InfoSec News Nuggets 06/20/2022

2,000 arrests in crackdown on social engineering and business email scams The international police organization Interpol has arrested 2,000 people in a crackdown on social-engineering rackets and intercepted $50 million in illicit funds. Interpol announced it had conducted raids at 1,700 locations over two months, seizing $50 million in fraudulently gained proceeds and arresting 2,000 people, which it described as "operators, fraudsters and money launderers" as part of its crackdown on social engineering and business email compromise (BEC)…
Read More

InfoSec News Nuggets 10/26/2021

‘Conditioning an entire society’: the rise of biometric data technology In a school canteen in Gateshead, cameras scan the faces of children, taking payment automatically after identifying them with facial recognition. More than 200 miles away in North London, staff at a care home recently took part in a trial that used facial data to verify their Covid-19 vaccine status. And in convenience stores around the country, staff are alerted to potential shoplifters by a smart…
Read More

InfoSec News Nuggets 08/11/2021

WhatsApp CEO calls out Apple over Child Safety tools announcement Ever since Apple introduced the new protection tools for child safety this week, it instantly divided opinions. While some think this is a huge deal to protect children, others believe it will just create a backdoor for governments to access people’s iPhones. Now, WhatsApp CEO Will Cathcart is the latest to join those who think the new Child Safety tools from Apple could be bad. It’s not…
Read More

InfoSec News Nuggets 06/02/2021

1 - Hackers are targeting employees returning to the post-COVID office With COVID-19 restrictions lifting and employees starting to make their way back into offices, hackers are being forced to change tack. While remote workers have been scammers’ main target for the past 18 months due to the mass shift to home working necessitated by the pandemic, a new phishing campaign is attempting to exploit those who have started to return to the physical workplace.…
Read More

InfoSec News Nuggets 05/20/2021

1 - Introducing Site Isolation in Firefox When two major vulnerabilities known as Meltdown and Spectre were disclosed by security researchers in early 2018, Firefox promptly added security mitigations to keep you safe. Going forward, however, it was clear that with the evolving techniques of malicious actors on the web, we needed to redesign Firefox to mitigate future variations of such vulnerabilities and to keep you safe when browsing the web! We are excited to announce that Firefox’s new Site Isolation…
Read More

InfoSec News Nuggets 03/24/2021

TikTok no worse than Facebook for privacy, says Citizen Lab TikTok is likely no more of a threat to users than Facebook, according to an analysis by academic research group Citizen Lab that analyzed the video-sharing social networking service’s app to probe for security, privacy and censorship issues. The report was published online on March 22 by the University of Toronto Lab, which focuses on civil digital threats and high-level policy engagement. The authors considered both…
Read More

InfoSec News Nuggets 01/27/2021

North Korean hackers are targeting security researchers with malware, 0-days A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight. According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect their computers with a custom backdoor malware. The threat actors create fake Twitter profiles and blogs to…
Read More

InfoSec News Nuggets 01/12/2021

Securing Wi-Fi at Home To create a secure home network, you need to start by securing your Wi-Fi access point (sometimes called a Wi-Fi router). This is the device that controls who and what can connect to your home network. Here are five simple steps to securing your home Wi-Fi to create a far more secure home network for you and your family.   Can Artificial Intelligence Help Us Fight Fake News? Fake news and…
Read More

InfoSec News Nuggets 5/7/2020

DigiCert hit as hackers wriggle through (patched) holes in buggy config tool DigiCert, slinger of SSL/TLS certificates, has warned that it too has suffered at the hands of Salty miscreants as a key used for Signed Certificate Timestamps (SCT) was potentially compromised. The company joins Ghost.org and LineageOS in being the target of ne'er do wells as attackers exploited a disclosed (and patched) vulnerability in the Salt configuration tool over the weekend, spraying exposed infrastructure with cryptocurrency mining software.…
Read More

InfoSec News Nuggets 3/25/2020

Elite hackers target WHO as coronavirus cyberattacks spike Elite hackers tried to break into the World Health Organization earlier this month, sources told Reuters, part of what a senior agency official said was a more than two-fold increase in cyberattacks. WHO Chief Information Security Officer Flavio Aggio said the identity of the hackers was unclear and the effort was unsuccessful. But he warned that hacking attempts against the agency and its partners have soared as…
Read More

InfoSec News Nuggets 2/26/2020

1 - Google denies claims that free school Chromebooks are illegally collecting student data Google has branded claims made in a new lawsuit that free school Chromebooks are harvesting student information in violation of COPPA as "factually wrong." The lawsuit, filed against the tech giant on Thursday by New Mexico Attorney General Hector Balderas, alleges that Google is illegally collecting data belonging to minors. According to the complaint (.PDF), Chromebooks offered to schools in the area for free…
Read More