We'd like to hear your opinion.
As a valued subscriber, we'd like to better understand your needs and challenges. Complete our 15 minute survey for a chance to win a $100 gift card and to allow us to learn how we can better serve you.
As a valued subscriber, we'd like to better understand your needs and challenges. Complete our 15 minute survey for a chance to win a $100 gift card and to allow us to learn how we can better serve you.
MUO examines recent AppleID phishing scams and how to recognize them. As Mac operating systems are more difficult to hack than most, cybercriminals often resort to social engineering scams to steal user credentials, and email is of course the most popular method. The email will mimic a communication from Apple referencing a recent (fake) user purchase, but when the user clicks on the link to investigate, they’re taken to a malicious login page where their login credentials are harvested. A similar scheme claims the target’s account has been locked for security reasons and the user must verify their credentials to unlock it, and occasionally the attackers will even call the target using a spoofed phone number (a technique called “vishing”). Indicators of a scam include grammatical errors, a suspicious sender email address, or the inclusion of some sort of deadline to pressure the victim into acting without thinking.
Despite concerns expressed by the Administration of former US President Donald Trump, researchers have determined that social media app TikTok does not pose a significant security risk to the US, the Wall Street Journal reports. Citizen Lab, the University of Toronto’s cybersecurity research group, conducted a comparative analysis of TikTok and Douyin, both owned by Beijing-based ByteDance, and found that they “do not appear to exhibit overtly malicious behavior similar to those exhibited by malware.” In a months-long clash last summer, the Trump Administration attempted to ban TikTok, claiming that the app could be used by the Chinese government to spy on its approximately 100 million US users, and that the app might be censoring content considered politically sensitive. Other countries including Pakistan and India also expressed concerns regarding cybersecurity risks and censorship issues linked to TikTok. While Citizen Lab did discover some restrictions on search terms, their findings on whether the restrictions were politically-based were inconclusive. When addressing Chinese restrictions on Tesla cars at a recent conference, Tesla founder Elon Musk, referencing the TikTok controversy, asked, “Even if there was spying, what would the other country learn and would it actually matter?”
Researchers at McAfee Labs Advanced Threat Research have identified several critical vulnerabilities in remote student monitoring software provider Netop Vision Pro, the Hacker News reports. The software allows teachers to connect remotely with students’ computers to share screens or monitor their activities, especially necessary with the pandemic forcing many schools to rely on virtual learning. Exploitation of the vulnerabilities could allow an attacker to deploy ransomware, install a keylogger, even spy on victims through the machine’s webcam. When notified of the bugs in December, Netop, which serves over 3 million teachers and students, was extremely responsive and patched the issues in a February update, McAfee explains.
Leading gas and oil multinational Shell is the latest organization to announce it was impacted by the recent cyberattack on Accellion’s file sharing service. In December 2020, hackers exploited a zero-day vulnerability in the outdated File Transfer Appliance (FTA), giving them access to the data of many of Accellion’s three hundred FTA customers, Security Week explains. Shell’s official statement declares, “There is no evidence of any impact to Shell’s core IT systems as the file transfer service is isolated from the rest of Shell’s digital infrastructure.” However, Shell confirms signs of unauthorized access to files containing personal, company, and stakeholder information. As Bleeping Computer reports, an investigation helmed by Accellion and Mandiant has linked the attack to the Clop and FIN11 cybercrime groups. Shell joins the ranks of the fewer than twenty-five of the FTA clients who have so far reported “significant data theft,” including supermarket Kroger, law firm Jones Day, and Reserve Bank of New Zealand.
Chris Clements, VP of Solutions Architecture at Cerberus Sentinel, shared some comments with us, placing the Shell incident in the context of attacks on file transfer systems:
"File transfer appliances are often used by organizations to transmit sensitive information so depending on the scope of the compromise the information exposure for Shell could be significant but it is encouraging to hear that the attackers were not able to leverage the Accellion server compromise to further attack the internal network.
