InfoSec News Nuggets 03/24/2021

TikTok no worse than Facebook for privacy, says Citizen Lab TikTok is likely no more of a threat to users than Facebook, according to an analysis by academic research group Citizen Lab that analyzed the video-sharing social networking service’s app to probe for security, privacy and censorship issues. The report was published online on March 22 by the University of Toronto Lab, which focuses on civil digital threats and high-level policy engagement. The authors considered both…
Read More

InfoSec News Nuggets 01/27/2021

North Korean hackers are targeting security researchers with malware, 0-days A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight. According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect their computers with a custom backdoor malware. The threat actors create fake Twitter profiles and blogs to…
Read More

InfoSec News Nuggets 01/12/2021

Securing Wi-Fi at Home To create a secure home network, you need to start by securing your Wi-Fi access point (sometimes called a Wi-Fi router). This is the device that controls who and what can connect to your home network. Here are five simple steps to securing your home Wi-Fi to create a far more secure home network for you and your family.   Can Artificial Intelligence Help Us Fight Fake News? Fake news and…
Read More

InfoSec News Nuggets 5/7/2020

DigiCert hit as hackers wriggle through (patched) holes in buggy config tool DigiCert, slinger of SSL/TLS certificates, has warned that it too has suffered at the hands of Salty miscreants as a key used for Signed Certificate Timestamps (SCT) was potentially compromised. The company joins Ghost.org and LineageOS in being the target of ne'er do wells as attackers exploited a disclosed (and patched) vulnerability in the Salt configuration tool over the weekend, spraying exposed infrastructure with cryptocurrency mining software.…
Read More

InfoSec News Nuggets 3/25/2020

Elite hackers target WHO as coronavirus cyberattacks spike Elite hackers tried to break into the World Health Organization earlier this month, sources told Reuters, part of what a senior agency official said was a more than two-fold increase in cyberattacks. WHO Chief Information Security Officer Flavio Aggio said the identity of the hackers was unclear and the effort was unsuccessful. But he warned that hacking attempts against the agency and its partners have soared as…
Read More

InfoSec News Nuggets 2/26/2020

1 - Google denies claims that free school Chromebooks are illegally collecting student data Google has branded claims made in a new lawsuit that free school Chromebooks are harvesting student information in violation of COPPA as "factually wrong." The lawsuit, filed against the tech giant on Thursday by New Mexico Attorney General Hector Balderas, alleges that Google is illegally collecting data belonging to minors. According to the complaint (.PDF), Chromebooks offered to schools in the area for free…
Read More