SmarterASP.NET, an ASP.NET hosting provider with more than 440,000 customers, was hit by ransomware yesterday. The company is the third major web hosting firm this year that went down because hackers breached their network and encrypted data on customer servers. More on the story here: https://www.cybersecurity-insiders.com/ransomware-attack-on-smarterasp-net-impact-440000-customers/
ISBuzz Team
An old malware known as WP-VCD, has been resurrected and is targeting WordPress websites according to security researchers at Wordfence. https://twitter.com/sarthak2002/status/1193757987262869504
Experts comments on the recent ConnectWise’s announcement that hackers have targeted on-premise Automate systems so they can take over servers and then deploy ransomware across a company’s entire computer fleet. More than 100,000 IT professional users are advised to block access to ConnectWise Automate servers. https://twitter.com/ConnectWise/status/1192517602595278849
More than a decade ago leading UK investigative journalist Nick Davies published Flat Earth News, an exposé of how the mass media had abdicated its responsibility to the truth. Newsroom pressure to publish more stories, faster than their competitors had, Davies argued, led to journalists becoming mere “churnalists”, rushing out articles so fast that they could never check on the truth of what they were reporting. Shocking as Davies’ revelations seemed back in 2008, they seem pretty tame by today’s standards. We now live in a post-truth world of Fake News and ‘alternative facts’; where activists don’t just seek to…
Apple has launched yet another privacy offensive which stresses the differences between its business model and that of Google and Facebook. In a series of white papers published on Wednesday the company has set out the technical details behind its privacy features, which are not simply a marketing tactic for Apple but also a direct method of undercutting the business model of its largest tech rivals. Among the most significant challenges to these rivals is the “Sign in with Apple” service, which allows users to conveniently sign-in with the tap of a button rather than by registering and confirming an email address.
A judge has approved a warrant for law enforcement to access the database of DNA profiler GEDmatch, a landmark ruling which may have serious privacy implications. DNA matches could provide the answers to criminal investigations gone cold; however, the question of whether the police should have access to the extremely sensitive DNA information of the masses in the quest for the few has raised a series of ethical and privacy complications. Commenting on the ruling are the following security professionals:
t has been reported that hackers have launched a cyber-attack on the Billabong and Quiksilver websites. Boardriders Inc, the US company which owns Quiksilver and Billabong – both founded in Australia – was targeted by international hackers two weeks ago. Customers are still reporting problems while using the company’s websites. The Californian-based company’s international operations, IT systems, communications, sales and distribution were all affected by the hack.
Ssecurity researchers revealed that several Cisco routers aimed at small businesses have the same embedded encryption keys. This can make it much easier for hackers to gain privileged access to the device. You can find more details on the story here. https://twitter.com/cybersec2030/status/1192484480596008961
Security researchers have found a vulnerability in Amazon Ring Doorbells that exposed the passwords for the Wi-Fi networks to which they were connected. Bitdefender said the Amazon-owned doorbell was sending owners’ Wi-Fi passwords in cleartext as the doorbell joins the local network, allowing nearby hackers to intercept the Wi-Fi password and gain access to the network to launch larger attacks or conduct surveillance. It’s another example of smart home technology suffering from security issues. As much as smart home devices are designed to make our lives easier and homes more secure, researchers keep finding vulnerabilities that allow them to get access to…
The Securities Industry and Financial Markets Association has held its fifth exercise, in a series, simulating a catastrophic cybersecurity event in the banking sector, known as “Quantum Dawn.” The annual exercise provides valuable insight into what the financial services industry views as the most contemporary doomsday scenario and how major players are preparing for it. This year, in its first-ever global event, the industry focused on a fictional, widespread ransomware attack that takes out large financial institutions in Asia, the U.S. and U.K. More on the story here: https://www.cnbc.com/2019/11/07/quantum-dawn-v-sifma-cyber-doomsday-exercise-adds-global-scope.html