google, in partnership with U.S. banking giant Citigroup, has said it’s planning to launch its own fully-fledged “smart checking” bank accounts via Google Pay–piling pressure on bitcoin developers to improve user experience and adoption or face redundancy. Google’s planned bank account, code-named Cache and expected to allow users to add Google’s analytic tools to traditional banking products, is due to be launched sometime next year, alongside Facebook’s planned bitcoin rival, libra. “Our approach is going to be to partner deeply with banks and the financial system,” Google executive Caesar Sengupta told the Wall Street Journal newspaper, which first reported the story.
The international police organization Interpol plans to condemn the spread of strong encryption in a statement Monday saying it protects child sex predators, three people briefed on the matter told Reuters. At the group’s conference in Lyon, France on Friday, an Interpol official said a version of the resolution introduced by the U.S. Federal Bureau of Investigation would be released without a formal vote by representatives of the roughly 60 countries in attendance, the sources said. Echoing a joint letter last month from the top law enforcement officials in the United States, United Kingdom and Australia, the larger group will cite difficulties in catching child sexual predators as grounds for companies opening up user communications to authorities wielding court warrants.
Web-connected devices including smart TVs, watches and home speakers will be subject to a new industry code to protect families, businesses and Australia’s national security from cyber hackers. Home Affairs Minister Peter Dutton will on Tuesday raise the alarm on poor cyber security features in many devices, calling on companies to do more to stamp out cyber crime. The voluntary code would require companies to develop a “vulnerability disclosure policy”, make their systems resilient to outages and ensure their software updates are secure. The Morrison government also hopes it will spark manufacturers to develop devices with security built in by design.
Louisiana state government computers were knocked out following a ransomware attack, the governor said on Monday, as results from the close gubernatorial election in the southern state await certification. Many state agencies had their servers taken down in response to the attack, Governor John Bel Edwards said in a series of messages posted to Twitter. He said the agencies were coming back online but that full restoration could take “several days.” “There is no anticipated data loss and the state did not pay a ransom,” he said. Ransomware works by scrambling data held on vulnerable computers and demanding a payment to unlock it.
A new ransomware has been found in the wild that is currently undetected by antivirus engines on public scanning platforms. Its name is NextCry due to the extension appended to encrypted files and that it targets clients of the NextCloud file sync and share service. The malware targets Nextcloud instances and for the time being there is no free decryption tool available for victims. xact64, a Nextcloud user, posted on the BleepingComputer forum some details about the malware in an attempt to find a way to decrypt personal files.
The creators of Magic the Gathering have contacted MTG Arena and Magic Online players following a data breach that leaked users’ names, email addresses, and passwords. In an email sent to those affected by the incident, Wizards of the Coast explained that an internal database from a “decommissioned version of the WotC login” was accidentally “made accessible” online. While the incident has reportedly been described as isolated and WotC has no reason to believe “that any malicious use has been made of the data”, information was nevertheless obtained outside the company.
Artificial intelligence at a US health centre can predict a person’s chances of dying from heart test results, including those that look normal to doctors, but how it works remains a mystery. Algorithms developed by researchers at the health care provider Geisinger in Pennsylvania can calculate a patient’s survival rate within a year by analysing echocardiogram (ECG) results, according to an article published by New Scientist earlier this month. The AI examined 1.77 million ECG results from 400,000 patients before concluding whether the patients would survive for the next year.