"Patching is difficult even for the most well-run IT organizations and many companies struggle to achieve complete coverage across their environments. This is especially true for non-Microsoft Windows based systems, the unfortunate reality is that for many organizations, their patching strategy starts and stops with Windows. Infrastructure equipment and especially network appliances like Accellion often lag significantly in patch adoption. Contributors to this phenomenon are far ranging, from lack of communication from vendors when patches are released, to potentially more complex and manual patching processes, and organizational confusion around who’s responsible for patch application.
"To protect themselves, organizations must adopt a culture of security that ensures that all stages of the software lifecycle process from awareness, to procedures, assignment of responsibility, and follow up testing are in place to make certain that no products are orphaned or fall through the cracks in the patching process."
Demi Ben-Ari, CTO and Co-founder of Panorays sees a lesson in the importance of looking into the supply chain, including the legacy portions of it:
"The digital nature of business today introduces its own risks if precautions aren't taken. Vulnerabilities in vendors' legacy software can serve as an easy gateway to breach data in target companies -- or worse. The Shell data breach illustrates the criticality of securing vendors and ensuring their systems don't compromise your own business. To do that, companies should thoroughly assess their vendors through automated security questionnaires, an external digital footprint assessment and consider the context of their business relationship. At the end of the day, you want to be able to identify and mitigate risk and ensure that third parties align with your organization's security policies and risk appetite."
BlackKingdom ransomware attacking Microsoft Exchange servers via ProxyLogon vulnerabilities (Computing) Patching the bugs will not remove a hacker who has already compromised a server, according to Microsoft
TikTok Doesn’t Pose Overt Threat to U.S. National Security, Researchers Say (Wall Street Journal) A new study by university cybersecurity researchers found that the computer code underlying the TikTok app doesn’t pose an overt national security threat to the U.S., which had been a concern of the Trump administration.
TikTok vs Douyin: A Security and Privacy Analysis (The Citizen Lab) A comparative analysis of security, privacy, and censorship issues in TikTok and Douyin, both developed by ByteDance.
Third-party cyber security incident impacts Shell (Shell) Shell has been impacted by a data security incident involving Accellion’s File Transfer Appliance. Shell uses this appliance to securely transfer large data files.
Shell Says Personal, Corporate Data Stolen in Accellion Security Incident (SecurityWeek) Oil and gas giant Royal Dutch Shell (Shell) is the latest company to have confirmed impact from the December 2020 cyber-attack on Accellion’s File Transfer Appliance (FTA) file sharing service.
Energy giant Shell discloses data breach after Accellion hack (BleepingComputer) Energy giant Shell has disclosed a data breach after attackers compromised the company's secure file-sharing system powered by Accellion's File Transfer Appliance (FTA).
Musk moves to downplay Tesla spying allegations in China (Silicon Republic) Officials in China are reportedly concerned that tech in Tesla cars could be used for espionage with data sent to the US.
Instagram scams and how to avoid them (Naked Security) Don’t get taken for a sucker on social media! Here are our top tips to protect you from Instagram scams…
Popular Netop Remote Learning Software Found Vulnerable to Hacking (The Hacker News) Popular Remote Learning Software From Netop Vision Pro Found Vulnerable to Hacking
Mangadex Has Been Hacked, Users Should Assume Data Has Been Breached (TorrentFreak) MangaDex, a scanlation platform with tens of millions of monthly visitors, is down following a possible malicious data breach.
MangaDex website taken offline following cyber-attack, data breach (The Daily Swig) Owners of manga fan site are rebuilding the codebase following series of security incidents
MangaDex - See you soon! (MangaDex) Due to a recent hacking incident, MangaDex will be down until further notice.
Ransomwared Bank Tells Customers It Lost Their SSNs (Vice) A data breach that already hit bank employees just got much worse
Phishing Scam - Charity (IRONSCALES) IRONSCALES identified and stopped a charity-related phishing scam impacting 200+ customers
Park Hill School District cancels school due to malware attack (FOX 4 Kansas City WDAF-TV) The Park Hill School District has canceled all classes for the day after a malware attack compromised needed computer systems.
U.S. Supreme Court rebuffs Facebook appeal in user tracking lawsuit (Reuters) The U.S. Supreme Court on Monday turned away Facebook Inc's bid to pare back a $15 billion class action lawsuit accusing the company of illegally tracking the activities of internet users even when they are logged out of the social media platform.