InfoSec News Nuggets 10/14/2021

New SnapMC group extorts companies after short 30-minute hacks Security researchers have discovered a new threat actor that carries out lightning-fast hacks, typically under 30 minutes, steals a company’s files, and then extorts the victim with threats to leak the data online or to media outlets unless a ransom payment is made within a few days. Discovered by Dutch security firm Fox-IT, the company named the group SnapMC because of its short-lived intrusions and the use of…
Read More

InfoSec News Nuggets 09/30/2021

1Password now allows users to securely generate unique email aliases 1Password launched a new feature that will allow users to create and manage secure, unique email aliases from directly within 1Password. Partnering with Fastmail, an email service that puts people and their privacy first, the “Masked Email” integration adds an extra layer of privacy by giving users the option of hiding their actual email addresses from the apps or services that they use. According to research from Deloitte,…
Read More

InfoSec News Nuggets 04/29/2021

1 - Instagram rolls out new features to help prevent cyberbullying Instagram has unveiled new tools to help combat cyberbullying and other abusive behavior on the platform – a filter that will prevent users from seeing abusive Direct Messages (DMs) and a tool to stop someone a user has blocked from contacting them from another account. “We understand the impact that abusive content – whether it’s racist, sexist, homophobic, or any other kind of abuse – can…
Read More

InfoSec News Nuggets 12/24/2020

FireEye's Mandia on SolarWinds hack: 'This was a sniper round' The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and stealth, according to FireEye CEO Kevin Mandia, whose company discovered the activity. “This was not a drive-by shooting on the information highway. This was a sniper round from somebody a mile away from your house,” Mandia said Sunday morning on CBS’s “Face the Nation.” “This was special…
Read More

InfoSec News Nuggets 7/7/2020

Smartphone Apps Are Now a Weapon in International Disputes IN THE IPHONE age, your smartphone home screen can be a geopolitical battleground. Earlier this month, 20 Indian soldiers died in a skirmish with Chinese troops on the countries’ contested Himalayan border. Monday, India struck a blow in the digital realm of its own citizens’ mobile devices. The country’s Ministry of Information Technology banned 59 mobile apps, all Chinese, for allegedly endangering data security and privacy. They include China’s dominant…
Read More

InfoSec News Nuggets 11/12/2019

1 - BlueKeep Attacks Crash Systems Due to Meltdown Patch The recent attacks exploiting the BlueKeep vulnerability to deliver cryptocurrency miners caused some systems to crash due to a Meltdown patch being deployed on the targeted machines. The BlueKeep vulnerability, officially tracked as CVE-2019-0708, affects Windows Remote Desktop Services (RDS) and it allows an unauthenticated attacker to execute arbitrary code by sending specially crafted Remote Desktop Protocol (RDP) requests. Microsoft released patches, including for unsupported versions of…
Read More