Microsoft has released an emergency out-of-band security update today to fix two critical security issues — a zero-day vulnerability in the Internet Explorer scripting engine that has been exploited in the wild, and a Microsoft Defender bug. https://twitter.com/_kolbicz/status/1176241449211432960
ISBuzz Team
This Wednesday, September 25, marks 100 days from the mandatory compliance date of January 1, 2019 for the new California Consumer Privacy Act (CCPA.) The CCPA mandates a stringent new degree of consumer privacy and protection. It defines and protects personally identifiable information (PII) on a much broader scale, including biometrics, internet search and browse data, and employment information. Ultimately, compliance with the CCPA will help businesses build better consumer trust, enhance their reputation, and strengthen their brands.
It has been reported that a mysterious state-sponsored hacking group has targeted at least 17 US utility firms with phishing emails for a five-month period between April 5 and August 29. The purpose of these attacks was to infect employees at US utility firms with LookBack, a remote access trojan with an extensive set of features. While no formal attribution has been made, the attacks are believed to be the work of Chinese hackers, and more precisely, the work of a group tracked as APT10, based on some pieces of reused code. Full Story Here: https://www.zdnet.com/article/17-us-utility-firms-targeted-by-mysterious-state-sponsored-group/
52GB of digital “crap” on average accumulates on consumer PCs every year Piriform Software Ltd., a global leader in system optimization software, has found that up to 52GB of ‘digital crap’ builds up on consumer PCs each year. Not only does this waste valuable storage space equivalent of 17 hours’ worth of HD movie content or over 30,000 photos, it can also affect PC performance as it can slow down boot times and make apps less responsive on older systems which have less available memory. Getting rid of the junk In a survey with 5,000 CCleaner users, most were likely…
It has been reported that an anonymous bug hunter has publicly disclosed a zero-day flaw in the version 5 of the popular vBulletin forum software than can be exploited over the internet to hijack servers. No patch is known to be available.The zero-day allows an attacker to execute shell commands on the server running a vBulletin installation. The attacker doesn’t need to have an account on the targeted forum. https://twitter.com/notdan/status/1176551984037543936
It has been reported by Proofpoint that 17 US utility firms have been hit by phishing attacks to install LookBack malware. While no formal attribution has been made, it is suspected that the state-sponsored group APT10 may be behind the attacks.
It has been reported that a Dubai-based exhibitions firm has lost $53,000 (Dh194,700) in an elaborate phishing attack. Binu Manaf, CEO and managing director of Cheers Exhibition, said a cybercriminal hacked his firm’s email and then used a spoofed email to trick its client to wire the funds into an overseas bank.The CEO said he didn’t realise the company’s email account had been hacked until one of his clients enquired if he had sent out emails seeking payments into an overseas account instead of a local bank in Dubai.
It has been reported that a coordinated phishing campaign hit a yet unknown number of prominent YouTube influencers specialising in gaming, car industry, tech, and other topics. YouTube account hacks were possible due to phishing campaigns – the attackers sent out phishing emails to the influencers’ accounts which led them to spoofed sites, asking for their Google login credentials, which were then used to hijack YouTube accounts.
The Financial Times reports that Google briefly published a paper on the NASA website titled “Quantum supremacy using a programmable superconducting processor” – which was then taken down (which retrieved a copy before it was taken down). Google’s quantum computer was said to have solved in 3 minutes and 20 seconds a calculation that would take the world’s fastest supercomputer approx. 10,000 years. “To our knowledge this experiment marks the first computation that can only be performed on a quantum processor,” the paper said https://twitter.com/stephenfoley/status/1175108352755609600
It has been reported that Microsoft has released an emergency out-of-band security update today to fix two critical security issues — a zero-day vulnerability in the Internet Explorer scripting engine that has been exploited in the wild, and a Microsoft Defender bug.