The Czech BIS counterintelligence service yesterday attributed last year's cyberattacks on the Foreign Ministry to Russia's GRU (a.k.a. Fancy Bear) (Reuters).
Quora, the widely used question-and-answer site, has been breached. The attackers made away with passwords, names, email addresses, and direct messages belonging to some 100 million users. Quora discovered the breach Friday; causes remain under investigation (Ars Technica).
Marriott is not drawing good reviews for its response to the breach it disclosed last week. The hospitality chain is, for example, using the domain "email-marriott.com" to send notifications to the half-billion or so affected customers. But that domain is easily spoofed by typosquatters, and several security firms, working gratis, have preemptively registered several of the more plausible typosquatting domains (TechCrunch). Observers see a string of breaches going back to 2015, mostly involving Starwood (PYMNTS) with many missed opportunities to prevent the recent problem. A lesson being drawn is that corporate mergers and acquisitions represent a cyber danger point (Enterprise Times).
Google researchers found a privilege escalation flaw in Kubernetes. It's now patched; users should upgrade (Infosecurity Magazine).
Two scam apps, “Fitness Balance app” and “Calories Tracker app,” have been booted from Apple's App Store. The apps displayed a message telling people to keep their finger on the iOS touch ID feature, meanwhile flashing a quick payment window (likely to be unnoticed) in which the victim's fingerprint authorized payments of roughly $100 (Ars Technica).