InfoSec News Nuggets 12/04/2020

IBM warns hackers targeting COVID vaccine 'cold chain' supply process IBM is sounding the alarm over hackers targeting companies critical to the distribution of COVID-19 vaccines, a sign that digital spies are turning their attention to the complex logistical work involved in inoculating the world’s population against the novel coronavirus. The information technology company said in a blog post published on Thursday that it had uncovered “a global phishing campaign” focused on organizations associated with…
Read More

InfoSec News Nuggets 09/24/2020

A tip from a kid helps detect iOS and Android scam apps’ 2.4 million downloads Researchers said that a tip from a child led them to discover aggressive adware and exorbitant prices lurking in iOS and Android smartphone apps with a combined 2.4 million downloads from the App Store and Google Play. Posing as apps for entertainment, wallpaper images, or music downloads, some of the titles served intrusive ads even when an app wasn’t active.…
Read More

InfoSec News Nuggets 08/07/2020

Cluster of 295 Chrome extensions caught hijacking Google and Bing search results More than 80 million Chrome users have installed one of 295 Chrome extensions that hijack and insert ads inside Google and Bing search results. The malicious extensions were discovered by AdGuard, a company that provides ad-blocking solutions, while the company's staff was looking into a series of fake ad-blocking extensions that were available on the official Chrome Web Store. A subsequent investigation into…
Read More

InfoSec News Nuggets 08/06/2020

New feature lets you easily fact-check WhatsApp messages After addressing those who just mindlessly forward messages to all their contacts, the company is now targeting those who want to be responsible and fact-check WhatsApp messages before forwarding them. We’re piloting a simple way to double check these messages by tapping a magnifying glass button in the chat. Providing a simple way to search messages that have been forwarded many times may help people find news results or…
Read More

InfoSec News Nuggets 6/3/2020

Trump's social media executive order faces lawsuit The nonprofit Center for Democracy and Technology is taking aim at US President Donald Trump's social media executive order. The CDT filed a lawsuit against the president on Tuesday, alleging that the order violates the First Amendment and the right to free speech. "The order is plainly retaliatory: it attacks a private company, Twitter, for exercising its First Amendment right to comment on the President's statements," the lawsuit says. "More fundamentally, the…
Read More

InfoSec News Nuggets 3/26/2020

You Can FaceTime Your Doctor Now Last week, the Centers for Medicare and Medicaid Services (CMS) and the Department of Health and Human Services (HHS) announced two measures to expand telehealth access for patients across the country. As of March 6, 2020, providers can offer telehealth visits to all of their Medicare and Medicaid patients, regardless of location, and still get reimbursed for the costs. (Previously, only patients in certain rural areas were eligible.) And, until…
Read More

InfoSec News Nuggets 1/30/2020

1 - Hackers stole $13,103.91 from me. Learn from my mistakes. It began with dumplings. When I got an email at midnight last March from Grubhub notifying me that my order from Dumpling Depot was on its way to an address 3,000 miles away from my location in New York City, I thought there must have been some mistake. And there was: mine. Because I didn’t take a few basic internet security precautions, hackers robbed…
Read More

InfoSec News Nuggets 12/27/2019

1 - Chinese malware broker behind US hacks is now teaching computer skills in China A Chinese malware broker who was sentenced in the United States this year for dealing in malicious software linked to major hacks is back at his old workplace: teaching high-school computer courses, including one on Internet security. Mr Yu Pingan, who spent 18 months in a San Diego federal detention centre, had pleaded guilty to conspiracy to commit computer hacking.…
Read More

InfoSec News Nuggets 11/14/2019

1 - Iowa paid a security firm to break into a courthouse, then arrested employees when they succeeded The state of Iowa contracted with a prominent cybersecurity company to conduct “penetration tests” of certain municipal buildings in September, particularly courthouses.  In September, two employees of the company were arrested in the course of doing their jobs. The charges still have not been dropped. The incident has sparked concern across the cybersecurity industry, including worries that…
Read More

InfoSec News Nuggets 9/24/2019

Android VPN apps found serving disruptive ads A security researcher has discovered four VPN apps that serve ads while running in the background and also on the home screen of Android smartphones in the latest case of adware found on the Google Play Store. While researching suspicious Android VPN apps, Andy Michael found that Hotspot VPN, Free VPN Master, Secure VPN and Security Master by Cheetah Mobile were all showing full screen pop-up ads on his smartphone even though none of…
Read More